aniani/gophernicus
1
0
Fork 0
mirror of https://github.com/gophernicus/gophernicus.git synced 2024-06-09 06:20:43 +00:00
Code

move libwrap bit before calling pledge(2)

Browse Source 
Just to make sure we don't fail due to libwrap calling syscall not
permitted by pledge.
This commit is contained in:
Omar Polo 2022-01-22 18:22:06 +01:00
parent 78dbbc1711
commit a5fcd38896
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/gophernicus.c
View File

@ -539,6 +539,13 @@ int main(int argc, char *argv[])
sstrlcpy(st.server_root, buf);
}
/* Check if TCP wrappers have something to say about this connection */
#ifdef HAVE_LIBWRAP
if (sstrncmp(st.req_remote_addr, UNKNOWN_ADDR) != MATCH &&
hosts_ctl(self, STRING_UNKNOWN, st.req_remote_addr, STRING_UNKNOWN) == WRAP_DENIED)
die(&st, ERR_ACCESS, "Refused connection");
#endif
#ifdef __OpenBSD__
/* unveil(2) support.
*
@ -606,13 +613,6 @@ int main(int argc, char *argv[])
}
#endif
/* Check if TCP wrappers have something to say about this connection */
#ifdef HAVE_LIBWRAP
if (sstrncmp(st.req_remote_addr, UNKNOWN_ADDR) != MATCH &&
hosts_ctl(self, STRING_UNKNOWN, st.req_remote_addr, STRING_UNKNOWN) == WRAP_DENIED)
die(&st, ERR_ACCESS, "Refused connection");
#endif
/* Make sure the computer is turned on */
#ifdef __HAIKU__
if (is_computer_on() != TRUE)