From 3a38e36717ff24a3c028c1c7cfe477d9fec95498 Mon Sep 17 00:00:00 2001 From: Klemens Nanni Date: Sat, 19 Jun 2021 14:57:00 +0000 Subject: [PATCH] OpenBSD: Only unveil used directories dataMkdir() already picked the appropiate directory so make it return that such that unveilData() can go as only that one directory needs unveiling. --- chat.c | 15 +++------------ chat.h | 2 +- xdg.c | 3 ++- 3 files changed, 6 insertions(+), 14 deletions(-) diff --git a/chat.c b/chat.c index 8816068..479ec94 100644 --- a/chat.c +++ b/chat.c @@ -127,16 +127,6 @@ static void parseHash(char *str) { if (*str) hashBound = strtoul(&str[1], NULL, 0); } -#ifdef __OpenBSD__ -static void unveilData(const char *name) { - const char *dirs = NULL; - for (const char *path; NULL != (path = dataPath(&dirs, name));) { - int error = unveil(path, "wc"); - if (error && errno != ENOENT) err(EX_CANTCREAT, "%s", path); - } -} -#endif - static volatile sig_atomic_t signals[NSIG]; static void signalHandler(int signal) { signals[signal] = 1; @@ -287,8 +277,9 @@ int main(int argc, char *argv[]) { #ifdef __OpenBSD__ if (self.restricted && logEnable) { - dataMkdir(""); - unveilData(""); + const char *logdir = dataMkdir(""); + int error = unveil(logdir, "wc"); + if (error) err(EX_OSERR, "unveil"); } char promises[64] = "stdio tty"; diff --git a/chat.h b/chat.h index c4499a8..74c4abf 100644 --- a/chat.h +++ b/chat.h @@ -403,7 +403,7 @@ const char *configPath(const char **dirs, const char *path); const char *dataPath(const char **dirs, const char *path); FILE *configOpen(const char *path, const char *mode); FILE *dataOpen(const char *path, const char *mode); -void dataMkdir(const char *path); +const char *dataMkdir(const char *path); int getopt_config( int argc, char *const *argv, diff --git a/xdg.c b/xdg.c index e4b252d..6afeb35 100644 --- a/xdg.c +++ b/xdg.c @@ -114,11 +114,12 @@ FILE *configOpen(const char *path, const char *mode) { return NULL; } -void dataMkdir(const char *path) { +const char *dataMkdir(const char *path) { const char *dirs = NULL; path = dataPath(&dirs, path); int error = mkdir(path, S_IRWXU); if (error && errno != EEXIST) err(EX_CANTCREAT, "%s", path); + return path; } FILE *dataOpen(const char *path, const char *mode) {