Skip to content
Please note that GitHub no longer supports Internet Explorer.

We recommend upgrading to the latest Microsoft Edge, Google Chrome, or Firefox.

Learn more
Permalink
Browse files

Merge pull request #735 from trasz/capsicum

Add Capsicum support
  • Loading branch information
ailin-nemui committed Sep 10, 2017
2 parents be70fa5 + b529e1a commit 24ad80177b10093544ec07a5d6b3ed4b1bfc6fb8
@@ -166,6 +166,15 @@ AC_ARG_ENABLE(gregex,
fi,
want_gregex=yes)

AC_ARG_WITH(capsicum,
[ --with-capsicum Build with Capsicum support],
if test x$withval = xno; then
want_capsicum=no
else
want_capsicum=yes
fi,
want_capsicum=yes)

dnl **
dnl ** just some generic stuff...
dnl **
@@ -499,12 +508,30 @@ if test "$want_perl" != "no"; then
fi
fi

dnl **
dnl ** check for capsicum
dnl **

if test "x$want_capsicum" = "xyes"; then
AC_CHECK_LIB(c, cap_enter, [
AC_CHECK_LIB(nv, nvlist_create, [
AC_DEFINE(HAVE_CAPSICUM,, Build with Capsicum support)
LIBS="$LIBS -lnv"
], [
want_capsicum="no, nvlist_create not found"
])
], [
want_capsicum="no, cap_enter not found"
])
fi

dnl ** check what we want to build
AM_CONDITIONAL(BUILD_TEXTUI, test "$want_textui" = "yes")
AM_CONDITIONAL(BUILD_IRSSIBOT, test "$want_irssibot" = "yes")
AM_CONDITIONAL(BUILD_IRSSIFUZZER, test "$want_irssifuzzer" = "yes")
AM_CONDITIONAL(BUILD_IRSSIPROXY, test "$want_irssiproxy" = "yes")
AM_CONDITIONAL(HAVE_PERL, test "$want_perl" != "no")
AM_CONDITIONAL(HAVE_CAPSICUM, test "x$want_capsicum" = "xyes")
AM_CONDITIONAL(USE_GREGEX, test "x$want_gregex" = "xyes")

# move LIBS to PROG_LIBS so they're not tried to be used when linking eg. perl libraries
@@ -713,6 +740,7 @@ echo
echo "Building with 64bit DCC support .. : $offt_64bit"
echo "Building with true color support.. : $want_truecolor"
echo "Building with GRegex ............. : $want_gregex"
echo "Building with Capsicum ........... : $want_capsicum"

echo
echo "If there are any problems, read the INSTALL file."
@@ -2,6 +2,7 @@ man_MANS = \
irssi.1

doc_DATA = \
capsicum.txt \
design.txt \
formats.txt \
manual.txt \
@@ -0,0 +1,30 @@
Capsicum is a lightweight OS capability and sandbox framework provided
by FreeBSD. When built with Capsicum support - which is the default under
FreeBSD - Irssi can enter a Capsicum capability mode (a sandbox), greatly
limiting possible consequences of a potential security hole in Irssi
or the libraries it depends on.

To make Irssi enter capability mode on startup, add

capsicum = "yes";

to your ~/.irssi/config and restart the client. Alternatively you can
enter it "by hand", using the "/capsicum enter" command. From the security
point of view it's strongly preferable to use the former method, to avoid
establishing connections without the sandbox protection; the "/capsicum"
command is only intended for experimentation, and in cases where you need
to do something that's not possible in capability mode - run scripts,
for example - before continuing.

There is no way to leave the capability mode, apart from exiting Irssi.
When running in capability mode, there are certain restrictions - Irssi
won't be able to access any files outside the directory pointed to by
capsicum_irclogs_path (which defaults to ~/irclogs/). If you change
the path when already in capability mode it won't be effective until
you restart Irssi. Capability mode also makes it impossible to use
the "/save" command.

Currently there is no way to use custom SSL certificates. As a workaround
you can establish connections and enter the capability mode afterwards
using the "/capsicum enter" command.

@@ -56,6 +56,11 @@ libcore_a_SOURCES = \
tls.c \
write-buffer.c

if HAVE_CAPSICUM
libcore_a_SOURCES += \
capsicum.c
endif

structure_headers = \
channel-rec.h \
channel-setup-rec.h \
@@ -69,6 +74,7 @@ structure_headers = \
pkginc_coredir=$(pkgincludedir)/src/core
pkginc_core_HEADERS = \
args.h \
capsicum.h \
channels.h \
channels-setup.h \
commands.h \
@@ -89,6 +95,7 @@ pkginc_core_HEADERS = \
net-nonblock.h \
net-sendbuffer.h \
network.h \
network-openssl.h \
nick-rec.h \
nicklist.h \
nickmatch-cache.h \

0 comments on commit 24ad801

Please sign in to comment.
You can’t perform that action at this time.