Add support for capsicum

svn path=/head/; revision=442808

math/moo/Makefile

@@ -3,6 +3,7 @@
 
 PORTNAME=	moo
 PORTVERSION=	1.5
+PORTREVISION=	1
 CATEGORIES=	math
 
 MAINTAINER=	skreuzer@FreeBSD.org
@@ -16,6 +17,10 @@ GH_TAGNAME=	${PORTVERSION}
 
 PLIST_FILES=	bin/moo man/man1/moo.1.gz
 
+.if exists(/usr/include/sys/capsicum.h)
+CFLAGS+=	-DHAVE_CAPSICUM
+.endif
+
 MAKE_JOBS_UNSAFE=	yes
 
 do-install:

math/moo/files/patch-Makefile

@@ -1,4 +1,4 @@
---- Makefile.orig	2017-06-01 18:24:01 UTC
+--- Makefile.orig	2016-06-04 10:05:27 UTC
 +++ Makefile
 @@ -1,14 +1,14 @@
  PROG=		moo

math/moo/files/patch-moo.y

@@ -1,6 +1,18 @@
 --- moo.y.orig	2016-06-04 10:05:27 UTC
 +++ moo.y
-@@ -34,7 +34,7 @@ static int used_oct;
+@@ -4,6 +4,11 @@
+  * Public domain.
+  */
+ 
++#ifdef HAVE_CAPSICUM
++#include <sys/capsicum.h>
++#include <capsicum_helpers.h>
++#endif
++
+ #include <ctype.h>
+ #include <err.h>
+ #include <errno.h>
+@@ -34,7 +39,7 @@ static int used_oct;
  
  static void		divbyzero(void);
  static void		printnum(int64_t);
@@ -9,17 +21,27 @@
  void			yyerror(char *);
  int			yylex(void);
  int			yyparse(void);
-@@ -317,9 +317,6 @@ main(int argc, char *argv[])
+@@ -315,10 +320,16 @@ getnum(const char *nptr)
+ int
+ main(int argc, char *argv[])
  {
- 	int ch;
+-	int ch;
++#ifdef HAVE_CAPSICUM
++    if (caph_limit_stdio() < 0)
++        err(1, "unable to limit capabilities for stdio");
  
 -	if (pledge("stdio tmppath", NULL) == -1)
 -		err(1, "pledge");
--
++    caph_cache_catpages();
++    if (cap_enter() < 0 && errno != ENOSYS)
++        err(1, "unable to enter capability mode");
++#endif
++
++	int ch;
+ 
  	while ((ch = getopt(argc, argv, "0123456789b:lsuw:")) != -1)
  		switch (ch) {
- 		/*
-@@ -403,9 +400,6 @@ DONEPARSING:
+@@ -403,9 +414,6 @@ DONEPARSING:
  		yyin = sfp;
  	}