summary refs log tree commit diff
diff options
context:
space:
mode:
authorJune McEnroe <june@causal.agency>2021-10-05 21:57:56 -0400
committerJune McEnroe <june@causal.agency>2021-10-05 21:57:56 -0400
commit6d798d72e0a2d269e92e8769839faee909b04052 (patch)
tree21650ca7587f48e03ce72b4cab94b2bbe42e9906
parentRemove TCP keepalive settings (diff)
downloadpounce-6d798d72e0a2d269e92e8769839faee909b04052.tar.gz
pounce-6d798d72e0a2d269e92e8769839faee909b04052.zip
Remove certbot default paths
-rw-r--r--bounce.c10
-rw-r--r--bounce.h4
-rwxr-xr-xconfigure1
-rw-r--r--pounce.157
4 files changed, 11 insertions, 61 deletions
diff --git a/bounce.c b/bounce.c
index ae75dc6..2e52428 100644
--- a/bounce.c
+++ b/bounce.c
@@ -309,16 +309,10 @@ int main(int argc, char *argv[]) {
 		}
 	}
 	if (!certPath[0]) {
-		snprintf(
-			certPath, sizeof(certPath), CERTBOT_PATH "/live/%s/fullchain.pem",
-			bindHost
-		);
+		snprintf(certPath, sizeof(certPath), "%s.pem", bindHost);
 	}
 	if (!privPath[0]) {
-		snprintf(
-			privPath, sizeof(privPath), CERTBOT_PATH "/live/%s/privkey.pem",
-			bindHost
-		);
+		snprintf(privPath, sizeof(privPath), "%s.key", bindHost);
 	}
 
 	if (!host) errx(EX_USAGE, "host required");
diff --git a/bounce.h b/bounce.h
index 4ee1c7f..4318410 100644
--- a/bounce.h
+++ b/bounce.h
@@ -34,10 +34,6 @@
 #include <sys/time.h>
 #include <tls.h>
 
-#ifndef CERTBOT_PATH
-#define CERTBOT_PATH "/etc/letsencrypt"
-#endif
-
 #ifndef OPENSSL_BIN
 #define OPENSSL_BIN "openssl"
 #endif
diff --git a/configure b/configure
index db341e2..1d94084 100755
--- a/configure
+++ b/configure
@@ -35,7 +35,6 @@ case "$(uname)" in
 	(FreeBSD)
 		config libtls
 		defstr OPENSSL_BIN /usr/bin/openssl
-		defstr CERTBOT_PATH /usr/local/etc/letsencrypt
 		;;
 	(OpenBSD)
 		ldadd crypt ''
diff --git a/pounce.1 b/pounce.1
index e92bc98..2bbd8bf 100644
--- a/pounce.1
+++ b/pounce.1
@@ -1,4 +1,4 @@
-.Dd October  2, 2021
+.Dd October  5, 2021
 .Dt POUNCE 1
 .Os
 .
@@ -87,20 +87,6 @@ to be dispatched from the same port by
 .Xr calico 1 .
 .
 .Pp
-TLS certificates can be automatically loaded from
-.Pa /etc/letsencrypt
-(or equivalent)
-based on the local host set by
-.Fl H .
-These certificates can be obtained using
-.Xr certbot 8 .
-Certificates obtained through other methods
-must be loaded with
-.Fl C
-and
-.Fl K .
-.
-.Pp
 Options can be loaded from
 files listed on the command line.
 Files are searched for in
@@ -147,11 +133,11 @@ with a server password.
 .It Fl C Ar path | Cm local-cert No = Ar path
 Load TLS certificate from
 .Ar path .
-The default path is the
-.Xr certbot 8
-path for the
+The default path is
+.Ar host Ns .pem ,
+where
 .Ar host
-set by
+is set by
 .Fl H .
 .
 .It Fl H Ar host | Cm local-host No = Ar host
@@ -162,11 +148,11 @@ The default host is localhost.
 .It Fl K Ar path | Cm local-priv No = Ar path
 Load TLS private key from
 .Ar path .
-The default path is the
-.Xr certbot 8
-path for the
+The default path is
+.Ar host Ns .key ,
+where
 .Ar host
-set by
+is set by
 .Fl H .
 .
 .It Fl L | Cm palaver
@@ -641,31 +627,6 @@ New save files are created in
 The most likely location of save files.
 .El
 .
-.Sh EXAMPLES
-Obtain a certificate
-and make its private key available to
-.Nm :
-.Bd -literal -offset indent
-sudo certbot certonly -d irc.example.org
-sudo chown :$USER /etc/letsencrypt/live/irc.example.org/privkey.pem
-sudo chmod g+r /etc/letsencrypt/live/irc.example.org/privkey.pem
-.Ed
-.
-.Pp
-Start
-.Nm :
-.Bd -literal -offset indent
-pounce -H irc.example.org -h irc.tilde.chat -j '#ascii.town'
-.Ed
-.
-.Pp
-Equivalent configuration file:
-.Bd -literal -offset indent
-local-host = irc.example.org
-host = irc.tilde.chat
-join = #ascii.town
-.Ed
-.
 .Sh DIAGNOSTICS
 Upon receiving the
 .Dv SIGINFO