mirror of
https://codeberg.org/grunfink/snac2.git
synced 2024-11-22 13:25:04 +00:00
Added OpenBSD's unveil() and pledge() support.
This commit is contained in:
parent
a99f742d73
commit
3cb1725225
2 changed files with 42 additions and 16 deletions
|
@ -13,6 +13,8 @@
|
||||||
|
|
||||||
#include "snac.h"
|
#include "snac.h"
|
||||||
|
|
||||||
|
#include <sys/wait.h>
|
||||||
|
|
||||||
const char *public_address = "https:/" "/www.w3.org/ns/activitystreams#Public";
|
const char *public_address = "https:/" "/www.w3.org/ns/activitystreams#Public";
|
||||||
|
|
||||||
int activitypub_request(snac *snac, char *url, d_char **data)
|
int activitypub_request(snac *snac, char *url, d_char **data)
|
||||||
|
@ -999,6 +1001,35 @@ int process_message(snac *snac, char *msg, char *req)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
int send_email(char *msg)
|
||||||
|
/* invoke sendmail with email headers and body in msg */
|
||||||
|
{
|
||||||
|
FILE *f;
|
||||||
|
int status;
|
||||||
|
int fds[2];
|
||||||
|
pid_t pid;
|
||||||
|
if (pipe(fds) == -1) return -1;
|
||||||
|
pid = vfork();
|
||||||
|
if (pid == -1) return -1;
|
||||||
|
else if (pid == 0) {
|
||||||
|
dup2(fds[0], 0);
|
||||||
|
close(fds[0]);
|
||||||
|
close(fds[1]);
|
||||||
|
execl("/usr/sbin/sendmail", "sendmail", "-t", (char *) NULL);
|
||||||
|
_exit(1);
|
||||||
|
}
|
||||||
|
close(fds[0]);
|
||||||
|
if ((f = fdopen(fds[1], "w")) == NULL) {
|
||||||
|
close(fds[1]);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
fprintf(f, "%s\n", msg);
|
||||||
|
fclose(f);
|
||||||
|
if (waitpid(pid, &status, 0) == -1) return -1;
|
||||||
|
return status;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
void process_queue(snac *snac)
|
void process_queue(snac *snac)
|
||||||
/* processes the queue */
|
/* processes the queue */
|
||||||
{
|
{
|
||||||
|
@ -1085,17 +1116,8 @@ void process_queue(snac *snac)
|
||||||
/* send this email */
|
/* send this email */
|
||||||
char *msg = xs_dict_get(q_item, "message");
|
char *msg = xs_dict_get(q_item, "message");
|
||||||
int retries = xs_number_get(xs_dict_get(q_item, "retries"));
|
int retries = xs_number_get(xs_dict_get(q_item, "retries"));
|
||||||
FILE *f;
|
|
||||||
int ok = 0;
|
|
||||||
|
|
||||||
if ((f = popen("/usr/sbin/sendmail -t", "w")) != NULL) {
|
if (!send_email(msg))
|
||||||
fprintf(f, "%s\n", msg);
|
|
||||||
|
|
||||||
if (pclose(f) != -1)
|
|
||||||
ok = 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (ok)
|
|
||||||
snac_debug(snac, 1, xs_fmt("email message sent"));
|
snac_debug(snac, 1, xs_fmt("email message sent"));
|
||||||
else {
|
else {
|
||||||
if (retries > queue_retry_max)
|
if (retries > queue_retry_max)
|
||||||
|
|
12
data.c
12
data.c
|
@ -86,15 +86,19 @@ int srv_open(char *basedir, int auto_upgrade)
|
||||||
if (error != NULL)
|
if (error != NULL)
|
||||||
srv_log(error);
|
srv_log(error);
|
||||||
|
|
||||||
/* disabled temporarily; messages can't be sent (libcurl issue?) */
|
|
||||||
#if 0
|
|
||||||
#ifdef __OpenBSD__
|
#ifdef __OpenBSD__
|
||||||
srv_debug(2, xs_fmt("Calling unveil()"));
|
srv_debug(2, xs_fmt("Calling unveil()"));
|
||||||
unveil(basedir, "rwc");
|
unveil(basedir, "rwc");
|
||||||
unveil("/usr/sbin", "x");
|
unveil("/usr/sbin/sendmail", "x");
|
||||||
|
unveil("/etc/resolv.conf", "r");
|
||||||
|
unveil("/etc/hosts", "r");
|
||||||
|
unveil("/etc/ssl/openssl.cnf", "r");
|
||||||
|
unveil("/etc/ssl/cert.pem", "r");
|
||||||
|
unveil("/usr/share/zoneinfo", "r");
|
||||||
unveil(NULL, NULL);
|
unveil(NULL, NULL);
|
||||||
|
srv_debug(2, xs_fmt("Calling pledge()"));
|
||||||
|
pledge("stdio rpath wpath cpath flock inet proc exec dns", NULL);
|
||||||
#endif /* __OpenBSD__ */
|
#endif /* __OpenBSD__ */
|
||||||
#endif
|
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue