sashakoshka/go-gemini
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

examples/client: Fix fingerprint check

Browse Source
This commit is contained in:
Adnan Maolood 2020-12-19 13:44:33 -05:00
parent 80ffa72863
commit 48fa6a724e
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
examples/client.go
View File

@ -46,13 +46,16 @@ Otherwise, this should be safe to trust.
=> ` => `
func trustCertificate(hostname string, cert *x509.Certificate) error { func trustCertificate(hostname string, cert *x509.Certificate) error {
fingerprint := gemini.NewFingerprint(cert.Raw, cert.NotAfter)
knownHost, ok := hosts.Lookup(hostname) knownHost, ok := hosts.Lookup(hostname)
if ok && time.Now().Before(knownHost.Expires) { if ok && time.Now().Before(knownHost.Expires) {
// Certificate is in known hosts file and is not expired // Check fingerprint
if knownHost.Hex == fingerprint.Hex {
return nil return nil
} }
return errors.New("error: fingerprint does not match!")
}
fingerprint := gemini.NewFingerprint(cert.Raw, cert.NotAfter)
fmt.Printf(trustPrompt, hostname, fingerprint.Hex) fmt.Printf(trustPrompt, hostname, fingerprint.Hex)
scanner.Scan() scanner.Scan()
switch scanner.Text() { switch scanner.Text() {