SSL certificates are now handled in master, using a fork of libstrophe (
https://github.com/boothj5/libmesode) and will be in release 0.5.0.
Profanity will use system trusted certificates, and keep it's own list of additional trusted certificates. Upon connecting, if an untrusted certificate is presented, the user is prompted.
The
/tls command is currently as follows:
/tls allow : Allow connection to continue with TLS certificate.
/tls always : Always allow connections with TLS certificate.
/tls deny : Abort connection.
/tls cert : Show the current TLS certificate.
/tls cert <fingerprint> : Show details of trusted certificate.
/tls trust : Add the current TLS certificate to manually trusted certificates.
/tls trusted : List summary of manually trusted certificates (with '/tls always' or '/tls trust').
/tls revoke <fingerprint> : Remove a manually trusted certificate.
/tls certpath : Show the trusted certificate path.
/tls certpath set <path> : Specify filesystem path containing trusted certificates.
/tls certpath clear : Clear the trusted certificate path.
/tls show on|off : Show or hide the TLS indicator in the titlebar.
An additional account tls property is also available:
/account set <account> tls force : Force TLS connection, and fail if one cannot be established, this is default behaviour.
/account set <account> tls allow : Use TLS for the connection if it is available.
/account set <account> tls disable : Disable TLS for the connection.
I'm assuming you've also raised https://github.com/boothj5/profanity/issues/741 which I'm currently investigating.
On Friday, 19 February 2016 16:50:23 UTC,
al...@mtu.edu wrote:
What about invalid certs?