summary refs log tree commit diff
path: root/irc.c
diff options
context:
space:
mode:
authorJune McEnroe <june@causal.agency>2021-01-09 19:11:57 -0500
committerJune McEnroe <june@causal.agency>2021-01-09 19:11:57 -0500
commite42b3aa08e3706ecb87ca76254fbab51cccf3390 (patch)
treeab0232c0962f1f7ca6649ff1b0767b5c2f2ee120 /irc.c
parentAllow configuring the upper bound of the hash function (diff)
downloadcatgirl-e42b3aa08e3706ecb87ca76254fbab51cccf3390.tar.gz
catgirl-e42b3aa08e3706ecb87ca76254fbab51cccf3390.zip
Add -o and -t options to trust self-signed certificates
Diffstat (limited to 'irc.c')
-rw-r--r--irc.c29


1 files changed, 28 insertions, 1 deletions
diff --git a/irc.c b/irc.c
index 5acc69f..cbe1808 100644
--- a/irc.c
+++ b/irc.c
@@ -43,7 +43,9 @@
 
 struct tls *client;
 
-void ircConfig(bool insecure, const char *cert, const char *priv) {
+void ircConfig(
+	bool insecure, const char *trust, const char *cert, const char *priv
+) {
 	struct tls_config *config = tls_config_new();
 	if (!config) errx(EX_SOFTWARE, "tls_config_new");
 
@@ -59,6 +61,15 @@ void ircConfig(bool insecure, const char *cert, const char *priv) {
 		tls_config_insecure_noverifycert(config);
 		tls_config_insecure_noverifyname(config);
 	}
+	if (trust) {
+		tls_config_insecure_noverifyname(config);
+		const char *dirs = NULL;
+		for (const char *path; NULL != (path = configPath(&dirs, trust));) {
+			error = tls_config_set_ca_file(config, path);
+			if (!error) break;
+		}
+		if (error) errx(EX_NOINPUT, "%s: %s", trust, tls_config_error(config));
+	}
 
 	if (cert) {
 		const char *dirs = NULL;
@@ -149,6 +160,22 @@ int ircConnect(const char *bindHost, const char *host, const char *port) {
 	return sock;
 }
 
+void ircWriteChain(const char *path) {
+	FILE *file = fopen(path, "w");
+	if (!file) err(EX_CANTCREAT, "%s", path);
+
+	int n = fprintf(file, "subject= %s\n", tls_peer_cert_subject(client));
+	if (n < 0) err(EX_IOERR, "%s", path);
+
+	size_t len;
+	const byte *pem = tls_peer_cert_chain_pem(client, &len);
+	len = fwrite(pem, len, 1, file);
+	if (!len) err(EX_IOERR, "%s", path);
+
+	int error = fclose(file);
+	if (error) err(EX_IOERR, "%s", path);
+}
+
 enum { MessageCap = 8191 + 512 };
 
 static void debug(const char *pre, const char *line) {

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-24 11:01:52 +0000


 


hJune McEnroe


2020-10-27Use SendEnv for cd host:pathJune McEnroe

Works properly for weird paths, etc.



2020-10-27Allow cd host:path over sshJune McEnroe

Requires AcceptEnv SSH_CD in the remote sshd_config.



2020-10-07Use mandoc -T utf8 for text.June McEnroe

Don't depend on LANG being set.



2020-09-20Add The Awakened KingdomJune McEnroe

A cute extra novella. Finally finished this series.



2020-09-12Move /opt/local back, cheat port select to use system manJune McEnroe

This is not really how you're supposed to use the select system, I don't
think, since the mandoc package actually creates those files, but it
does work. This lets me actually use the git installed by MacPorts.



2020-09-12Move /opt/local behind /usr againJune McEnroe

The reason I did this with pkgsrc was because I actually don't want the
man(1) from mandoc, since it won't follow MANSECT. Same applies to
MacPorts. I wish I could disable its man(1) with a variant or whatever.



2020-09-12Enable toc in cgit renderings of man pagesJune McEnroe

But keep it disabled for READMEs since they always use non-standard
sections and the TOC is just distracting there, I think.

Also add the style so its h1 is the same size as the ones inside
sections...



2020-09-11Install mandoc on macOSJune McEnroe


2020-09-11Rewrite install script yet againJune McEnroe


2020-09-11Remove NetBSD from install scriptJune McEnroe

I never use it.



2020-09-11Use MacPorts rather than pkgsrcJune McEnroe

My system is probably such a mess now...



2020-09-11Add debian VM name to sshJune McEnroe


2020-09-11Add influencer tweetJune McEnroe


2020-09-10Add The Kingdom of GodsJune McEnroe

Reading has really slowed down :(



2020-09-07Add SunglassesJune McEnroe

An IRC find.



2020-09-06Add Between the BreathsJune McEnroe

One of those good songs from a soundtrack of a film that probably isn't?
The summary sounds a lot more interesting than the title implies, at
least.



2020-09-04Open /dev/tty in nudgeJune McEnroe

This makes it work even when it's run connected to a pipe, i.e. as the
notify command of catgirl...



2020-09-04Add nudgeJune McEnroe


2020-09-03Build fbclock with -lzJune McEnroe

I guess this got lost somewhere, long ago...



2020-08-29Add tweets from retweetsJune McEnroe