commit - bb32659f4666bd508118a9e15238bb69471b3b14
commit + 6f4eae69642d0a78da926cf32b3639e883f5fe09
blob - b8454b51d4dcc561ebb7dcdda35495534adc5707
blob + a06e82cff88e1f0b56f21f10175579e66d777ca1
--- gotwebd/sockets.c
+++ gotwebd/sockets.c
signal_add(&sigterm, NULL);
#ifndef PROFILE
- if (pledge("stdio inet recvfd sendfd", NULL) == -1)
+ if (pledge("stdio inet unix recvfd sendfd", NULL) == -1)
fatal("pledge");
#endif
sockets_launch(struct gotwebd *env)
{
struct socket *sock;
- int i;
+ int i, have_unix = 0, have_inet = 0;
if (env->gotweb_pending != 0)
fatal("gotweb process not connected");
TAILQ_FOREACH(sock, &gotwebd_env->sockets, entry) {
log_info("%s: configuring socket %d (%d)", __func__,
sock->conf.id, sock->fd);
+
+ switch (sock->conf.af_type) {
+ case AF_UNIX:
+ if (listen(sock->fd, SOCKS_BACKLOG) == -1) {
+ fatal("cannot listen on %s",
+ sock->conf.unix_socket_name);
+ }
+ have_unix = 1;
+ break;
+ case AF_INET:
+ case AF_INET6:
+ if (listen(sock->fd, SOMAXCONN) == -1) {
+ fatal("cannot listen on %s",
+ sock->conf.addr.ifname);
+ }
+ have_inet = 1;
+ break;
+ default:
+ fatalx("unsupported address family type %d",
+ sock->conf.af_type);
+ }
event_set(&sock->ev, sock->fd, EV_READ | EV_PERSIST,
sockets_socket_accept, sock);
}
#ifndef PROFILE
- if (pledge("stdio inet sendfd", NULL) == -1)
- fatal("pledge");
+ if (have_unix && have_inet) {
+ if (pledge("stdio inet unix sendfd", NULL) == -1)
+ fatal("pledge");
+ } else if (have_unix) {
+ if (pledge("stdio unix sendfd", NULL) == -1)
+ fatal("pledge");
+ } else if (have_inet) {
+ if (pledge("stdio inet sendfd", NULL) == -1)
+ fatal("pledge");
+ }
#endif
for (i = 0; i < env->prefork; i++)
event_add(&env->iev_gotweb[i].ev, NULL);
return -1;
}
- if (listen(u_fd, SOCKS_BACKLOG) == -1) {
- log_warn("%s: listen", __func__);
- return -1;
- }
-
return u_fd;
}
return -1;
}
- if (listen(fd, SOMAXCONN) == -1) {
- log_warn("%s, unable to listen on socket", __func__);
- close(fd);
- return -1;
- }
-
return (fd);
}
