about summary refs log tree commit diff
path: root/extra/notify
diff options
context:
space:
mode:
authorOmar Polo <op@omarpolo.com>2021-11-28 09:15:34 +0000
committerJune McEnroe <june@causal.agency>2021-11-28 13:58:52 -0500
commitd5a9dfe51215403169825ebc01b916deefc58917 (patch)
treeee5c6396b5d90a95183e4d60ed195fe5e40e65f4 /extra/notify
parentRemove CAVEATS section (diff)
downloadpounce-d5a9dfe51215403169825ebc01b916deefc58917.tar.gz
pounce-d5a9dfe51215403169825ebc01b916deefc58917.zip
notify, palaver: Add -t to trust self-signed certificates
Diffstat (limited to '')
-rw-r--r--extra/notify/notify.c9
-rw-r--r--extra/notify/pounce-notify.18
2 files changed, 15 insertions, 2 deletions
diff --git a/extra/notify/notify.c b/extra/notify/notify.c
index 7257f4b..935ba26 100644
--- a/extra/notify/notify.c
+++ b/extra/notify/notify.c
@@ -258,14 +258,16 @@ int main(int argc, char *argv[]) {
 	const char *host = NULL;
 	const char *port = "6697";
 	const char *pass = NULL;
+	const char *trust = NULL;
 	const char *user = "pounce-notify";
 
-	for (int opt; 0 < (opt = getopt(argc, argv, "!c:k:p:u:vw:"));) {
+	for (int opt; 0 < (opt = getopt(argc, argv, "!c:k:p:t:u:vw:"));) {
 		switch (opt) {
 			break; case '!': insecure = true;
 			break; case 'c': cert = optarg;
 			break; case 'k': priv = optarg;
 			break; case 'p': port = optarg;
+			break; case 't': trust = optarg;
 			break; case 'u': user = optarg;
 			break; case 'v': verbose = true;
 			break; case 'w': pass = optarg;
@@ -292,6 +294,11 @@ int main(int argc, char *argv[]) {
 	}
 
 	int error;
+	if (trust) {
+		tls_config_insecure_noverifyname(config);
+		error = tls_config_set_ca_file(config, trust);
+		if (error) errx(EX_NOINPUT, "%s: %s", trust, tls_config_error(config));
+	}
 	if (cert) {
 		error = tls_config_set_keypair_file(config, cert, (priv ? priv : cert));
 		if (error) {
diff --git a/extra/notify/pounce-notify.1 b/extra/notify/pounce-notify.1
index 60320c6..628bc25 100644
--- a/extra/notify/pounce-notify.1
+++ b/extra/notify/pounce-notify.1
@@ -1,4 +1,4 @@
-.Dd May  4, 2021
+.Dd November 28, 2021
 .Dt POUNCE-NOTIFY 1
 .Os
 .
@@ -12,6 +12,7 @@
 .Op Fl c Ar cert
 .Op Fl k Ar priv
 .Op Fl p Ar port
+.Op Fl t Ar trust
 .Op Fl u Ar user
 .Op Fl w Ar pass
 .Ar host
@@ -51,6 +52,11 @@ Load the TLS client private key from
 Connect to
 .Ar port .
 The default port is 6697.
+.It Fl t Ar path
+Trust the self-signed certificate loaded
+from
+.Ar path
+and disable server name verification.
 .It Fl u Ar user
 Set the username to
 .Ar user .