diff options
| author | June McEnroe <june@causal.agency> | 2021-09-02 18:22:23 -0400 |
|---|---|---|
| committer | June McEnroe <june@causal.agency> | 2021-09-02 18:22:23 -0400 |
| commit | 144c75363738965c70335217b6b6722a4a6c0b16 (patch) | |
| tree | 9c4af4ebb06736b55ab1893115c8056d376fb5b8 | |
| parent | OpenBSD: pledge(2) the hashPass code path (diff) | |
| download | pounce-144c75363738965c70335217b6b6722a4a6c0b16.tar.gz pounce-144c75363738965c70335217b6b6722a4a6c0b16.zip | |
OpenBSD: pledge(2) the genCert code path
| -rw-r--r-- | bounce.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/bounce.c b/bounce.c index d8e9b87..c6bd7b1 100644 --- a/bounce.c +++ b/bounce.c @@ -624,8 +624,14 @@ static void genCert(const char *path, const char *ca) { int out = open(path, O_WRONLY | O_APPEND | O_CREAT, 0600); if (out < 0) err(EX_CANTCREAT, "%s", path); + int error; +#ifdef __OpenBSD__ + error = pledge("stdio proc exec", NULL); + if (error) err(EX_OSERR, "pledge"); +#endif + int rw[2]; - int error = pipe(rw); + error = pipe(rw); if (error) err(EX_OSERR, "pipe"); pid_t pid = fork(); |