Re: Mutt barfs on sendfd when verifying S/MIME (pledge)

Wed, 27 Jan 2016 00:00:42 -0800 

On Wed, Jan 27, 2016 at 08:22:34AM +0100, Andreas Kusalananda Kähäri wrote:
> Hi,
> 
> Saw a few of the following on my console:
> 
>     sendmsg not allowed
>     mutt(11070): syscall 28 "sendfd"
> 

Thank you.  Fittingly, gpgme also has a corresponding recvmsg...

We're slowly approaching pledge "everything" here :(

The following patch seems to do the trick, but it really looks like mutt
is barking "I don't want to be pledged!".

Index: Makefile
===================================================================
RCS file: /var/cvs/ports/mail/mutt/Makefile,v
retrieving revision 1.72
diff -u -p -r1.72 Makefile
--- Makefile    17 Jan 2016 14:13:41 -0000      1.72
+++ Makefile    27 Jan 2016 07:48:47 -0000
@@ -3,7 +3,7 @@
 COMMENT=       tty-based e-mail client
 
 DISTNAME=      mutt-1.5.24
-REVISION=      4
+REVISION=      5
 EPOCH=         0
 
 CATEGORIES=    mail
Index: patches/patch-main_c
===================================================================
RCS file: /var/cvs/ports/mail/mutt/patches/patch-main_c,v
retrieving revision 1.1
diff -u -p -r1.1 patch-main_c
--- patches/patch-main_c        17 Jan 2016 14:13:41 -0000      1.1
+++ patches/patch-main_c        27 Jan 2016 07:50:26 -0000
@@ -1,7 +1,7 @@
-$OpenBSD: patch-main_c,v 1.1 2016/01/17 14:13:41 sthen Exp $
+$OpenBSD$
 --- main.c.orig        Sun Aug 30 19:06:38 2015
-+++ main.c     Sun Jan 17 07:54:28 2016
-@@ -734,6 +734,22 @@ int main (int argc, char **argv)
++++ main.c     Wed Jan 27 08:44:36 2016
+@@ -734,6 +734,30 @@ int main (int argc, char **argv)
        }
    }
  
@@ -15,11 +15,19 @@ $OpenBSD: patch-main_c,v 1.1 2016/01/17 
 +  }
 +#endif
 +
-+  if (pledge("stdio rpath wpath cpath flock fattr getpw tty inet dns "
++#ifdef CRYPT_BACKEND_GPGME
++  if (pledge("stdio rpath wpath cpath flock fattr getpw tty inet dns "
++          "proc exec sendfd recvfd", NULL) == -1) {
++    fprintf(stderr, "%s: pledge: %s\n", argv[0], strerror(errno));
++    exit(1);
++  }
++#else
++  if (pledge("stdio rpath wpath cpath flock fattr getpw tty inet dns "
 +          "proc exec", NULL) == -1) {
 +    fprintf(stderr, "%s: pledge: %s\n", argv[0], strerror(errno));
 +    exit(1);
 +  }
++#endif /* CRYPT_BACKEND_GPGME */
 +
    /* collapse remaining argv */
    while (optind < argc)

Reply via email to