From 17e07d80bb91b2e8714f9d8aacf66f1b6128500a Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Sat, 7 Jul 2018 20:50:44 +0200
Subject: [PATCH] Fix pledge() usage

---
 dnscrypt-proxy/pledge_openbsd.go   | 11 ++++++++---
 dnscrypt-proxy/pledge_others.go    |  4 ++++
 dnscrypt-proxy/privilege_others.go |  1 +
 3 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/dnscrypt-proxy/pledge_openbsd.go b/dnscrypt-proxy/pledge_openbsd.go
index 4b593fb0..6c5ea2ea 100644
--- a/dnscrypt-proxy/pledge_openbsd.go
+++ b/dnscrypt-proxy/pledge_openbsd.go
@@ -2,9 +2,14 @@
 
 package main
 
-import "golang.org/x/sys/unix"
+import (
+	"golang.org/x/sys/unix"
+)
 
 func Pledge() {
-	unix.Pledge("stdio rpath wpath cpath tmppath inet fattr flock dns getpw sendfd recvfd proc exec id",
-		"stdio rpath wpath cpath tmppath inet fattr flock dns recvfd")
+	unix.Pledge("stdio rpath wpath cpath tmppath inet fattr flock dns getpw sendfd recvfd proc exec id", nil)
+}
+
+func PledgeChild() {
+	unix.Pledge("stdio rpath wpath cpath tmppath inet fattr flock dns recvfd", nil)
 }
diff --git a/dnscrypt-proxy/pledge_others.go b/dnscrypt-proxy/pledge_others.go
index 4b791db0..59178a68 100644
--- a/dnscrypt-proxy/pledge_others.go
+++ b/dnscrypt-proxy/pledge_others.go
@@ -5,3 +5,7 @@ package main
 func Pledge() {
 
 }
+
+func PledgeChild() {
+
+}
diff --git a/dnscrypt-proxy/privilege_others.go b/dnscrypt-proxy/privilege_others.go
index 9779de5f..58725582 100644
--- a/dnscrypt-proxy/privilege_others.go
+++ b/dnscrypt-proxy/privilege_others.go
@@ -39,6 +39,7 @@ func (proxy *Proxy) dropPrivilege(userStr string, fds []*os.File) {
 	}
 
 	SystemDNotify()
+	PledgeChild()
 
 	args = args[1:]
 	args = append(args, "-child")