commit - 0aa852e7850dc0a27b20c9aed9e07ab39d024308
commit + 290815ffe7ab6d037e4b6493d509f49a53fddc5a
blob - 42b3858588b58a7e52039e2b9a049d1e4ea22cd8
blob + 59b4f82e88ff5740ebc34de7416264f61e0f5ed9
--- gotwebd/sockets.c
+++ gotwebd/sockets.c
signal_add(&sigterm, NULL);
#ifndef PROFILE
- if (pledge("stdio inet recvfd sendfd", NULL) == -1)
+ if (pledge("stdio inet unix recvfd sendfd", NULL) == -1)
fatal("pledge");
#endif
sockets_launch(struct gotwebd *env)
{
struct socket *sock;
- int i;
+ int i, have_unix = 0, have_inet = 0;
if (env->gotweb_pending != 0)
fatal("gotweb process not connected");
TAILQ_FOREACH(sock, &gotwebd_env->sockets, entry) {
log_info("%s: configuring socket %d (%d)", __func__,
sock->conf.id, sock->fd);
+
+ switch (sock->conf.af_type) {
+ case AF_UNIX:
+ if (listen(sock->fd, SOCKS_BACKLOG) == -1) {
+ fatal("cannot listen on %s",
+ sock->conf.unix_socket_name);
+ }
+ have_unix = 1;
+ break;
+ case AF_INET:
+ case AF_INET6:
+ if (listen(sock->fd, SOMAXCONN) == -1) {
+ fatal("cannot listen on %s",
+ sock->conf.addr.ifname);
+ }
+ have_inet = 1;
+ break;
+ default:
+ fatalx("unsupported address family type %d",
+ sock->conf.af_type);
+ }
event_set(&sock->ev, sock->fd, EV_READ | EV_PERSIST,
sockets_socket_accept, sock);
}
#ifndef PROFILE
- if (pledge("stdio inet sendfd", NULL) == -1)
- fatal("pledge");
+ if (have_unix && have_inet) {
+ if (pledge("stdio inet unix sendfd", NULL) == -1)
+ fatal("pledge");
+ } else if (have_unix) {
+ if (pledge("stdio unix sendfd", NULL) == -1)
+ fatal("pledge");
+ } else if (have_inet) {
+ if (pledge("stdio inet sendfd", NULL) == -1)
+ fatal("pledge");
+ }
#endif
for (i = 0; i < env->prefork; i++)
event_add(&env->iev_gotweb[i].ev, NULL);
return -1;
}
- if (listen(u_fd, SOCKS_BACKLOG) == -1) {
- log_warn("%s: listen", __func__);
- return -1;
- }
-
return u_fd;
}
return -1;
}
- if (listen(fd, SOMAXCONN) == -1) {
- log_warn("%s, unable to listen on socket", __func__);
- close(fd);
- return -1;
- }
-
return (fd);
}
