commit - daf3253b980101230a6ba436cd7c439c8d2ae3fc
commit + 0f26145c0840360390ad82833441c733f8d8ac86
blob - 6f8b7764e54899a504b1fd816914e883ae74ec93
blob + 1e17ad4640e7d2b633c07bdcb91a07b30cc76fab
--- main.c
+++ main.c
@@ -183,7 +183,11 @@ main(int argc, char *argv[])
 	if ((hash_md = EVP_get_digestbyname(hashalg)) == NULL)
 		fatalx("Can't find hash: %s", hashalg);
 
-	if (pledge("tmppath stdio", NULL) == -1)
+	/*
+	 * fattr required for tmpfile.
+	 * Can hopefully be removed in the future
+	 */
+	if (pledge("fattr tmppath stdio", NULL) == -1)
 		fatal("pledge");
 
 	if (domain == NULL || selector == NULL || pkey == NULL)
@@ -343,23 +347,15 @@ dkim_session_new(uint64_t reqid)
 {
 	struct dkim_session *session;
 	struct dkim_signature *signature;
-	char origfile[] = "/tmp/filter-dkimXXXXXX";
-	int fd;
 
 	if ((session = calloc(1, sizeof(*session))) == NULL)
 		fatal(NULL);
 
 	session->reqid = reqid;
-	if ((fd = mkstemp(origfile)) == -1) {
+	if ((session->origf = tmpfile()) == NULL) {
 		dkim_err(session, "Can't open tempfile");
 		return NULL;
 	}
-	if (unlink(origfile) == -1)
-		log_warn("Failed to unlink tempfile %s", origfile);
-	if ((session->origf = fdopen(fd, "r+")) == NULL) {
-		dkim_err(session, "Can't open tempfile");
-		return NULL;
-	}
 	session->parsing_headers = 1;
 
 	session->body_whitelines = 0;