summary refs log tree commit diff
diff options
context:
space:
mode:
authorKlemens Nanni <klemens@posteo.de>2021-06-29 15:34:03 +0200
committerJune McEnroe <june@causal.agency>2021-07-13 15:21:57 -0400
commitae332f6e8d26487ba4556283dcde2bf96da76467 (patch)
treebff82b817567a824ca3e644abed9b3c36388ffe6
parentExplicitly clear TLS secrets afer handshake (diff)
downloadcatgirl-ae332f6e8d26487ba4556283dcde2bf96da76467.tar.gz
catgirl-ae332f6e8d26487ba4556283dcde2bf96da76467.zip
Perform TLS handshake after final pledge
ircConnect() yields a connected TCP socket after which "inet dns" is
no longer needed.

Possibly having loaded private key material, it seems a tad more
comforting to speak TLS *after* dropping any network capabilities
(except for socket read/write to the IRC host, of course).

Instead of moving the final pledge into irc.c:ircConnect() and thus
complicating the code around pledge across two C modules, simply
stub out an mnemonic ircHandshake() and call that explicitly.

This restores behaviour gained with
981ebc4 "Remove explicit tls_handshake(3) from ircConnect" which
was reverted for other reasons.
-rw-r--r--chat.c1
-rw-r--r--chat.h1
-rw-r--r--irc.c8
3 files changed, 8 insertions, 2 deletions
diff --git a/chat.c b/chat.c
index f300315..058950f 100644
--- a/chat.c
+++ b/chat.c
@@ -345,6 +345,7 @@ int main(int argc, char *argv[]) {
 	}
 #endif
 
+	ircHandshake();
 	if (pass) {
 		ircFormat("PASS :");
 		ircSend(pass, strlen(pass));
diff --git a/chat.h b/chat.h
index 9ad298f..c247dd7 100644
--- a/chat.h
+++ b/chat.h
@@ -235,6 +235,7 @@ void ircConfig(
 	bool insecure, const char *trust, const char *cert, const char *priv
 );
 int ircConnect(const char *bind, const char *host, const char *port);
+void ircHandshake(void);
 void ircPrintCert(void);
 void ircRecv(void);
 void ircSend(const char *ptr, size_t len);
diff --git a/irc.c b/irc.c
index c308e46..e1e5bf9 100644
--- a/irc.c
+++ b/irc.c
@@ -104,7 +104,6 @@ void ircConfig(
 
 	error = tls_configure(client, config);
 	if (error) errx(EX_SOFTWARE, "tls_configure: %s", tls_error(client));
-	tls_config_free(config);
 }
 
 int ircConnect(const char *bindHost, const char *host, const char *port) {
@@ -163,17 +162,22 @@ int ircConnect(const char *bindHost, const char *host, const char *port) {
 	error = tls_connect_socket(client, sock, host);
 	if (error) errx(EX_PROTOCOL, "tls_connect: %s", tls_error(client));
 
+	return sock;
+}
+
+void ircHandshake(void) {
+	int error;
 	do {
 		error = tls_handshake(client);
 	} while (error == TLS_WANT_POLLIN || error == TLS_WANT_POLLOUT);
 	if (error) errx(EX_PROTOCOL, "tls_handshake: %s", tls_error(client));
 
 	tls_config_clear_keys(config);
-	return sock;
 }
 
 void ircPrintCert(void) {
 	size_t len;
+	ircHandshake();
 	const byte *pem = tls_peer_cert_chain_pem(client, &len);
 	printf("subject= %s\n", tls_peer_cert_subject(client));
 	fwrite(pem, len, 1, stdout);