From c267b8f98731ca384e6834ed7e11c6a0c3e19fbc Mon Sep 17 00:00:00 2001
From: "C. McEnroe" <june@causal.agency>
Date: Mon, 11 Jan 2021 19:38:14 -0500
Subject: Add -o and -t options to trust self-signed certificates

---
 pounce.1 | 40 +++++++++++++++++++++++++++++++++++++++-
 1 file changed, 39 insertions(+), 1 deletion(-)

(limited to 'pounce.1')

diff --git a/pounce.1 b/pounce.1
index 8c4107d..caeb243 100644
--- a/pounce.1
+++ b/pounce.1
@@ -1,4 +1,4 @@
-.Dd August 28, 2020
+.Dd January 11, 2021
 .Dt POUNCE 1
 .Os
 .
@@ -29,6 +29,7 @@
 .Op Fl p Ar port
 .Op Fl q Ar quit
 .Op Fl r Ar real
+.Op Fl t Ar trust
 .Op Fl s Ar size
 .Op Fl u Ar user
 .Op Fl w Ar pass
@@ -36,6 +37,13 @@
 .Op Ar config ...
 .
 .Nm
+.Fl o
+.Op Fl S Ar bind
+.Op Fl h Ar host
+.Op Fl p Ar port
+.Op Ar config ...
+.
+.Nm
 .Op Fl A Ar ca
 .Fl g Ar cert
 .
@@ -300,6 +308,11 @@ Set nickname to
 .Ar nick .
 The default nickname is the user's name.
 .
+.It Fl o
+Print the server certificate chain
+to standard output in PEM format
+and exit.
+.
 .It Fl p Ar port , Cm port = Ar port
 Connect to
 .Ar port .
@@ -321,6 +334,13 @@ Set the number of messages contained in the buffer to
 The size must be a power of two.
 The default size is 4096.
 .
+.It Fl t Ar path , Cm trust = Ar path
+Trust the certificate loaded from
+.Ar path .
+Server name verification is disabled.
+See
+.Sx Connecting to Servers with Self-signed Certificates .
+.
 .It Fl u Ar user , Cm user = Ar user
 Set username to
 .Ar user .
@@ -537,6 +557,24 @@ sasl-external
 .Ed
 .El
 .
+.Ss Connecting to Servers with Self-signed Certificates
+.Bl -enum
+.It
+Connect to the server
+and write its certificate to a file:
+.Bd -literal -offset indent
+pounce -o -h irc.example.org > ~/.config/pounce/example.pem
+.Ed
+.It
+Configure
+.Nm
+to trust the certificate:
+.Bd -literal -offset indent
+trust = example.pem
+# or: pounce -t example.pem
+.Ed
+.El
+.
 .Sh ENVIRONMENT
 .Bl -tag -width Ds
 .It Ev USER
-- 
cgit 1.4.1