about summary refs log tree commit diff
diff options
context:
space:
mode:
authorJune McEnroe <june@causal.agency>2019-10-26 20:15:29 -0400
committerJune McEnroe <june@causal.agency>2019-10-26 20:15:29 -0400
commit77426b0f3e2700fba2fb1011c5096c9b0a7916c1 (patch)
tree12d84bc14082bab96e855f8aef2c46cb8f4f4923
parentDo not require RPL_ISUPPORT for stateReady (diff)
downloadpounce-77426b0f3e2700fba2fb1011c5096c9b0a7916c1.tar.gz
pounce-77426b0f3e2700fba2fb1011c5096c9b0a7916c1.zip
Add undocumented flag to disable verification
-rw-r--r--bounce.c6
-rw-r--r--bounce.h2
-rw-r--r--server.c7
3 files changed, 11 insertions, 4 deletions
diff --git a/bounce.c b/bounce.c
index 0c2d1d7..703c566 100644
--- a/bounce.c
+++ b/bounce.c
@@ -90,6 +90,7 @@ int main(int argc, char *argv[]) {
 	char certPath[PATH_MAX] = "";
 	char privPath[PATH_MAX] = "";
 
+	bool insecure = false;
 	const char *host = NULL;
 	const char *port = "6697";
 	const char *pass = NULL;
@@ -101,8 +102,9 @@ int main(int argc, char *argv[]) {
 	const char *away = "pounced :3";
 
 	int opt;
-	while (0 < (opt = getopt(argc, argv, "A:C:H:K:NP:W:a:h:j:n:p:r:u:vw:"))) {
+	while (0 < (opt = getopt(argc, argv, "!A:C:H:K:NP:W:a:h:j:n:p:r:u:vw:"))) {
 		switch (opt) {
+			break; case '!': insecure = true;
 			break; case 'A': away = optarg;
 			break; case 'C': strlcpy(certPath, optarg, sizeof(certPath));
 			break; case 'H': localHost = optarg;
@@ -143,7 +145,7 @@ int main(int argc, char *argv[]) {
 	int bind[8];
 	size_t binds = listenBind(bind, 8, localHost, localPort);
 
-	int server = serverConnect(host, port);
+	int server = serverConnect(insecure, host, port);
 	serverLogin(pass, auth, nick, user, real);
 	while (!stateReady()) serverRecv();
 	if (join) serverFormat("JOIN :%s\r\n", join);
diff --git a/bounce.h b/bounce.h
index 26e62df..b0d6d18 100644
--- a/bounce.h
+++ b/bounce.h
@@ -65,7 +65,7 @@ void listenConfig(const char *cert, const char *priv);
 size_t listenBind(int fds[], size_t cap, const char *host, const char *port);
 struct tls *listenAccept(int *fd, int bind);
 
-int serverConnect(const char *host, const char *port);
+int serverConnect(bool insecure, const char *host, const char *port);
 void serverLogin(
 	const char *pass, const char *auth,
 	const char *nick, const char *user, const char *real
diff --git a/server.c b/server.c
index bdeb695..19d5aca 100644
--- a/server.c
+++ b/server.c
@@ -33,13 +33,18 @@ typedef unsigned char byte;
 
 static struct tls *client;
 
-int serverConnect(const char *host, const char *port) {
+int serverConnect(bool insecure, const char *host, const char *port) {
 	int error;
 
 	struct tls_config *config = tls_config_new();
 	error = tls_config_set_ciphers(config, "compat");
 	if (error) errx(EX_SOFTWARE, "tls_config");
 
+	if (insecure) {
+		tls_config_insecure_noverifycert(config);
+		tls_config_insecure_noverifyname(config);
+	}
+
 	client = tls_client();
 	if (!client) errx(EX_SOFTWARE, "tls_client");