about summary refs log tree commit diff
diff options
context:
space:
mode:
authorJune McEnroe <june@causal.agency>2021-09-02 18:08:36 -0400
committerJune McEnroe <june@causal.agency>2021-09-02 18:08:36 -0400
commit715c21e9e471f32106e59025c0e4c1b05a57290f (patch)
tree2074d6f8f1b5961c2750d412d2052f855415ab6b
parentCall serverConfig() with NULLs for -o (diff)
downloadpounce-715c21e9e471f32106e59025c0e4c1b05a57290f.tar.gz
pounce-715c21e9e471f32106e59025c0e4c1b05a57290f.zip
OpenBSD: pledge(2) printCert code path separately
Ported from catgirl.
-rw-r--r--bounce.c18
1 files changed, 11 insertions, 7 deletions
diff --git a/bounce.c b/bounce.c
index ba5ec1d..2fe6589 100644
--- a/bounce.c
+++ b/bounce.c
@@ -341,6 +341,17 @@ int main(int argc, char *argv[]) {
 		errx(EX_CONFIG, "password must be hashed with -x");
 	}
 
+	if (printCert) {
+#ifdef __OpenBSD__
+		error = pledge("stdio inet dns", NULL);
+		if (error) err(EX_OSERR, "pledge");
+#endif
+		serverConfig(true, NULL, NULL, NULL);
+		serverConnect(serverBindHost, host, port);
+		serverPrintCert();
+		return EX_OK;
+	}
+
 #ifdef __OpenBSD__
 	unveilConfig(certPath);
 	unveilConfig(privPath);
@@ -358,13 +369,6 @@ int main(int argc, char *argv[]) {
 	if (error) err(EX_OSERR, "pledge");
 #endif
 
-	if (printCert) {
-		serverConfig(true, NULL, NULL, NULL);
-		serverConnect(serverBindHost, host, port);
-		serverPrintCert();
-		return EX_OK;
-	}
-
 	// Either exit with cleanup or ignore signals until entering the main loop.
 	signal(SIGINT, justExit);
 	signal(SIGTERM, justExit);
tr>2021-01-27Completely rewrite how manuals are fetched and installedJune McEnroe 2020-12-14Update to man-pages-posix 2017-aJune McEnroe 2020-12-14Update to OpenBSD 6.8June McEnroe 2020-12-14Update to NetBSD 9.1June McEnroe 2020-12-14Update to man-pages 5.09June McEnroe 2020-12-14Update to FreeBSD 12.2June McEnroe 2020-06-08Update to OpenBSD 6.7June McEnroe 2020-05-04Add hack for macOS to search extra man sectionsJune McEnroe 2020-05-04Don't clear MANSECTJune McEnroe