summary refs log tree commit diff
diff options
context:
space:
mode:
authorJune McEnroe <june@causal.agency>2019-04-27 22:50:20 -0400
committerJune McEnroe <june@causal.agency>2019-04-27 22:50:20 -0400
commitb0cb99c6f3c18999f6140b59732fdeedbf83dea3 (patch)
tree8a2b5c42e602885515b51fe1e22675f036bc82ae
parentAdd missing include (diff)
downloadsrc-b0cb99c6f3c18999f6140b59732fdeedbf83dea3.tar.gz
src-b0cb99c6f3c18999f6140b59732fdeedbf83dea3.zip
Use capsicum in irc/relay
Diffstat
-rw-r--r--bin/irc/relay.c26


1 files changed, 26 insertions, 0 deletions
diff --git a/bin/irc/relay.c b/bin/irc/relay.c
index 5cdc8865..caf9062f 100644
--- a/bin/irc/relay.c
+++ b/bin/irc/relay.c
@@ -27,6 +27,10 @@
 #include <tls.h>
 #include <unistd.h>
 
+#ifdef __FreeBSD__
+#include <sys/capsicum.h>
+#endif
+
 static void clientWrite(struct tls *client, const char *ptr, size_t len) {
 	while (len) {
 		ssize_t ret = tls_write(client, ptr, len);
@@ -135,6 +139,28 @@ int main(int argc, char *argv[]) {
 	error = tls_connect_socket(client, sock, host);
 	if (error) errx(EX_PROTOCOL, "tls_connect: %s", tls_error(client));
 
+#ifdef __FreeBSD__
+	cap_rights_t rights;
+
+	error = cap_enter();
+	if (error) err(EX_OSERR, "cap_enter");
+
+	cap_rights_init(&rights, CAP_READ, CAP_EVENT);
+	error = cap_rights_limit(STDIN_FILENO, &rights);
+	if (error) err(EX_OSERR, "cap_rights_limit");
+
+	cap_rights_init(&rights, CAP_WRITE);
+	error = cap_rights_limit(STDOUT_FILENO, &rights);
+	if (error) err(EX_OSERR, "cap_rights_limit");
+
+	error = cap_rights_limit(STDERR_FILENO, &rights);
+	if (error) err(EX_OSERR, "cap_rights_limit");
+
+	cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_EVENT);
+	error = cap_rights_limit(sock, &rights);
+	if (error) err(EX_OSERR, "cap_rights_limit");
+#endif
+
 	clientFormat(client, "NICK :%s\r\nUSER %s 0 * :%s\r\n", nick, nick, nick);
 
 	char *input = NULL;

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2026-04-26 12:38:07 +0000


 


er'>2019-02-22Show status window while connectingJune McEnroe


2019-02-22Reorganize UI code for the umpteenth timeJune McEnroe

It's actually in a good state now, I think.



2019-02-21Replace "view" with "window"June McEnroe

I think originally I didn't want to use the same word as curses WINDOW
but it's really much clearer for the user if they're just called
windows. UI code probably needs yet another rewrite though. Still feels
messy.



2019-02-21Remove ROT13June McEnroe

It's just not convenient when it can only do the whole line...



2019-02-21Clean up man pageJune McEnroe


2019-01-26Draw UI before connectingJune McEnroe

Otherwise the "Traveling" message isn't visible while connecting.



2019-01-25Avoid unused variable warnings with getyxJune McEnroe


2019-01-25Add GNU/Linux build instructionsJune McEnroe