From 227054387ce7abc295a693a7375b398db02ba222 Mon Sep 17 00:00:00 2001 From: Curtis McEnroe Date: Sun, 27 Oct 2019 20:33:27 -0400 Subject: Use capsicum --- bounce.c | 22 ++++++++++++++++++++++ server.c | 3 +++ 2 files changed, 25 insertions(+) diff --git a/bounce.c b/bounce.c index 49bc0f9..bb4f902 100644 --- a/bounce.c +++ b/bounce.c @@ -34,6 +34,10 @@ #include #include +#ifdef __FreeBSD__ +#include +#endif + #ifndef SIGINFO #define SIGINFO SIGUSR2 #endif @@ -195,6 +199,24 @@ int main(int argc, char *argv[]) { size_t binds = listenBind(bind, 8, bindHost, bindPort); int server = serverConnect(insecure, host, port); + +#ifdef __FreeBSD__ + int error = cap_enter(); + if (error) err(EX_OSERR, "cap_enter"); + + cap_rights_t sockRights, bindRights; + cap_rights_init(&sockRights, CAP_EVENT, CAP_RECV, CAP_SEND, CAP_SETSOCKOPT); + cap_rights_init(&bindRights, CAP_LISTEN, CAP_ACCEPT); + cap_rights_merge(&bindRights, &sockRights); + + for (size_t i = 0; i < binds; ++i) { + error = cap_rights_limit(bind[i], &bindRights); + if (error) err(EX_OSERR, "cap_rights_limit"); + } + error = cap_rights_limit(server, &sockRights); + if (error) err(EX_OSERR, "cap_rights_limit"); +#endif + stateLogin(pass, auth, nick, user, real); if (pass) explicit_bzero(pass, strlen(pass)); if (auth) explicit_bzero(auth, strlen(auth)); diff --git a/server.c b/server.c index e1fc328..e23dc9a 100644 --- a/server.c +++ b/server.c @@ -80,6 +80,9 @@ int serverConnect(bool insecure, const char *host, const char *port) { error = tls_connect_socket(client, sock, host); if (error) errx(EX_PROTOCOL, "tls_connect: %s", tls_error(client)); + error = tls_handshake(client); + if (error) errx(EX_PROTOCOL, "tls_handshake: %s", tls_error(client)); + return sock; } -- cgit 1.4.1 id' value='191b066c17ac242f42da7fec3241de36ce974229'/>
path: root/www/git.causal.agency/cgit/filters/syntax-highlighting.sh (unfollow)
Commit message (Expand)Author
2021-02-09Show minutes left instead of battery percentageJune McEnroe
2021-02-09Set antialiasing and unhinting globallyJune McEnroe
2021-02-09Open youtube and twitch with mpvJune McEnroe
2021-02-09Add volume control bindings to cwmJune McEnroe
2021-02-09Use w3m to open other URLsJune McEnroe
2021-02-09Disable mouse mode in xtermJune McEnroe
2021-02-09Add pbcopy, pbpaste, open dispatch scriptsJune McEnroe
2021-02-09Use flags for pbd client behaviourJune McEnroe
2021-02-08Add macOS-like copy and paste to xtermJune McEnroe
2021-02-08Only update clock script every minuteJune McEnroe
2021-02-08Use 4M- for window resizing in cwmJune McEnroe
2021-02-08Tweak trackpad scaling, mouse accelerationJune McEnroe
2021-02-08Use xsel in up and add it do install.shJune McEnroe
2021-02-07Swap root window coloursJune McEnroe
2021-02-07Add -X flag to install X stuff on OpenBSDJune McEnroe
2021-02-07Adjust brightness by smaller incrementsJune McEnroe
2021-02-07Fix cwm window cycling, move big by defaultJune McEnroe
2021-02-07Use class names for Foreground, Background, BorderColorJune McEnroe
2021-02-07Add simple battery status and clock to xsessionJune McEnroe
2021-02-07Set cursor theme and sizeJune McEnroe
2021-02-07Use scrot for up -s if no screencaptureJune McEnroe
2021-02-07Enable mouse acceleration in XJune McEnroe
2021-02-07Set colours for Xt and cwmJune McEnroe
2021-02-07Set urgency on bell in xtermJune McEnroe
2021-02-07Add bindings for brightness controlJune McEnroe
2021-02-07Set X key repeat rateJune McEnroe
2021-02-07Bump font size to 12June McEnroe
2021-02-07Fully configure and rebind cwmJune McEnroe
2021-02-07Add BintiJune McEnroe
2021-02-07Finish configuring xtermJune McEnroe
2021-02-06Enable tapping, reverse scroll, set scaling in wsconsctlJune McEnroe
2021-02-06Set root window to black on purple snowJune McEnroe
2021-02-06Add xmodmap configurationJune McEnroe
2021-02-06Add initial OpenBSD X configurationJune McEnroe
2021-02-06Add xterm output to schemeJune McEnroe