From a989e156a14462a1bb6c78f6ead115ddd04fed8f Mon Sep 17 00:00:00 2001 From: Klemens Nanni Date: Mon, 7 Jun 2021 23:40:39 +0000 Subject: OpenBSD: hoist -o/printCert code to simplify Nothing but the TLS handshake is required, so skip all other setup. On OpenBSD, unveil() handling needs fixing which will involve code reshuffling -- this is the first related but standalone step. Also pledge this one-off code path individually such with simpler and tighter promises while here. --- chat.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/chat.c b/chat.c index b3990f3..b62840f 100644 --- a/chat.c +++ b/chat.c @@ -266,6 +266,19 @@ int main(int argc, char *argv[]) { } if (!host) errx(EX_USAGE, "host required"); + if (printCert) { +#ifdef __OpenBSD__ + unveilAll(trust, cert, priv); + int error = pledge("stdio rpath inet dns", NULL); + if (error) err(EX_OSERR, "pledge"); +#endif + ircConfig(insecure, trust, cert, priv); + ircConnect(bind, host, port); + ircPrintCert(); + ircClose(); + return EX_OK; + } + if (!nick) nick = getenv("USER"); if (!nick) errx(EX_CONFIG, "USER unset"); if (!user) user = nick; @@ -300,12 +313,6 @@ int main(int argc, char *argv[]) { #endif ircConfig(insecure, trust, cert, priv); - if (printCert) { - ircConnect(bind, host, port); - ircPrintCert(); - ircClose(); - return EX_OK; - } uiInitEarly(); if (save) { -- cgit 1.4.1-2-gfad0