On Fri, May 18 2018, Klemens Nanni <k...@openbsd.org> wrote:
> If neither `Pass' nor `PassCmd' is specified in the configuration,
> mbsync(1) prompts for the IMAP password.
>
> This diff adds the missing "tty" promise in such cases.
>
> OK?
>
> PS: Noone complaint so far.
I understand that getting rid of "proc exec" is appealing, but could you
just add "tty" here?
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/mail/isync/Makefile,v
> retrieving revision 1.35
> diff -u -p -r1.35 Makefile
> --- Makefile 12 May 2018 14:37:36 -0000 1.35
> +++ Makefile 18 May 2018 20:41:45 -0000
> @@ -3,7 +3,7 @@
> COMMENT= synchronize IMAP4 and maildir mailboxes
>
> DISTNAME= isync-1.3.0
> -REVISION= 1
> +REVISION= 2
>
> CATEGORIES= mail
> MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=isync/}
> Index: patches/patch-src_drv_imap_c
> ===================================================================
> RCS file: /cvs/ports/mail/isync/patches/patch-src_drv_imap_c,v
> retrieving revision 1.1
> diff -u -p -r1.1 patch-src_drv_imap_c
> --- patches/patch-src_drv_imap_c 8 May 2018 22:07:42 -0000 1.1
> +++ patches/patch-src_drv_imap_c 18 May 2018 19:20:51 -0000
> @@ -3,21 +3,24 @@ $OpenBSD: patch-src_drv_imap_c,v 1.1 201
> Index: src/drv_imap.c
> --- src/drv_imap.c.orig
> +++ src/drv_imap.c
> -@@ -41,6 +41,8 @@
> +@@ -41,6 +41,9 @@
> # include <sasl/saslutil.h>
> #endif
>
> +extern int needs_proc_exec;
> ++extern int needs_tty;
> +
> #ifdef HAVE_LIBSSL
> enum { SSL_None, SSL_STARTTLS, SSL_IMAPS };
> #endif
> -@@ -3267,6 +3269,8 @@ imap_parse_store( conffile_t *cfg, store_conf_t **stor
> +@@ -3267,6 +3270,10 @@ imap_parse_store( conffile_t *cfg, store_conf_t **stor
> }
> acc_opt = 1;
> }
> + if (server->sconf.tunnel || server->pass_cmd)
> + needs_proc_exec = 1;
> ++ if (!(server->pass || server->pass_cmd))
> ++ needs_tty = 1;
> if (store)
> type = "IMAP store", name = store->gen.name;
> else
> Index: patches/patch-src_main_c
> ===================================================================
> RCS file: /cvs/ports/mail/isync/patches/patch-src_main_c,v
> retrieving revision 1.3
> diff -u -p -r1.3 patch-src_main_c
> --- patches/patch-src_main_c 8 May 2018 22:07:42 -0000 1.3
> +++ patches/patch-src_main_c 18 May 2018 20:29:01 -0000
> @@ -3,40 +3,64 @@ $OpenBSD: patch-src_main_c,v 1.3 2018/05
> Index: src/main.c
> --- src/main.c.orig
> +++ src/main.c
> -@@ -120,6 +120,8 @@ PACKAGE " " VERSION " - mailbox synchronizer\n"
> +@@ -120,6 +120,9 @@ PACKAGE " " VERSION " - mailbox synchronizer\n"
> exit( code );
> }
>
> +int needs_proc_exec = 0;
> ++int needs_tty = 0;
> +
> static void ATTR_PRINTFLIKE(1, 2)
> debug( const char *msg, ... )
> {
> -@@ -716,6 +718,29 @@ main( int argc, char **argv )
> +@@ -716,6 +719,52 @@ main( int argc, char **argv )
>
> if (load_config( config, pseudo ))
> return 1;
> +
> + if (mvars->list) {
> + if (needs_proc_exec) {
> -+ if (pledge("stdio rpath inet flock dns getpw proc exec"
> -+ " prot_exec", NULL) == -1)
> -+ sys_error("pledge\n");
> ++ if (needs_tty) {
> ++ if (pledge("stdio rpath inet flock dns getpw"
> ++ " tty proc exec prot_exec", NULL) == -1)
> ++ sys_error("pledge\n");
> ++ } else {
> ++ if (pledge("stdio rpath inet flock dns getpw"
> ++ " proc exec prot_exec", NULL) == -1)
> ++ sys_error("pledge\n");
> ++ }
> + } else {
> -+ if (pledge("stdio rpath inet flock dns getpw"
> -+ " prot_exec",
> -+ NULL) == -1)
> -+ sys_error("pledge\n");
> ++ if (needs_tty) {
> ++ if (pledge("stdio rpath inet flock dns getpw"
> ++ " tty prot_exec", NULL) == -1)
> ++ sys_error("pledge\n");
> ++ } else {
> ++ if (pledge("stdio rpath inet flock dns getpw"
> ++ " prot_exec", NULL) == -1)
> ++ sys_error("pledge\n");
> ++ }
> + }
> + } else {
> + if (needs_proc_exec) {
> -+ if (pledge("stdio rpath wpath cpath inet flock dns"
> -+ " getpw proc exec prot_exec", NULL) == -1)
> -+ sys_error("pledge\n");
> ++ if (needs_tty) {
> ++ if (pledge("stdio rpath wpath cpath inet flock"
> ++ " dns getpw tty proc exec prot_exec", NULL)
> == -1)
> ++ sys_error("pledge\n");
> ++ } else {
> ++ if (pledge("stdio rpath wpath cpath inet flock"
> ++ " dns getpw proc exec prot_exec", NULL) ==
> -1)
> ++ sys_error("pledge\n");
> ++ }
> + } else {
> -+ if (pledge("stdio rpath wpath cpath inet flock dns"
> -+ " getpw prot_exec", NULL) == -1)
> -+ sys_error("pledge\n");
> ++ if (needs_tty) {
> ++ if (pledge("stdio rpath wpath cpath inet flock"
> ++ " dns getpw tty prot_exec", NULL) == -1)
> ++ sys_error("pledge\n");
> ++ } else {
> ++ if (pledge("stdio rpath wpath cpath inet flock"
> ++ " dns getpw prot_exec", NULL) == -1)
> ++ sys_error("pledge\n");
> ++ }
> + }
> + }
>
>
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
