sashakoshka/go-gemini
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Differentiate between unknown and untrusted certificates

Browse Source
This commit is contained in:
adnano 2020-09-26 13:27:03 -04:00
parent fc96076472
commit bf3e6b3c5c
4 changed files with 62 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
README.md
View File

@ -51,9 +51,9 @@ clients. Here is a simple client using TOFU to authenticate certificates:
```go ```go
client := &gemini.Client{ client := &gemini.Client{
KnownHosts: gemini.LoadKnownHosts(".local/share/gemini/known_hosts"), KnownHosts: gemini.LoadKnownHosts(".local/share/gemini/known_hosts"),
TrustCertificate: func(cert *x509.Certificate, knownHosts *gemini.KnownHosts) bool { TrustCertificate: func(cert *x509.Certificate, knownHosts *gemini.KnownHosts) error {
// If the certificate is in the known hosts list, allow the connection // If the certificate is in the known hosts list, allow the connection
if knownHosts.Has(cert) { if err := knownHosts.Lookup(cert); {
return true return true
} }
// Prompt the user // Prompt the user