Add preliminary support to one to one chats. No XEPs were read in the
preparation of this change:
xmppipe -C example@example.com
TODO
* clean up
* state change is hardcoded
* if (GROUPCHAT) branches
* autodetect MUC
* in chat mode, ctrl-D can cause a loop
libstrophe 0.9.2 supports TLS certificate verification. Tested by:
* valid certificate: verified using strace that xmppipe is reading the
system SSL cert store
* invalid certificate:
sudo chmod 700 /usr/lib/ssl
Verified xmppipe rejected the cert as invalid without the local CA
root.
* valid certificate, invalid domain
Verified a subdomain hosted on the XMPP node but not included in the
TLS certificate is rejected.
Terminate long option list so xmppipe doesn't segfault when passed an
unknown option.
Correct the usage. Revert to using --ouput for the MUC name instead of
--stdout to avoid confusion.
libstrophe 0.9.2 uses OpenSSL to validate TLS certs by checking against
the system cert store.
Allow llseek(2). Probably a better way of handling syscalls is to allow
classes of syscalls based on OpenBSD's pledge.
Add a sandbox enforced before options are parsed and the connection is
established to the XMPP server. This sandbox will allow network
operations.
The post-connect sandbox is unchanged and restricts operations to stdio.
The commit just adds the infrastructure for the pre-connect sandbox.
Use the UID of the xmppipe process instead of the PID in the default
name. This allows many processes running under the same user on a host
to share the same output channel and makes it easier to pre-create the
MUC if the xmppipe XMPP user does not have MUC creation privs.