summary refs log tree commit diff
diff options
context:
space:
mode:
authorKlemens Nanni2021-06-30 02:24:30 +0000
committerC. McEnroe2021-07-13 15:16:22 -0400
commit9559fe9d23351f0952f47a83ddae9d18b45b8406 (patch)
tree0c41298db14ba635025c22e83822391455c9a80d
parent320aeaf4354f25264646c866226755732a968cca (diff)
Make -o/printCert not load any files, pledge even earlier
No point in trying to load a self-signed server certificate which we
are about to get from the server in the first place.

No need to read client certificate/key files when all we want is the
server certificate:  in TLS the server always sends its certificate
before the client replies with any key material, i.e. catgirl sending
client data is useless.

catgirl(1) synopsis also notes how these options are irrelevant in the
-o/printCert case.

As a result, ircConfig() no longer requires any filesystem I/O in this
case, so hoist the purely network I/O related pledge() call to enforce
this -- more secure, self-documenting code!
-rw-r--r--chat.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/chat.c b/chat.c
index ab0678a..7bd68e0 100644
--- a/chat.c
+++ b/chat.c
@@ -220,7 +220,7 @@ int main(int argc, char *argv[]) {
 			break; case 'l': log = true; logOpen();
 			break; case 'm': self.mode = optarg;
 			break; case 'n': nick = optarg;
-			break; case 'o': insecure = true; printCert = true;
+			break; case 'o': printCert = true;
 			break; case 'p': port = optarg;
 			break; case 'r': real = optarg;
 			break; case 's': save = optarg;
@@ -234,11 +234,11 @@ int main(int argc, char *argv[]) {
 	if (!host) errx(EX_USAGE, "host required");
 
 	if (printCert) {
-		ircConfig(insecure, trust, cert, priv);
 #ifdef __OpenBSD__
 		int error = pledge("stdio inet dns", NULL);
 		if (error) err(EX_OSERR, "pledge");
 #endif
+		ircConfig(true, NULL, NULL, NULL);
 		ircConnect(bind, host, port);
 		ircPrintCert();
 		ircClose();