summary refs log tree commit diff
path: root/chat.c
AgeCommit message (Collapse)Author
2021-06-10OpenBSD: Remove now obsolete unveil codeKlemens Nanni
Previous tls_default_ca_cert_file(3) hoisting makes this possible: all TLS related files are fully loaded into memory by ircConfig() such that ircConnect() will not do any file I/O. Call ircConfig() before pledge(2) in the `-o' "print cert" case so this works out -- that order should have been preserved in the previous a989e15 "OpenBSD: hoist -o/printCert code to simplify" but fixing it now nicely demonstrates the achivement even more so.
2021-06-09Replace catf with seprintfC. McEnroe
2021-06-09OpenBSD: pledge minimum promises from the startKlemens Nanni
catgirl needs: - "stdio tty" at all times - "rpath inet dns" once at startup for terminfo(5) and ssl(8) - "proc exec" iff -R/restrict options is disabled - "rpath wpath cpath" iff -s/save or -l/log options is enabled Status quo: catgirl starts with the superset of all possible promises "stdio rpath wpath cpath inet dns tty proc exec", drops offline with "stdio rpath wpath cpath tty proc exec" and possibly drops to either of "stdio rpath wpath cpath tty", "stdio tty proc exec" or "stdio tty" depending on the options used. Such step-by-step reduction is straight forward and easy to model along the process runtime, but it comes with the drawback of starting with too broad promises right from the beginning, i.e. `catgirl -R -h host' is able to execute code and write to filesystems even though it must never do so according the (un)used options. Lay out required promises up front and pledge in two stages: 1. initial setup, i.e. fixed "stdio tty" plus temporary "rpath inet dns" plus potential "rpath wpath cpath" plus potential "proc exec" 2. final rutime, i.e. fixed "stdio tty" plus potential "rpath wpath cpath" plus potential "proc exec" This way the above mentioned usage example can never execute or write files, hence less potential for bugs and more accurate modelling of catgirl's runtime -- dropping "inet dns" alone in between also becomes obsolete with this approach.
2021-06-09OpenBSD: unveil after ncurses(3) init to support TERMINFOKlemens Nanni
initscr(3) in uiInitEarly() attempts more than /usr/share/terminfo/, see `mandoc -O tag=TERMINFO ncurses`. Even though non-default terminfo handling seems rare and it is unlikely to have ever caused a problem for catgirl users on OpenBSD, the current is still wrong by oversimplifying it. Avoid the entire curses/unveil clash by setting up the screen before unveiling.
2021-06-09OpenBSD: hoist -o/printCert code to simplifyKlemens Nanni
Nothing but the TLS handshake is required, so skip all other setup. On OpenBSD, unveil() handling needs fixing which will involve code reshuffling -- this is the first related but standalone step. Also pledge this one-off code path individually such with simpler and tighter promises while here.
2021-06-06Pad kiosk username with zero, not spaceC. McEnroe
Oops!
2021-06-06OpenBSD: unveil XDG directories only when neededKlemens Nanni
The (not perfectly obvious) way catgirl crafts directories gets triggered by unveilAll() even if no passed option requires filesystem access: $ env -i TERM=xterm ./catgirl -h irc.hackint.eu -R -n nobody catgirl: HOME unset Here unveil(2) is used due to the "restrict" option, but besides terminfo(5) and certificates catgirl does not need any other files, yet it tries to init the data path -- passing XDG_DATA_HOME=/var/empty makes above invocation work showing how the then successful path setup is not required. Fix this by not unveiling the unneeded data path in the first place.
2021-05-27Hash the username in kiosk modeC. McEnroe
So that the first part of $SSH_CLIENT can be passed as username.
2021-03-08Disable nick and channel colors with hash bound 0C. McEnroe
2021-02-25Error if hash bound is less than 2C. McEnroe
Bad things happen otherwise.
2021-01-27Change default timestamp format to %XC. McEnroe
This respects the user's locale settings.
2021-01-27Add toggleable display of timestampsC. McEnroe
2021-01-23Drop filesystem access iff possibleKlemens Nanni
Log files and state save/restore both require read/write access to the filesystem, both during start and exit. If neither features are used, catgirl may run with "stdio tty".
2021-01-23Drop exec capability iff restrictedKlemens Nanni
Nothing must be executed when running /copy, et al.
2021-01-23Drop network capability after ircConnect()Klemens Nanni
catgirl has no reconnect feature and generally must not do anything but read/write from/to the connected socket which does not require "inet" or "dns" promises.
2021-01-23Call pledge(2) after unveil(2)Klemens Nanni
Simplify logic, be more idiomatic and finalize by pledging after all unveiling is done by omitting the "unveil" promise and thereby not allowing further calls to it.
