summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/source/images/conversation.png (renamed from doc/images/conversation.png)bin9649 -> 9649 bytes
-rw-r--r--doc/source/images/correct.png (renamed from doc/images/correct.png)bin632 -> 632 bytes
-rw-r--r--doc/source/images/data_forms.png (renamed from doc/images/data_forms.png)bin6522 -> 6522 bytes
-rw-r--r--doc/source/images/layers.png (renamed from doc/images/layers.png)bin15642 -> 15642 bytes
-rw-r--r--doc/source/images/list.png (renamed from doc/images/list.png)bin5795 -> 5795 bytes
-rw-r--r--doc/source/images/muc.png (renamed from doc/images/muc.png)bin17818 -> 17818 bytes
-rw-r--r--doc/source/images/private.png (renamed from doc/images/private.png)bin6645 -> 6645 bytes
-rw-r--r--doc/source/images/roster.png (renamed from doc/images/roster.png)bin11280 -> 11280 bytes
-rw-r--r--doc/source/images/simple_notify_example.png (renamed from doc/images/simple_notify_example.png)bin5536 -> 5536 bytes
-rw-r--r--doc/source/images/ssl_warning.png (renamed from doc/images/ssl_warning.png)bin881 -> 881 bytes
-rw-r--r--doc/source/images/tab_bar.png (renamed from doc/images/tab_bar.png)bin712 -> 712 bytes
-rw-r--r--doc/source/images/theme_256_colors.png (renamed from doc/images/theme_256_colors.png)bin37316 -> 37316 bytes
-rw-r--r--doc/source/images/vert_tabs.png (renamed from doc/images/vert_tabs.png)bin2890 -> 2890 bytes
-rw-r--r--doc/source/index.rst1
-rw-r--r--doc/source/misc/index.rst22
-rw-r--r--doc/source/misc/ssl.rst60
-rw-r--r--doc/source/themes.rst2
17 files changed, 84 insertions, 1 deletions
diff --git a/doc/images/conversation.png b/doc/source/images/conversation.png
index 0940a3a4..0940a3a4 100644
--- a/doc/images/conversation.png
+++ b/doc/source/images/conversation.png
Binary files differ
diff --git a/doc/images/correct.png b/doc/source/images/correct.png
index ed2ad450..ed2ad450 100644
--- a/doc/images/correct.png
+++ b/doc/source/images/correct.png
Binary files differ
diff --git a/doc/images/data_forms.png b/doc/source/images/data_forms.png
index 0afb3e03..0afb3e03 100644
--- a/doc/images/data_forms.png
+++ b/doc/source/images/data_forms.png
Binary files differ
diff --git a/doc/images/layers.png b/doc/source/images/layers.png
index 9ec71521..9ec71521 100644
--- a/doc/images/layers.png
+++ b/doc/source/images/layers.png
Binary files differ
diff --git a/doc/images/list.png b/doc/source/images/list.png
index a2fc2315..a2fc2315 100644
--- a/doc/images/list.png
+++ b/doc/source/images/list.png
Binary files differ
diff --git a/doc/images/muc.png b/doc/source/images/muc.png
index 8ddfff10..8ddfff10 100644
--- a/doc/images/muc.png
+++ b/doc/source/images/muc.png
Binary files differ
diff --git a/doc/images/private.png b/doc/source/images/private.png
index 19492e2b..19492e2b 100644
--- a/doc/images/private.png
+++ b/doc/source/images/private.png
Binary files differ
diff --git a/doc/images/roster.png b/doc/source/images/roster.png
index d1a8f9f4..d1a8f9f4 100644
--- a/doc/images/roster.png
+++ b/doc/source/images/roster.png
Binary files differ
diff --git a/doc/images/simple_notify_example.png b/doc/source/images/simple_notify_example.png
index 2e9c617c..2e9c617c 100644
--- a/doc/images/simple_notify_example.png
+++ b/doc/source/images/simple_notify_example.png
Binary files differ
diff --git a/doc/images/ssl_warning.png b/doc/source/images/ssl_warning.png
index 348a81a4..348a81a4 100644
--- a/doc/images/ssl_warning.png
+++ b/doc/source/images/ssl_warning.png
Binary files differ
diff --git a/doc/images/tab_bar.png b/doc/source/images/tab_bar.png
index 9c5c74eb..9c5c74eb 100644
--- a/doc/images/tab_bar.png
+++ b/doc/source/images/tab_bar.png
Binary files differ
diff --git a/doc/images/theme_256_colors.png b/doc/source/images/theme_256_colors.png
index 395f3d39..395f3d39 100644
--- a/doc/images/theme_256_colors.png
+++ b/doc/source/images/theme_256_colors.png
Binary files differ
diff --git a/doc/images/vert_tabs.png b/doc/source/images/vert_tabs.png
index a48a8051..a48a8051 100644
--- a/doc/images/vert_tabs.png
+++ b/doc/source/images/vert_tabs.png
Binary files differ
diff --git a/doc/source/index.rst b/doc/source/index.rst
index 8ec26348..ea744b26 100644
--- a/doc/source/index.rst
+++ b/doc/source/index.rst
@@ -15,6 +15,7 @@ Contents:
themes
commands
dev/index
+ misc/index
..
