Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

initial pledge(2) on OpenBSD #1803

Merged
merged 1 commit into from
Feb 25, 2024
Merged

initial pledge(2) on OpenBSD #1803

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
46 changes: 46 additions & 0 deletions shairport.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1929,6 +1929,12 @@ void _display_config(const char *filename, const int linenumber, __attribute__((
#define display_config(argc, argv) _display_config(__FILE__, __LINE__, argc, argv)

int main(int argc, char **argv) {
#ifdef COMPILE_FOR_OPENBSD
/* Start with the superset of all potentially required promises. */
if (pledge("stdio rpath wpath cpath dpath inet unix dns proc exec audio", NULL) == -1)
die("pledge: %s", strerror(errno));
#endif

memset(&config, 0, sizeof(config)); // also clears all strings, BTW
/* Check if we are called with -V or --version parameter */
if (argc >= 2 && ((strcmp(argv[1], "-V") == 0) || (strcmp(argv[1], "--version") == 0))) {
Expand Down Expand Up @@ -2102,6 +2108,16 @@ int main(int argc, char **argv) {
// parse arguments into config -- needed to locate pid_dir
int audio_arg = parse_options(argc, argv);

#ifdef COMPILE_FOR_OPENBSD
/* Any command to be executed at runtime? */
int run_cmds =
config.cmd_active_start != NULL ||
config.cmd_active_stop != NULL ||
config.cmd_set_volume != NULL ||
config.cmd_start != NULL ||
config.cmd_stop != NULL;
#endif

// mDNS supports maximum of 63-character names (we append 13).
if (strlen(config.service_name) > 50) {
warn("The service name \"%s\" is too long (max 50 characters) and has been truncated.",
Expand Down Expand Up @@ -2237,6 +2253,16 @@ int main(int argc, char **argv) {

#endif

#ifdef COMPILE_FOR_OPENBSD
/* Past daemon(3)'s double fork(2). */

/* Only user-defined commands are executed. */
if (!run_cmds)
/* Drop "proc exec". */
if (pledge("stdio rpath wpath cpath dpath inet unix dns audio", NULL) == -1)
die("pledge: %s", strerror(errno));
#endif

#ifdef CONFIG_AIRPLAY_2

if (has_fltp_capable_aac_decoder() == 0) {
Expand Down Expand Up @@ -2352,6 +2378,26 @@ int main(int argc, char **argv) {
}
config.output->init(argc - audio_arg, argv + audio_arg);

#ifdef COMPILE_FOR_OPENBSD
/* Past first and last sio_open(3), sndio(7) only needs "audio". */

# ifdef CONFIG_METADATA
/* Only coverart cache is created.
* Only metadata pipe is special. */
if (!config.metadata_enabled)
# endif
{
/* Drop "cpath dpath". */
if (run_cmds) {
if (pledge("stdio rpath wpath inet unix dns proc exec audio", NULL) == -1)
die("pledge: %s", strerror(errno));
} else {
if (pledge("stdio rpath wpath inet unix dns audio", NULL) == -1)
die("pledge: %s", strerror(errno));
}
}
#endif

// pthread_cleanup_push(main_cleanup_handler, NULL);

// daemon_log(LOG_NOTICE, "startup");
Expand Down
Loading