Advertise STS policy

Duration is set to INT_MAX since pounce will never accept cleartext
connections.

5 files changed, 28 insertions, 5 deletions

diff --git a/bounce.c b/bounce.c
index 19e2dd4..efcc59d 100644
--- a/bounce.c
+++ b/bounce.c
@@ -272,7 +272,7 @@ int main(int argc, char *argv[]) {
 	const char *join = NULL;
 	const char *quit = "connection reset by purr";
 
-	const char *Opts = "!A:C:H:K:NP:S:U:W:a:c:ef:g:h:j:k:n:p:q:r:s:u:vw:xy:";
+	const char *Opts = "!A:C:H:K:NP:S:TU:W:a:c:ef:g:h:j:k:n:p:q:r:s:u:vw:xy:";
 	const struct option LongOpts[] = {
 		{ "insecure", no_argument, NULL, '!' },
 		{ "local-ca", required_argument, NULL, 'A' },
@@ -282,6 +282,7 @@ int main(int argc, char *argv[]) {
 		{ "no-names", no_argument, NULL, 'N' },
 		{ "local-port", required_argument, NULL, 'P' },
 		{ "bind", required_argument, NULL, 'S' },
+		{ "no-sts", no_argument, NULL, 'T' },
 		{ "local-path", required_argument, NULL, 'U' },
 		{ "local-pass", required_argument, NULL, 'W' },
 		{ "sasl-plain", required_argument, NULL, 'a' },
@@ -324,6 +325,7 @@ int main(int argc, char *argv[]) {
 			break; case 'N': stateNoNames = true;
 			break; case 'P': bindPort = optarg;
 			break; case 'S': serverBindHost = optarg;
+			break; case 'T': clientSTS = false;
 			break; case 'U': strlcpy(bindPath, optarg, sizeof(bindPath));
 			break; case 'W': clientPass = optarg;
 			break; case 'a': sasl = true; plain = optarg;
diff --git a/bounce.h b/bounce.h
index f8ab0c0..ffbd24b 100644
--- a/bounce.h
+++ b/bounce.h
@@ -81,6 +81,7 @@ static inline struct Message parse(char *line) {
 	X("sasl", CapSASL) \
 	X("server-time", CapServerTime) \
 	X("setname", CapSetname) \
+	X("sts", CapSTS) \
 	X("userhost-in-names", CapUserhostInNames) \
 	X("", CapUnsupported)
 
@@ -166,6 +167,7 @@ void serverFormat(const char *format, ...)
 	__attribute__((format(printf, 1, 2)));
 
 extern bool clientCA;
+extern bool clientSTS;
 extern char *clientPass;
 extern char *clientAway;
 struct Client *clientAlloc(struct tls *tls);
diff --git a/client.c b/client.c
index 66d07d0..25707a8 100644
--- a/client.c
+++ b/client.c
@@ -31,6 +31,7 @@
 #include "bounce.h"
 
 bool clientCA;
+bool clientSTS = true;
 char *clientPass;
 char *clientAway;
 
@@ -168,8 +169,13 @@ static void handleCap(struct Client *client, struct Message *msg) {
 	if (!msg->params[0]) msg->params[0] = "";
 
 	enum Cap avail = (stateCaps & ~CapSASL)
-		| CapServerTime | CapConsumer | CapPassive | (clientCA ? CapSASL : 0);
-	const char *values[CapBits] = { [CapSASLBit] = "EXTERNAL" };
+		| CapServerTime | CapConsumer | CapPassive
+		| (clientCA ? CapSASL : 0)
+		| (clientSTS ? CapSTS : 0);
+	const char *values[CapBits] = {
+		[CapSASLBit] = "EXTERNAL",
+		[CapSTSBit] = "duration=2147483647",
+	};
 
 	if (!strcmp(msg->params[0], "END")) {
 		if (!client->need) return;
diff --git a/pounce.1 b/pounce.1
index 7b3e5bf..b61527a 100644
--- a/pounce.1
+++ b/pounce.1
@@ -8,7 +8,7 @@
 .
 .Sh SYNOPSIS
 .Nm
-.Op Fl Nev
+.Op Fl NTev
 .Op Fl A Ar cert
 .Op Fl C Ar cert
 .Op Fl H Ar host
@@ -127,6 +127,11 @@ Bind to source address
 .Ar host
 when connecting to the server.
 .
+.It Fl T
+Do not advertise a
+strict transport security (STS) policy
+to clients.
+.
 .It Fl U Ar path , Cm local-path = Ar path
 Bind to a UNIX-domain socket at
 .Ar path .
@@ -511,6 +516,14 @@ daemon implements the following:
 .It
 .Rs
 .%A Attila Molnar
+.%A James Wheare
+.%T IRCv3 Strict Transport Security
+.%I IRCv3 Working Group
+.%U https://ircv3.net/specs/extensions/sts
+.Re
+.It
+.Rs
+.%A Attila Molnar
 .%A William Pitcock
 .%T IRCv3.2 SASL Authentication
 .%I IRCv3 Working Group
diff --git a/state.c b/state.c
index d667971..dc69547 100644
--- a/state.c
+++ b/state.c
@@ -80,7 +80,7 @@ static void handleCap(struct Message *msg) {
 	}
 
 	if (!strcmp(msg->params[1], "LS") || !strcmp(msg->params[1], "NEW")) {
-		caps &= ~(CapSASL | CapUnsupported);
+		caps &= ~(CapSASL | CapSTS | CapUnsupported);
 		if (caps) serverFormat("CAP REQ :%s\r\n", capList(caps, NULL));
 
 	} else if (!strcmp(msg->params[1], "ACK")) {