From bf8e2a942c884a4a35e297734ce6c098849ac086 Mon Sep 17 00:00:00 2001 From: mathieui Date: Wed, 10 Apr 2013 01:37:23 +0200 Subject: Move images, and add SSL page --- doc/source/images/conversation.png | Bin 0 -> 9649 bytes doc/source/images/correct.png | Bin 0 -> 632 bytes doc/source/images/data_forms.png | Bin 0 -> 6522 bytes doc/source/images/layers.png | Bin 0 -> 15642 bytes doc/source/images/list.png | Bin 0 -> 5795 bytes doc/source/images/muc.png | Bin 0 -> 17818 bytes doc/source/images/private.png | Bin 0 -> 6645 bytes doc/source/images/roster.png | Bin 0 -> 11280 bytes doc/source/images/simple_notify_example.png | Bin 0 -> 5536 bytes doc/source/images/ssl_warning.png | Bin 0 -> 881 bytes doc/source/images/tab_bar.png | Bin 0 -> 712 bytes doc/source/images/theme_256_colors.png | Bin 0 -> 37316 bytes doc/source/images/vert_tabs.png | Bin 0 -> 2890 bytes doc/source/index.rst | 1 + doc/source/misc/index.rst | 22 ++++++++++ doc/source/misc/ssl.rst | 60 ++++++++++++++++++++++++++++ doc/source/themes.rst | 2 +- 17 files changed, 84 insertions(+), 1 deletion(-) create mode 100644 doc/source/images/conversation.png create mode 100644 doc/source/images/correct.png create mode 100644 doc/source/images/data_forms.png create mode 100644 doc/source/images/layers.png create mode 100644 doc/source/images/list.png create mode 100644 doc/source/images/muc.png create mode 100644 doc/source/images/private.png create mode 100644 doc/source/images/roster.png create mode 100644 doc/source/images/simple_notify_example.png create mode 100644 doc/source/images/ssl_warning.png create mode 100644 doc/source/images/tab_bar.png create mode 100644 doc/source/images/theme_256_colors.png create mode 100644 doc/source/images/vert_tabs.png create mode 100644 doc/source/misc/index.rst create mode 100644 doc/source/misc/ssl.rst (limited to 'doc/source') diff --git a/doc/source/images/conversation.png b/doc/source/images/conversation.png new file mode 100644 index 00000000..0940a3a4 Binary files /dev/null and b/doc/source/images/conversation.png differ diff --git a/doc/source/images/correct.png b/doc/source/images/correct.png new file mode 100644 index 00000000..ed2ad450 Binary files /dev/null and b/doc/source/images/correct.png differ diff --git a/doc/source/images/data_forms.png b/doc/source/images/data_forms.png new file mode 100644 index 00000000..0afb3e03 Binary files /dev/null and b/doc/source/images/data_forms.png differ diff --git a/doc/source/images/layers.png b/doc/source/images/layers.png new file mode 100644 index 00000000..9ec71521 Binary files /dev/null and b/doc/source/images/layers.png differ diff --git a/doc/source/images/list.png b/doc/source/images/list.png new file mode 100644 index 00000000..a2fc2315 Binary files /dev/null and b/doc/source/images/list.png differ diff --git a/doc/source/images/muc.png b/doc/source/images/muc.png new file mode 100644 index 00000000..8ddfff10 Binary files /dev/null and b/doc/source/images/muc.png differ diff --git a/doc/source/images/private.png b/doc/source/images/private.png new file mode 100644 index 00000000..19492e2b Binary files /dev/null and b/doc/source/images/private.png differ diff --git a/doc/source/images/roster.png b/doc/source/images/roster.png new file mode 100644 index 00000000..d1a8f9f4 Binary files /dev/null and b/doc/source/images/roster.png differ diff --git a/doc/source/images/simple_notify_example.png b/doc/source/images/simple_notify_example.png new file mode 100644 index 00000000..2e9c617c Binary files /dev/null and b/doc/source/images/simple_notify_example.png differ diff --git a/doc/source/images/ssl_warning.png b/doc/source/images/ssl_warning.png new file mode 100644 index 00000000..348a81a4 Binary files /dev/null and b/doc/source/images/ssl_warning.png differ diff --git a/doc/source/images/tab_bar.png