2021-01-23Separate kiosk mode from restrict modeC. McEnroe
Restrict mode will focus on sandboxing, while kiosk will continue to restrict IRC access through a public kiosk. Kiosk mode without restrict mode allows execution of man 1 catgirl with /help, assuming external sandboxing. The /list and /part commands are also added to the list of disabled commands in kiosk mode, since they are pointless without access to /join.
2021-01-16Add -I highlight option and /highlightC. McEnroe
2021-01-16Rename ignore code to filterC. McEnroe
2021-01-10Sandbox with unveil(2) on OpenBSD in restricted modeC. McEnroe
I wrote all this in vi and it was nice.
2021-01-10Print chain to stdout with -oC. McEnroe
2021-01-10Exit immediately when using -oC. McEnroe
2021-01-09Add -o and -t options to trust self-signed certificatesC. McEnroe
2021-01-09Allow configuring the upper bound of the hash functionC. McEnroe
This allows limiting the nick colors used to the 16-color terminal set without modifying the TERM environment variable. Produces different results from just using the default configuration in a 16-color terminal, but what can you do?
2021-01-06Sandbox with pledge(2) on OpenBSDC. McEnroe
2020-11-24Split /exec lines by \r as well as \nC. McEnroe
This fixes local rendering of /exec toilet --irc, which outputs \r\n line endings.
2020-10-12Avoid eating C-c while connectingC. McEnroe
Split UI initialization into two steps either side of the call to connect, so that C-c works as interrupt while it's blocked.
2020-08-20Use configPath to load TLS cert/privC. McEnroe
2020-08-04Say "OpenSSL" in additional permission noticesC. McEnroe
LibreSSL is "a modified version of that library".
2020-06-24Bump ParamCap to 254C. McEnroe
Apparently IRCds have decided that the 15-parameter limit doesn't matter anymore. 254 is the maximum number of single-byte parameters (following a single-byte command) which fit in a 512-byte CR-LF-terminated line. When everyone decides that the 512-byte line length limit doesn't matter either, I will delete my software and people can use some JavaScript garbage instead. This makes struct Message 2080 bytes, but there's only ever one or two of them around at once. Avoid passing it by value to handle.
2020-06-08Add additional permission for linking with LibreSSLC. McEnroe
https://www.gnu.org/licenses/gpl-faq.en.html#GPLIncompatibleLibs
2020-05-18Revert "Send blank line after 10 minutes idle"C. McEnroe
This reverts commit 1d5c4a5e346f0a295818441eb37697be283130ec. This is fixed instead by pounce using TCP keepalive.
2020-04-02Use a for loop for getoptC. McEnroe
2020-04-02Generate short option string with a loopC. McEnroe
Also change the way option structs are initialized so that the array sorts the same way as the switch statement.
2020-03-31Add /ignore message filtering patternsC. McEnroe
2020-03-30Replace some declaration; while loops with for loopsC. McEnroe
I should have been using this for getopt loops already but the call here is slightly too long to fit on one line as a for loop.
2020-03-30Add text macrosC. McEnroe
2020-03-25Add logging functionsC. McEnroe
The mkdir dance is a bit awkward...
2020-03-23Assume worst case for unknown user and host in splitMessageC. McEnroe
The default USERLEN of 9 doesn't have a great source, the RFC only says that nicks are length 9, so my assumption is that usernames are not longer.
2020-03-17Send blank line after 10 minutes idleC. McEnroe
Without this, I was having catgirl "time out" from pounce's POV, but without catgirl noticing anything... I still don't understand this. Been using this fix for a couple weeks though and it stopped happening, and it's otherwise harmless, but yikes.
2020-02-16Various small cleanupsC. McEnroe
Haven't really gone through ui.c yet.
2020-02-15Set defaults for various types of modesC. McEnroe
These are actually from RFC 1459, since that seems to be the more likely lowest common denominator, so I should maybe it it to STANDARDS (along with ircdocs' section on ISUPPORT). RFC 2812 has a lot of stuff that isn't currently used.
2020-02-15Replace small integers in size_t with uintC. McEnroe
2020-02-15Separate network info from selfC. McEnroe
2020-02-13Add /execC. McEnroe
2020-02-13Rename procPipe to utilPipeC. McEnroe
2020-02-13Add -g for generating certificatesC. McEnroe
Copied from pounce.
2020-02-13Explicitly close the TLS connectionC. McEnroe
Just to be nice.
2020-02-12Add -N flag for notificationsC. McEnroe
2020-02-13Implement source address selectionmultiplexd
This commit adds a '-S' command line option and a "bind" configuration file option to specify the source address to bind to when connecting to the IRC server.