service: add a way to reset a network certfp

2023-08-09 18:04:30 +02:00 · 2023-08-09 18:04:30 +02:00 · fc1151326c
parent 97cfb366b0
commit fc1151326c
2 changed files with 5 additions and 2 deletions
--- a/doc/soju.1.scd
+++ b/doc/soju.1.scd
@ -258,7 +258,8 @@ character.
 		Instead of using certificate authorities to check the server's TLS
 		certificate, check whether the server certificate matches the provided
 		fingerprint. This can be used to connect to servers using self-signed
-		certificates. The fingerprint format is SHA512.
+		certificates. The fingerprint format is SHA512. An empty string
+		removes any previous fingerprint.

 	*-nick* <nickname>
 		Connect with the specified nickname. By default, the account's username
--- a/service.go
+++ b/service.go
@ -530,7 +530,9 @@ func (fs *networkFlagSet) update(network *database.Network) error {
 		if _, err := hex.DecodeString(certFP); err != nil {
 			return fmt.Errorf("the certificate fingerprint must be hex-encoded")
 		}
-		if len(certFP) == 64 {
+		if len(certFP) == 0 {
+			network.CertFP = ""
+		} else if len(certFP) == 64 {
 			network.CertFP = "sha-256:" + certFP
 		} else if len(certFP) == 128 {
 			network.CertFP = "sha-512:" + certFP