about summary refs log tree commit diff stats
path: root/openbsd
diff options
context:
space:
mode:
Diffstat (limited to 'openbsd')
-rw-r--r--openbsd/__init__.py48
-rw-r--r--openbsd/openbsd_builder.py20
2 files changed, 68 insertions, 0 deletions
diff --git a/openbsd/__init__.py b/openbsd/__init__.py
new file mode 100644
index 0000000..8810370
--- /dev/null
+++ b/openbsd/__init__.py
@@ -0,0 +1,48 @@
+
+import sys
+from cffi import FFI
+from _openbsd import lib as _lib
+
+__all__ = ["pledge", "unveil"]
+
+_ffi = FFI()
+
+
+def pledge(promises=None, execpromises=None):
+    promises = _ffi.NULL if promises is None else _encode(promises)
+    execpromises = _ffi.NULL if execpromises is None else _encode(execpromises)
+    ret = _lib.pledge(promises, execpromises)
+    if ret < 0:
+        errno = _ffi.errno
+        raise OSError(errno, _decode(_ffi.string(_lib.strerror(errno), 256)))
+
+
+def unveil(path=None, permissions=None):
+    path = _ffi.NULL if path is None else _encode(path)
+    permissions = _ffi.NULL if permissions is None else _encode(permissions)
+    ret = _lib.unveil(path, permissions)
+    if ret < 0:
+        errno = _ffi.errno
+        raise OSError(errno, _decode(_ffi.string(_lib.strerror(errno), 256)))
+
+
+if isinstance(b"openbsd", str):
+    # Python 2
+    def _encode(text):
+        if isinstance(text, unicode):
+            return text.encode("ascii")
+        return text
+
+    def _decode(text):
+        return text
+else:
+    # Python 3
+    def _encode(text):
+        if isinstance(text, str):
+            return text.encode("ascii")
+        return text
+
+    def _decode(text):
+        return text.decode("ascii")
+
+
diff --git a/openbsd/openbsd_builder.py b/openbsd/openbsd_builder.py
new file mode 100644
index 0000000..8ca0bc5
--- /dev/null
+++ b/openbsd/openbsd_builder.py
@@ -0,0 +1,20 @@
+
+from cffi import FFI
+ffibuilder = FFI()
+
+ffibuilder.cdef('''
+    int pledge(const char *promises, const char *execpromises);
+    int unveil(const char *path, const char *permissions);
+    char *strerror(int errnum);
+''')
+
+ffibuilder.set_source("_openbsd",
+"""
+    #include <unistd.h>
+    #include <string.h>
+""")
+
+if __name__ == "__main__":
+    ffibuilder.compile(verbose=True)
+
+