Hi, Gleydson Soares <[email protected]> writes: > > Hi, > > Ray Lai <[email protected]> writes: > > > > On Sun, 5 Jun 2016 21:41:54 +0800 > > Ray Lai <[email protected]> wrote: > > > > > On Sun, 5 Jun 2016 14:10:25 +0200 > > > Sebastien Marie <[email protected]> wrote: > > > > - does the patch maintained locally or by upstream ? if it is only > > > > locally, I would kept it as simple as possible. > > > > > > > > with only one pledge call, it is really simple to understand what is > > > > pledged and what it isn't. so it is more simple to maintain later > > > > (because code changes on the time). > > > > > > Okay, you've convinced me. > > > > > > > > +# uses pledge() > > > > > > > > it is a bit a minimal comment... :-) > > > > > > > > some additionnal elements for helping maintainer later: > > > > > > > > uses pledge(): > > > > - inet dns: just for tcpopen() call. once done, no need anymore > > > > network stuff. > > > > > > > > - rpath wpath cpath dpath: ii(1) will create directory structure and > > > > fifos on demand (when joining a new channel for example). > > > > > > Thanks! I just copied from other pledge'd ports, but from the few > > > examples I found, they just had one line. (I'm copy-and-paste slacker.) > > > > Missing rpath, sorry: > > This breaks ucspi flavor. Here is a new one that works. > > ii-ucspi/pledge(2): > ucspi take care of ii network capabilities, so ii doesn't > need more "inet dns" itself, then I've pledged. > > I've tested both and works just fine. > > btw I'll work to add pledge(2) support upstream.
- add '# uses pledge()' marker in Makefile (missing in previus) - wrap pledge(2) in #ifdef __OpenBSD__ Index: Makefile =================================================================== RCS file: /cvs/ports/net/ii/Makefile,v retrieving revision 1.13 diff -u -p -r1.13 Makefile --- Makefile 21 May 2016 05:31:38 -0000 1.13 +++ Makefile 6 Jun 2016 03:45:03 -0000 @@ -3,7 +3,7 @@ COMMENT= minimalist IRC client DISTNAME= ii-1.7 -REVISION= 2 +REVISION= 3 CATEGORIES= net HOMEPAGE= http://tools.suckless.org/ii @@ -15,6 +15,7 @@ MAINTAINER= Gleydson Soares <gsoares@op # MIT/X PERMIT_PACKAGE_CDROM= Yes +# uses pledge() WANTLIB= c NO_TEST= Yes Index: patches/sslpatch-ii_c =================================================================== RCS file: patches/sslpatch-ii_c diff -N patches/sslpatch-ii_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/sslpatch-ii_c 6 Jun 2016 03:45:03 -0000 @@ -0,0 +1,47 @@ +$OpenBSD$ + +http://git.suckless.org/ii/commit/?id=f79e2f09534d92a6fe4e062b06449a925fef1c41 + +uses pledge(): + - stdio rpath wpath cpath dpath: ii(1) will create directory + structure and fifos on demand (when joining a new channel for + example). + +--- ii.c.orig Mon Jun 6 00:39:32 2016 ++++ ii.c Mon Jun 6 00:40:00 2016 +@@ -438,7 +438,7 @@ static void handle_server_output() { + } + + static void run() { +- Channel *c; ++ Channel *c, *n; + int r, maxfd; + fd_set rd; + struct timeval tv; +@@ -475,9 +475,11 @@ static void run() { + handle_server_output(); + last_response = time(NULL); + } +- for(c = channels; c; c = c->next) ++ for(c = channels; c; c = n) { ++ n = c->next; + if(FD_ISSET(c->fd, &rd)) + handle_channels_input(c); ++ } + } + } + +@@ -511,6 +513,13 @@ int main(int argc, char *argv[]) { + if(use_ssl) + port = port == SERVER_PORT ? SSL_SERVER_PORT : port; + irc = tcpopen(port); ++ ++#ifdef __OpenBSD__ ++ if (pledge("stdio rpath wpath cpath dpath", NULL) == -1) ++ fputs("ii: pledge\n", stderr); ++ exit(EXIT_FAILURE); ++#endif ++ + if(!snprintf(path, sizeof(path), "%s/%s", prefix, host)) { + fputs("ii: path to irc directory too long\n", stderr); + exit(EXIT_FAILURE); Index: patches/ucspipatch-ii_c =================================================================== RCS file: patches/ucspipatch-ii_c diff -N patches/ucspipatch-ii_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/ucspipatch-ii_c 6 Jun 2016 03:45:03 -0000 @@ -0,0 +1,47 @@ +$OpenBSD$ + +http://git.suckless.org/ii/commit/?id=f79e2f09534d92a6fe4e062b06449a925fef1c41 + +uses pledge(): + - stdio rpath wpath cpath dpath: ii(1) will create directory + structure and fifos on demand (when joining a new channel for + example). + +--- ii.c.orig Mon Jun 6 00:40:54 2016 ++++ ii.c Mon Jun 6 00:41:14 2016 +@@ -386,7 +386,7 @@ static void handle_server_output() { + } + + static void run() { +- Channel *c; ++ Channel *c, *n; + int r, maxfd; + fd_set rd; + struct timeval tv; +@@ -423,9 +423,11 @@ static void run() { + handle_server_output(); + last_response = time(NULL); + } +- for(c = channels; c; c = c->next) ++ for(c = channels; c; c = n) { ++ n = c->next; + if(FD_ISSET(c->fd, &rd)) + handle_channels_input(c); ++ } + } + } + +@@ -455,6 +457,13 @@ int main(int argc, char *argv[]) { + default: usage(); break; + } + } ++ ++#ifdef __OpenBSD__ ++ if (pledge("stdio rpath wpath cpath dpath", NULL) == -1) ++ fputs("ii: pledge\n", stderr); ++ exit(EXIT_FAILURE); ++#endif ++ + if(!snprintf(path, sizeof(path), "%s/%s", prefix, host)) { + fputs("ii: path to irc directory too long\n", stderr); + exit(EXIT_FAILURE);
