diff options
| author | June McEnroe <june@causal.agency> | 2021-09-02 18:08:36 -0400 |
|---|---|---|
| committer | June McEnroe <june@causal.agency> | 2021-09-02 18:08:36 -0400 |
| commit | 715c21e9e471f32106e59025c0e4c1b05a57290f (patch) | |
| tree | 2074d6f8f1b5961c2750d412d2052f855415ab6b | |
| parent | Call serverConfig() with NULLs for -o (diff) | |
| download | pounce-715c21e9e471f32106e59025c0e4c1b05a57290f.tar.gz pounce-715c21e9e471f32106e59025c0e4c1b05a57290f.zip | |
OpenBSD: pledge(2) printCert code path separately
Ported from catgirl.
| -rw-r--r-- | bounce.c | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/bounce.c b/bounce.c index ba5ec1d..2fe6589 100644 --- a/bounce.c +++ b/bounce.c @@ -341,6 +341,17 @@ int main(int argc, char *argv[]) { errx(EX_CONFIG, "password must be hashed with -x"); } + if (printCert) { +#ifdef __OpenBSD__ + error = pledge("stdio inet dns", NULL); + if (error) err(EX_OSERR, "pledge"); +#endif + serverConfig(true, NULL, NULL, NULL); + serverConnect(serverBindHost, host, port); + serverPrintCert(); + return EX_OK; + } + #ifdef __OpenBSD__ unveilConfig(certPath); unveilConfig(privPath); @@ -358,13 +369,6 @@ int main(int argc, char *argv[]) { if (error) err(EX_OSERR, "pledge"); #endif - if (printCert) { - serverConfig(true, NULL, NULL, NULL); - serverConnect(serverBindHost, host, port); - serverPrintCert(); - return EX_OK; - } - // Either exit with cleanup or ignore signals until entering the main loop. signal(SIGINT, justExit); signal(SIGTERM, justExit); |