warp-vpn

point to point VPN implementation
git clone git://git.2f30.org/warp-vpn
Log | Files | Refs | README

commit 096da3ef2adb042994992b57df571287b6d4c2b1
parent 6659ab0293db6f8953ef25fc6bdc123c1569a412
Author: sin <sin@2f30.org>
Date:   Fri,  8 Apr 2016 15:54:10 +0100

pledge stun

Diffstat:
Mstun.c | 12++++++++++++
1 file changed, 12 insertions(+), 0 deletions(-)

diff --git a/stun.c b/stun.c @@ -566,6 +566,12 @@ serversetup(int devfd) freeaddrinfo(ai); revokeprivs(); + +#if defined(__OpenBSD__) + if (pledge("stdio inet", NULL) < 0) + logerr("pledge failed"); +#endif + for (;;) { netfd = accept(listenfd, (struct sockaddr *)&remote, (socklen_t []){sizeof(remote)}); @@ -757,7 +763,13 @@ main(int argc, char *argv[]) if (sflag) return serversetup(devfd); + revokeprivs(); +#if defined(__OpenBSD__) + if (pledge("stdio dns inet", NULL) < 0) + logerr("pledge failed"); +#endif + /* auto-reconnect client */ for (;;) { clientsetup(devfd);