haesbaert
commented
7 years ago Hey thanks, sorry for the delay, I'll merge and do some tests this week, a new release is in order.
Closed kristapsdz closed 7 years ago
haesbaert
commented
7 years ago Hey thanks, sorry for the delay, I'll merge and do some tests this week, a new release is in order.
kristapsdz
commented
7 years ago Let me see if I can pledge mdnsd, too. The setsockopt code will need to be moved somehow because there's no pledge that allows for it, so any pledging will wait for that. Maybe it can be put into a coprocess.
kristapsdz
commented
7 years ago Ok, an update. In short, you can't pledge(2) mdnsd. In send_packet(), it invokes if_set_mcast() (conditionally), which uses setsockopt(2) in such a way that it always trips pledge(2). In the manpage:
setsockopt(2) has been reduced in functionality substantially.
Since this is a pretty fundamental part of the system, and since send_packet is invoked all the time, the only way to play nice with pledge(2) would be to completely change it so that the packet-sending is in a different (un-pledged) subprocess from the other.
haesbaert
commented
7 years ago Can you do a pull request for the mdnsctl diff ?
On the mdnsd front, yeah that seems a bit complex, I'm not sure the added complexity is desirable.
kristapsdz
commented
7 years ago I'll try to figure out the pull request stuff. (I'm a cranky CVS user.)
haesbaert
commented
7 years ago Embrace the future dear brother :=)
kristapsdz
commented
7 years ago This is now a pull request.
Easy pickings. Doing mdnsd is much harder because it setsockopts in a way that can't be done within a pledge.
mdnsctl-pledge.diff.txt