TLS + disabling the execution of CGI didn't work under OpenBSD. - geomyidae - A small C-based gopherd. (gopher://bitreich.org/1/scm/geomyidae)

commit e35d04d03d5c4c8ddc88e73c5c3f092e3d309a40
parent 72253bb02d112a5287ce7b72af7e599da5436236
Author: Julian Schweinsberg <pazz0@0xfa.de>
Date:   Mon, 21 Aug 2023 08:51:36 +0000

TLS + disabling the execution of CGI didn't work under OpenBSD.

For fork() the pledge "proc" is needed, this wasn't pledge if nocgi was
set.

Signed-off-by: Christoph Lohmann <20h@r-36.net>

Diffstat:
M main.c  | 7 ++++---

1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/main.c b/main.c
@@ -963,9 +963,10 @@ main(int argc, char *argv[])
 
 #ifdef __OpenBSD__
 			snprintf(promises, sizeof(promises),
-			         "rpath inet stdio %s %s",
-			         nocgi     ? ""    : "proc exec",
-			         revlookup ? "dns" : "");
+			         "rpath inet stdio %s %s %s",
+			         !nocgi || dotls ? "proc" : "",
+			         nocgi           ? ""     : "exec",
+			         revlookup       ? "dns"  : "");
 			if (pledge(promises, NULL) == -1) {
 				perror("pledge");
 				exit(1);

	geomyidae A small C-based gopherd. (gopher://bitreich.org/1/scm/geomyidae)
	git clone git://r-36.net/geomyidae
	Log \| Files \| Refs \| README \| LICENSE