diff options
| author | Klemens Nanni <klemens@posteo.de> | 2021-06-29 15:34:03 +0200 | 
|---|---|---|
| committer | June McEnroe <june@causal.agency> | 2021-07-13 15:21:57 -0400 | 
| commit | ae332f6e8d26487ba4556283dcde2bf96da76467 (patch) | |
| tree | bff82b817567a824ca3e644abed9b3c36388ffe6 /scripts | |
| parent | Explicitly clear TLS secrets afer handshake (diff) | |
| download | catgirl-ae332f6e8d26487ba4556283dcde2bf96da76467.tar.gz catgirl-ae332f6e8d26487ba4556283dcde2bf96da76467.zip | |
Perform TLS handshake after final pledge
ircConnect() yields a connected TCP socket after which "inet dns" is no longer needed. Possibly having loaded private key material, it seems a tad more comforting to speak TLS *after* dropping any network capabilities (except for socket read/write to the IRC host, of course). Instead of moving the final pledge into irc.c:ircConnect() and thus complicating the code around pledge across two C modules, simply stub out an mnemonic ircHandshake() and call that explicitly. This restores behaviour gained with 981ebc4 "Remove explicit tls_handshake(3) from ircConnect" which was reverted for other reasons.
Diffstat (limited to 'scripts')
0 files changed, 0 insertions, 0 deletions