From 36cd749078bb7d7107e85f2c427213046faa19f3 Mon Sep 17 00:00:00 2001
From: Laurent Bercot <ska-skaware@skarnet.org>
Date: Wed, 6 May 2020 11:47:33 +0000
Subject:  Add -e option to s6-tlsserver

---
 doc/s6-tlsserver.html | 14 +++++++++++++-
 doc/upgrade.html      |  3 ++-
 2 files changed, 15 insertions(+), 2 deletions(-)

(limited to 'doc')

diff --git a/doc/s6-tlsserver.html b/doc/s6-tlsserver.html
index bb3301f..6c1395d 100644
--- a/doc/s6-tlsserver.html
+++ b/doc/s6-tlsserver.html
@@ -148,6 +148,19 @@ generally work, but unless you're running a very public server
 certificates, you probably still want TCP access rules.
 </p>
 
+<h3> Options handled directly by s6-tlsserver </h3>
+
+<ul>
+ <li> <tt>-e</tt>:&nbsp;: indicates that
+<a href="s6-tcpserver-access.html">s6-tcpserver-access</a> should
+be invoked, even if no other option requires it, even in the absence
+of an access control ruleset. This ensures that <em>prog...</em>
+will always have access to environment variables such as TCPLOCALPORT.
+This option also ensures that the log does not get spammed with
+spurious "no ruleset" warnings if the <tt>-v</tt> option has been
+given but no <tt>-i</tt> or <tt>-x</tt> option. </li>
+</ul>
+
 <h3> Options passed as is to s6-tcpserver </h3>
 
 <ul>
@@ -192,7 +205,6 @@ certificates, you probably still want TCP access rules.
 
 <h2> Example </h2>
 
-
 <p>
  As root:
   <code> KEYFILE=/etc/ssl/private/mykey.der CERTFILE=/etc/ssl/public/mycert.pem \
diff --git a/doc/upgrade.html b/doc/upgrade.html
index 6928777..d9c168c 100644
--- a/doc/upgrade.html
+++ b/doc/upgrade.html
@@ -28,8 +28,9 @@ dependency bumped to 2.6.0.1. </li>
  <li> <a href="https://libressl.org">LibreSSL</a>
 optional dependency bumped to 3.0.2. </li>
  <li> <a href="s6-tlsserver.html">s6-tlsserver</a> now includes
+the <tt>-e</tt> option to invoke
 <a href="s6-tcpserver-access.html">s6-tcpserver-access</a>
-functionality, and accepts corresponding options. </li>
+unconditionally. </li>
 </ul>
 
 <h2> in 2.3.1.2 </h2>
-- 
cgit v1.2.3