net/mlvpn : add a missing pledge

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

net/mlvpn : add a missing pledge

Solene Rapenne
I had to use mlvpn today and I got a pledge error because of "wroute"
missing for the pledge list.

It seems legit to me to require wroute here.
I reported a bug upstream https://github.com/zehome/MLVPN/issues/152


Index: Makefile
===================================================================
RCS file: /home/reposync/ports/net/mlvpn/Makefile,v
retrieving revision 1.11
diff -u -p -r1.11 Makefile
--- Makefile 1 Feb 2021 19:54:19 -0000 1.11
+++ Makefile 6 Apr 2021 07:38:08 -0000
@@ -4,7 +4,7 @@ COMMENT = link-aggregation VPN software
 
 V = 2.3.5
 DISTNAME = mlvpn-$V
-REVISION = 0
+REVISION = 1
 
 CATEGORIES = net
 
Index: patches/patch-src_privsep_c
===================================================================
RCS file: patches/patch-src_privsep_c
diff -N patches/patch-src_privsep_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-src_privsep_c 6 Apr 2021 12:04:55 -0000
@@ -0,0 +1,17 @@
+$OpenBSD$
+
+wroute is required to avoid a crash at runtime as a client
+Reported upstream https://github.com/zehome/MLVPN/issues/152
+
+Index: src/privsep.c
+--- src/privsep.c.orig
++++ src/privsep.c
+@@ -190,7 +190,7 @@ priv_init(char *argv[], char *username)
+         close(socks[0]);
+         priv_fd = socks[1];
+ #ifdef HAVE_PLEDGE
+-        if (pledge("stdio inet unix recvfd", NULL) != 0) {
++        if (pledge("stdio inet unix recvfd wroute", NULL) != 0) {
+             err(1, "pledge");
+         }
+ #endif