configure
diff --git a/doc/source/misc/index.rst b/doc/source/misc/index.rst
new file mode 100644
index 00000000..bf8fcb90
--- /dev/null
+++ b/doc/source/misc/index.rst
@@ -0,0 +1,22 @@
+Miscellaneous topics
+====================
+
+Contents:
+
+.. toctree::
+ :maxdepth: 2
+
+ ssl
+
+
+..
+ configure
+ ssl
+ usage
+ themes
+ keys
+ plugins
+ misc
+ xep
+ dev
+
diff --git a/doc/source/misc/ssl.rst b/doc/source/misc/ssl.rst
new file mode 100644
index 00000000..a012ebed
--- /dev/null
+++ b/doc/source/misc/ssl.rst
@@ -0,0 +1,60 @@
+SSL Management
+==============
+
+Starting from version 0.7.5, poezio offers some options to check the validity
+of a X.509 certificate.
+
+TOFU
+----
+
+The default handling method is the `TOFU/TUFU`_
+method. At your first connection, poezio will save the hash of the certificate
+received, and will compare the received one and the first one for the next
+connections.
+
+
+If you are paranoid (or run poezio for the first time in an unsafe
+environment), you can set the _certificate_ value of your config file yourself
+(the hash, not colon-separated).
+
+
+If the certificate is not the same, poezio will show an error message and wait
+for confirmation:
+
+.. figure:: ../images/ssl_warning.png
+ :alt: Warning message
+
+If you press y, the change is validated an poezio will match the next certs
+with the accepted one.
+
+If you press n, you will get the confirmation that the change has been
+refused, and you will be disconnected.
+
+CA-Based
+--------
+
+If you are connecting to a large server that has several front-facing
+endpoints, you might be bothered by having to validate the change each time,
+and you may want to check only if it the same authority delivered the
+certificate.
+
+You can then set the *ca_cert_path* option to the path of a file containing
+the validation chain in `PEM format`_ ; those certificates are usually in
+/usr/share/ca-certificates/ but it may vary depending of your distribution.
+
+
+If the authority does not match when connecting, you should be disconnected.
+
+None
+----
+
+If you do not want to bother with certificate validation at all (which can be
+the case when you run poezio on the same computer as your jabber server), you
+can set the *ignore_certificate* value to true, and let the *ca_cert_path*
+option empty (or even remove it).
+
+.. warning:: Only do this if you know what you are doing, or you will be open
+ to Man in The Middle attacks!
+
+.. _TOFU/TUFU: https://en.wikipedia.org/wiki/User:Dotdotike/Trust_Upon_First_Use
+.. _PEM format: https://tools.ietf.org/html/rfc1422.html
diff --git a/doc/source/themes.rst b/doc/source/themes.rst
index 92b88245..2a12d8c4 100644
--- a/doc/source/themes.rst
+++ b/doc/source/themes.rst
@@ -69,7 +69,7 @@ text white on black by default, a fg_color of -1 is white, and a bg_color
of -1 is black). If it’s between 0 and 256 it represents one of the colors
on the image:
-.. figure:: ../images/theme_256_colors.png
+.. figure:: ./images/theme_256_colors.png
:alt: The list of all 256 colors
The list of all 256 colors