send capsicum/landlock/seccomp hack to Valhalla

2023-05-08 10:27:32 +00:00 · 2023-05-08 10:27:32 +00:00 · 1e0b974519
parent 0b62f4842d
commit 1e0b974519
4 changed files with 4 additions and 9 deletions
--- a/gmid.h
+++ b/gmid.h
@ -196,7 +196,6 @@ struct conf {
 	/* from command line */
 	int		 foreground;
 	int		 verbose;
-	int		 can_open_sockets;

 	/* in the config */
 	int		 port;
@ -367,7 +366,7 @@ void		 fcgi_error(struct bufferevent *, short, void *);
 void		 fcgi_req(struct client *);

 /* sandbox.c */
-void		 sandbox_server_process(int);
+void		 sandbox_server_process(void);
 void		 sandbox_logger_process(void);

 /* utf8.c */
--- a/parse.y
+++ b/parse.y
@ -1059,8 +1059,6 @@ new_proxy(void)
 {
 	struct proxy *p;

-	conf.can_open_sockets = 1;
-
 	p = xcalloc(1, sizeof(*p));
 	p->protocols = TLS_PROTOCOLS_DEFAULT;
 	return p;
@ -1170,8 +1168,6 @@ fastcgi_conf(const char *path, const char *port)
 	struct fcgi	*f;
 	int		i;

-	conf.can_open_sockets = 1;
-
 	for (i = 0; i < FCGI_MAX; ++i) {
 		f = &fcgi[i];

--- a/sandbox.c
+++ b/sandbox.c
@ -21,7 +21,7 @@
 #include <unistd.h>

 void
-sandbox_server_process(int can_open_sockets)
+sandbox_server_process(void)
 {
 	struct vhost	*h;
 	struct location	*l;
@ -54,7 +54,7 @@ sandbox_logger_process(void)
 #warning "No sandbox method known for this OS"

 void
-sandbox_server_process(int can_open_sockets)
+sandbox_server_process(void)
 {
 	return;
 }
--- a/server.c
+++ b/server.c
@ -1399,7 +1399,7 @@ loop(struct tls *ctx_, int sock4, int sock6, struct imsgbuf *ibuf)
 	signal_set(&sigusr2, SIGUSR2, &handle_siginfo, NULL);
 	signal_add(&sigusr2, NULL);

-	sandbox_server_process(conf.can_open_sockets);
+	sandbox_server_process();
 	event_dispatch();
 	_exit(0);
 }