diff options
author | Omar Polo <op@omarpolo.com> | 2021-11-28 09:15:34 +0000 |
---|---|---|
committer | June McEnroe <june@causal.agency> | 2021-11-28 13:58:52 -0500 |
commit | d5a9dfe51215403169825ebc01b916deefc58917 (patch) | |
tree | ee5c6396b5d90a95183e4d60ed195fe5e40e65f4 | |
parent | Remove CAVEATS section (diff) | |
download | pounce-d5a9dfe51215403169825ebc01b916deefc58917.tar.gz pounce-d5a9dfe51215403169825ebc01b916deefc58917.zip |
notify, palaver: Add -t to trust self-signed certificates
Diffstat (limited to '')
-rw-r--r-- | extra/notify/notify.c | 9 | ||||
-rw-r--r-- | extra/notify/pounce-notify.1 | 8 | ||||
-rw-r--r-- | extra/palaver/notify.c | 9 | ||||
-rw-r--r-- | extra/palaver/pounce-palaver.1 | 7 |
4 files changed, 29 insertions, 4 deletions
diff --git a/extra/notify/notify.c b/extra/notify/notify.c index 7257f4b..935ba26 100644 --- a/extra/notify/notify.c +++ b/extra/notify/notify.c @@ -258,14 +258,16 @@ int main(int argc, char *argv[]) { const char *host = NULL; const char *port = "6697"; const char *pass = NULL; + const char *trust = NULL; const char *user = "pounce-notify"; - for (int opt; 0 < (opt = getopt(argc, argv, "!c:k:p:u:vw:"));) { + for (int opt; 0 < (opt = getopt(argc, argv, "!c:k:p:t:u:vw:"));) { switch (opt) { break; case '!': insecure = true; break; case 'c': cert = optarg; break; case 'k': priv = optarg; break; case 'p': port = optarg; + break; case 't': trust = optarg; break; case 'u': user = optarg; break; case 'v': verbose = true; break; case 'w': pass = optarg; @@ -292,6 +294,11 @@ int main(int argc, char *argv[]) { } int error; + if (trust) { + tls_config_insecure_noverifyname(config); + error = tls_config_set_ca_file(config, trust); + if (error) errx(EX_NOINPUT, "%s: %s", trust, tls_config_error(config)); + } if (cert) { error = tls_config_set_keypair_file(config, cert, (priv ? priv : cert)); if (error) { diff --git a/extra/notify/pounce-notify.1 b/extra/notify/pounce-notify.1 index 60320c6..628bc25 100644 --- a/extra/notify/pounce-notify.1 +++ b/extra/notify/pounce-notify.1 @@ -1,4 +1,4 @@ -.Dd May 4, 2021 +.Dd November 28, 2021 .Dt POUNCE-NOTIFY 1 .Os . @@ -12,6 +12,7 @@ .Op Fl c Ar cert .Op Fl k Ar priv .Op Fl p Ar port +.Op Fl t Ar trust .Op Fl u Ar user .Op Fl w Ar pass .Ar host @@ -51,6 +52,11 @@ Load the TLS client private key from Connect to .Ar port . The default port is 6697. +.It Fl t Ar path +Trust the self-signed certificate loaded +from +.Ar path +and disable server name verification. .It Fl u Ar user Set the username to .Ar user . diff --git a/extra/palaver/notify.c b/extra/palaver/notify.c index c6a745c..36e4ae1 100644 --- a/extra/palaver/notify.c +++ b/extra/palaver/notify.c @@ -693,9 +693,10 @@ int main(int argc, char *argv[]) { const char *host = NULL; const char *port = "6697"; const char *pass = NULL; + const char *trust = NULL; const char *user = "pounce-palaver"; - for (int opt; 0 < (opt = getopt(argc, argv, "!NPc:d:k:p:su:vw:"));) { + for (int opt; 0 < (opt = getopt(argc, argv, "!NPc:d:k:p:st:u:vw:"));) { switch (opt) { break; case '!': insecure = true; break; case 'N': noPreview = true; @@ -705,6 +706,7 @@ int main(int argc, char *argv[]) { break; case 'k': priv = optarg; break; case 'p': port = optarg; break; case 's': sensitive = true; + break; case 't': trust = optarg; break; case 'u': user = optarg; break; case 'v': verbose = true; break; case 'w': pass = optarg; @@ -757,6 +759,11 @@ int main(int argc, char *argv[]) { } int error; + if (trust) { + tls_config_insecure_noverifyname(config); + error = tls_config_set_ca_file(config, trust); + if (error) errx(EX_NOINPUT, "%s: %s", trust, tls_config_error(config)); + } if (cert) { error = tls_config_set_keypair_file(config, cert, (priv ? priv : cert)); if (error) { diff --git a/extra/palaver/pounce-palaver.1 b/extra/palaver/pounce-palaver.1 index 59daefa..da3937a 100644 --- a/extra/palaver/pounce-palaver.1 +++ b/extra/palaver/pounce-palaver.1 @@ -1,4 +1,4 @@ -.Dd April 30, 2021 +.Dd November 28, 2021 .Dt POUNCE-PALAVER 1 .Os . @@ -13,6 +13,7 @@ .Op Fl d Ar path .Op Fl k Ar priv .Op Fl p Ar port +.Op Fl t Ar trust .Op Fl u Ar user .Op Fl w Ar pass .Ar host @@ -59,6 +60,10 @@ The default port is 6697. .It Fl s Match nick and keywords case-sensitively, despite the specification. +.It Fl t Ar path +Trust the self-signed certificate loaded from +.Ar path +and disable server name verification. .It Fl u Ar user Set the username to .Ar user . |