Security funcs should always succeed on non-OpenBSD - gout

commit 343d8bbbaa30c9acf9862d231103ef65b5840ee6
parent 80ac051dd10bb13b189f700f0361bcfe80a80eb4
Author: Chris Bracken <chris@bracken.jp>
Date:   Mon, 17 Nov 2025 18:37:26 +0900

Security funcs should always succeed on non-OpenBSD

This fixes two issues:
* pledge/unveil should return -1 on failure, not 1.
* unveil(NULL, NULL) must be call to lock the filesystem restrictions,
  so this needs to succeed with null inputs regardless.

The locking unveil call will be added in a followup patch.

Diffstat:
M security.c  | 8 ++++++--

1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/security.c b/security.c
@@ -6,10 +6,14 @@
 #include <unistd.h>
 #else
 static int unveil(const char* path, const char* permissions) {
-  return (path && permissions) ? 0 : 1;
+  (void)path;
+  (void)permissions;
+  return 0;
 }
 static int pledge(const char* promises, const char* execpromises) {
-  return (promises && execpromises) ? 0 : 1;
+  (void)promises;
+  (void)execpromises;
+  return 0;
 }
 #endif  // __OpenBSD__

	gout A static git page generator
	git clone https://git.bracken.jp/gout.git
	Log \| Files \| Refs \| README \| LICENSE