b/doc/source/images/tab_bar.png new file mode 100644 index 00000000..9c5c74eb Binary files /dev/null and b/doc/source/images/tab_bar.png differ diff --git a/doc/source/images/theme_256_colors.png b/doc/source/images/theme_256_colors.png new file mode 100644 index 00000000..395f3d39 Binary files /dev/null and b/doc/source/images/theme_256_colors.png differ diff --git a/doc/source/images/vert_tabs.png b/doc/source/images/vert_tabs.png new file mode 100644 index 00000000..a48a8051 Binary files /dev/null and b/doc/source/images/vert_tabs.png differ diff --git a/doc/source/index.rst b/doc/source/index.rst index 8ec26348..ea744b26 100644 --- a/doc/source/index.rst +++ b/doc/source/index.rst @@ -15,6 +15,7 @@ Contents: themes commands dev/index + misc/index .. configure diff --git a/doc/source/misc/index.rst b/doc/source/misc/index.rst new file mode 100644 index 00000000..bf8fcb90 --- /dev/null +++ b/doc/source/misc/index.rst @@ -0,0 +1,22 @@ +Miscellaneous topics +==================== + +Contents: + +.. toctree:: + :maxdepth: 2 + + ssl + + +.. + configure + ssl + usage + themes + keys + plugins + misc + xep + dev + diff --git a/doc/source/misc/ssl.rst b/doc/source/misc/ssl.rst new file mode 100644 index 00000000..a012ebed --- /dev/null +++ b/doc/source/misc/ssl.rst @@ -0,0 +1,60 @@ +SSL Management +============== + +Starting from version 0.7.5, poezio offers some options to check the validity +of a X.509 certificate. + +TOFU +---- + +The default handling method is the `TOFU/TUFU`_ +method. At your first connection, poezio will save the hash of the certificate +received, and will compare the received one and the first one for the next +connections. + + +If you are paranoid (or run poezio for the first time in an unsafe +environment), you can set the _certificate_ value of your config file yourself +(the hash, not colon-separated). + + +If the certificate is not the same, poezio will show an error message and wait +for confirmation: + +.. figure:: ../images/ssl_warning.png + :alt: Warning message + +If you press y, the change is validated an poezio will match the next certs +with the accepted one. + +If you press n, you will get the confirmation that the change has been +refused, and you will be disconnected. + +CA-Based +-------- + +If you are connecting to a large server that has several front-facing +endpoints, you might be bothered by having to validate the change each time, +and you may want to check only if it the same authority delivered the +certificate. + +You can then set the *ca_cert_path* option to the path of a file containing +the validation chain in `PEM format`_ ; those certificates are usually in +/usr/share/ca-certificates/ but it may vary depending of your distribution. + + +If the authority does not match when connecting, you should be disconnected. + +None +---- + +If you do not want to bother with certificate validation at all (which can be +the case when you run poezio on the same computer as your jabber server), you +can set the *ignore_certificate* value to true, and let the *ca_cert_path* +option empty (or even remove it). + +.. warning:: Only do this if you know what you are doing, or you will be open + to Man in The Middle attacks! + +.. _TOFU/TUFU: https://en.wikipedia.org/wiki/User:Dotdotike/Trust_Upon_First_Use +.. _PEM format: https://tools.ietf.org/html/rfc1422.html diff --git a/doc/source/themes.rst b/doc/source/themes.rst index 92b88245..2a12d8c4 100644 --- a/doc/source/themes.rst +++ b/doc/source/themes.rst @@ -69,7 +69,7 @@ text white on black by default, a fg_color of -1 is white, and a bg_color of -1 is black). If it’s between 0 and 256 it represents one of the colors on the image: -.. figure:: ../images/theme_256_colors.png +.. figure:: ./images/theme_256_colors.png :alt: The list of all 256 colors The list of all 256 colors -- cgit v1.2.3