Nothing but the TLS handshake is required, so skip all other setup.
On OpenBSD, unveil() handling needs fixing which will involve code
reshuffling -- this is the first related but standalone step.
Also pledge this one-off code path individually such with simpler and
tighter promises while here.
---
chat.c | 19 +++++++++++++------
1 file changed, 13 insertions(+), 6 deletions(-)
diff --git a/chat.c b/chat.c
index b3990f3..b62840f 100644
--- a/chat.c
+++ b/chat.c
@@ -266,6 +266,19 @@ int main(int argc, char *argv[]) {
}
if (!host) errx(EX_USAGE, "host required");
+ if (printCert) {
+#ifdef __OpenBSD__
+ unveilAll(trust, cert, priv);
+ int error = pledge("stdio rpath inet dns", NULL);
+ if (error) err(EX_OSERR, "pledge");
+#endif
+ ircConfig(insecure, trust, cert, priv);
+ ircConnect(bind, host, port);
+ ircPrintCert();
+ ircClose();
+ return EX_OK;
+ }
+
if (!nick) nick = getenv("USER");
if (!nick) errx(EX_CONFIG, "USER unset");
if (!user) user = nick;
@@ -300,12 +313,6 @@ int main(int argc, char *argv[]) {
#endif
ircConfig(insecure, trust, cert, priv);
- if (printCert) {
- ircConnect(bind, host, port);
- ircPrintCert();
- ircClose();
- return EX_OK;
- }
uiInitEarly();
if (save) {
--
2.32.0
3 replies
initscr(3) in uiInitEarly() attempts more than /usr/share/terminfo/, see
`mandoc -O tag=TERMINFO ncurses`.
Even though non-default terminfo handling seems rare and it is unlikely
to have ever caused a problem for catgirl users on OpenBSD, the current
is still wrong by oversimplifying it.
Avoid the entire curses/unveil clash by setting up the screen before
unveiling.
---
chat.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/chat.c b/chat.c
index b62840f..19ca3d3 100644
--- a/chat.c
+++ b/chat.c
@@ -157,7 +157,6 @@ static void unveilAll(const char *trust, const char *cert, const char *priv) {
const char *path;
const char *perm;
} paths[] = {
- { "/usr/share/terminfo", "r" },
{ tls_default_ca_cert_file(), "r" },
};
for (size_t i = 0; i < ARRAY_LEN(paths); ++i) {
@@ -306,15 +305,16 @@ int main(int argc, char *argv[]) {
editCompleteAdd();
commandCompleteAdd();
+ ircConfig(insecure, trust, cert, priv);
+
+ uiInitEarly();
+
#ifdef __OpenBSD__
if (self.restricted) unveilAll(trust, cert, priv);
int error = pledge("stdio rpath wpath cpath inet dns tty proc exec", NULL);
if (error) err(EX_OSERR, "pledge");
#endif
- ircConfig(insecure, trust, cert, priv);
-
- uiInitEarly();
if (save) {
uiLoad(save);
atexit(exitSave);
--
2.32.0
If we move ircConfig() before unveil as well, then I don't think
we need to unveil the trust/cert/priv paths, possibly not
tls_default_ca_cert_file() either? That would leave save/log as the
only paths to unveil.
On Tue, Jun 08, 2021 at 09:04:23AM -0400, june wrote:
> If we move ircConfig() before unveil as well, then I don't think
> we need to unveil the trust/cert/priv paths, possibly not
> tls_default_ca_cert_file() either? That would leave save/log as the
> only paths to unveil.
tls_connect(3) reads tls_default_ca_cert_file(3), so no.
But there might be a way to load certificates earlier and do that;
it is on my todo list, but that would be yet another commit anyway.