Stefan Sperling <stsp@stsp.name> wrote:
> Technically, gotwebd should be using the "unix" pledge in order to
> handle connections on unix sockets. It we could get away with just
> the "inet" pledge but it seems better to separate them out.
> 
> ok?

ok op@

i'd like to clean up the SOCKS_BACKLOG vs SOMAXCONN too after this


diffstat /home/op/w/got
 M  gotwebd/sockets.c  |  11+  20-

1 file changed, 11 insertions(+), 20 deletions(-)

diff /home/op/w/got
path + /home/op/w/got
commit - ae9d13c3e2774797efec98cb2e8e10db123d243b
blob - b373edd0a2bad606b051be8861986cf623240b6a
file + gotwebd/sockets.c
--- gotwebd/sockets.c
+++ gotwebd/sockets.c
@@ -196,6 +196,7 @@ static void
 sockets_launch(struct gotwebd *env)
 {
 	struct socket *sock;
+	const char *sockname;
 	int have_unix = 0, have_inet = 0;
 	int i;
 
@@ -203,30 +204,20 @@ sockets_launch(struct gotwebd *env)
 		fatal("gotweb process not connected");
 
 	TAILQ_FOREACH(sock, &gotwebd_env->sockets, entry) {
-		log_info("%s: configuring socket %d (%d)", __func__,
-		    sock->conf.id, sock->fd);
-
-		switch (sock->conf.af_type) {
-		case AF_UNIX:
-			if (listen(sock->fd, SOCKS_BACKLOG) == -1) {
-				fatal("cannot listen on %s",
-				    sock->conf.unix_socket_name);
-			}
+		if (sock->conf.af_type == AF_UNIX) {
 			have_unix = 1;
-			break;
-		case AF_INET:
-		case AF_INET6:
-			if (listen(sock->fd, SOMAXCONN) == -1) {
-				fatal("cannot listen on %s",
-				    sock->conf.addr.ifname);
-			}
+			sockname = sock->conf.unix_socket_name;
+		} else {
 			have_inet = 1;
-			break;
-		default:
-			fatalx("unsupported address family type %d",
-			    sock->conf.af_type);
+			sockname = sock->conf.addr.ifname;
 		}
 
+		log_info("%s: configuring socket %s %d (%d)", __func__,
+		    sockname, sock->conf.id, sock->fd);
+
+		if (listen(sock->fd, SOCKS_BACKLOG) == -1)
+			fatal("cannot listen on %s", sockname);
+
 		event_set(&sock->ev, sock->fd, EV_READ | EV_PERSIST,
 		    sockets_socket_accept, sock);