tls_connect_socket(3) in ircConnect() does that by default already
unless tls_config_set_ca_file(3) was used.
Loading CA certificates before connecting makes no practical difference
except on OpenBSD where this allows for tighter unveil und pledge setups
now that all required (TLS related) file I/O is finished by the time
ircConnect() gets to do network I/O.
In case of the hidden `-!' insecure flag which is implied by `-o' to
print server certificates and exit, loading root certificates is not
required at all; likewise, using explicit self signed server
certificates will not involve certificate authorities either, hence load
them only if needed.
Apparently IRCds have decided that the 15-parameter limit doesn't matter
anymore. 254 is the maximum number of single-byte parameters (following
a single-byte command) which fit in a 512-byte CR-LF-terminated line.
When everyone decides that the 512-byte line length limit doesn't matter
either, I will delete my software and people can use some JavaScript
garbage instead.
This makes struct Message 2080 bytes, but there's only ever one or two
of them around at once. Avoid passing it by value to handle.
Previously, the remote host to which catgirl(1) is connecting was used
in error reporting instead of the local bind address if the latter could
not be resolved.
This commit adds a '-S' command line option and a "bind"
configuration file option to specify the source address to bind to when
connecting to the IRC server.
C. McEnroe
Klemens Nanni
multiplexd