No point in loading a private key without a public one: TLS needs both
and libtls will fail if the public key is missing.
Make this clear for users, catch it early to avoid ugly errors.
---
catgirl.1 | 2 ++
chat.c | 1 +
2 files changed, 3 insertions(+)
diff --git a/catgirl.1 b/catgirl.1
index 24934cf..8079445 100644
--- a/catgirl.1
+++ b/catgirl.1
@@ -283,6 +283,8 @@ The
.Ar path
is searched for in the same manner
as configuration files.
+Requires
+.Fl c .
.
.It Fl l | Cm log
Log chat events to files in paths
diff --git a/chat.c b/chat.c
index b7562f6..1eac024 100644
--- a/chat.c
+++ b/chat.c
@@ -232,6 +232,7 @@ int main(int argc, char *argv[]) {
}
}
if (!host) errx(EX_USAGE, "host required");
+ if (priv && !cert) errx(EX_USAGE, "-k requires -c");
if (printCert) {
ircConfig(insecure, trust, cert, priv);
--
2.32.0
No need to read client certificate/key files when all we want is
the server certificate; no point in trying to load the file we
are trying to get in the first place.
catgirl(1) synopsis also notes how these options are irrelevant
in the -o/printCert case.
---
chat.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/chat.c b/chat.c
index 1eac024..49c5865 100644
--- a/chat.c
+++ b/chat.c
@@ -235,6 +235,7 @@ int main(int argc, char *argv[]) {
if (priv && !cert) errx(EX_USAGE, "-k requires -c");
if (printCert) {
+ trust = cert = priv = NULL; // skip loading unneeded material
ircConfig(insecure, trust, cert, priv);
#ifdef __OpenBSD__
int error = pledge("stdio inet dns", NULL);
--
2.32.0
I had another patch after that but decided to merge it into 2/2...
after sending it, so here is the updated 2/2 - sorry for the noise.
-- >8 --
No point in trying to load a self-signed server certificate which we
are about to get from the server in the first place.
No need to read client certificate/key files when all we want is the
server certificate: in TLS the server always sends its certificate
before the client replies with any key material, i.e. catgirl sending
client data is useless.
catgirl(1) synopsis also notes how these options are irrelevant in the
-o/printCert case.
As a result, ircConfig() no longer requires any filesystem I/O in this
case, so hoist the purely network I/O related pledge() call to enforce
this -- more secure, self-documenting code!
---
chat.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/chat.c b/chat.c
index 1eac024..6515d45 100644
--- a/chat.c
+++ b/chat.c
@@ -235,11 +235,12 @@ int main(int argc, char *argv[]) {
if (priv && !cert) errx(EX_USAGE, "-k requires -c");
if (printCert) {
- ircConfig(insecure, trust, cert, priv);
#ifdef __OpenBSD__
int error = pledge("stdio inet dns", NULL);
if (error) err(EX_OSERR, "pledge");
#endif
+ trust = cert = priv = NULL; // skip loading unneeded material
+ ircConfig(insecure, trust, cert, priv);
ircConnect(bind, host, port);
ircHandshake();
ircPrintCert();
--
2.32.0