Create the certificate store if it does not exist

2020-09-29 11:12:23 -04:00 · 2020-09-29 11:12:23 -04:00 · fbc1f76194
commit fbc1f76194
parent 8facfabec5
5 changed files with 7 additions and 9 deletions
--- a/README.md
+++ b/README.md
@ -84,12 +84,10 @@ Gemini takes advantage of client certificates for authentication.

 If a server responds with `StatusCertificateRequired`, clients will generate a
 certificate for the site and resend the request with the provided certificate.
-The default client handles this for you. Other clients must specify the fields
-`CertificateStore` and `GetCertificate`:
+The default client handles this for you. Other clients must specify the field
+`GetCertificate`:

 ```go
-// Initialize the certificate store.
-client.CertificateStore = gmi.CertificateStore{}
 // GetCertificate is called when a server requests a certificate.
 // The returned certificate, if not nil, will be used when resending the request.
 client.GetCertificate = func(hostname string, store gmi.CertificateStore) *tls.Certificate {
@ -109,7 +107,6 @@ client.GetCertificate = func(hostname string, store gmi.CertificateStore) *tls.C
 }
 ```

-
 Servers can then authenticate their clients with the fingerprint of their
 certificates.

--- a/client.go
+++ b/client.go
@ -276,6 +276,10 @@ func (c *Client) Send(req *Request) (*Response, error) {
 		if req.Certificate != nil {
 			return resp, nil
 		}
+		// Create the certificate store if it does not exist
+		if c.CertificateStore == nil {
+			c.CertificateStore = CertificateStore{}
+		}
 		if c.GetCertificate != nil {
 			if cert := c.GetCertificate(req.Hostname(), c.CertificateStore); cert != nil {
 				req.Certificate = cert
--- a/examples/auth/auth.go
+++ b/examples/auth/auth.go
@ -79,7 +79,7 @@ func login(rw *gmi.ResponseWriter, req *gmi.Request) {
 			sessions[fingerprint] = &session{
 				username: username,
 			}
-			gmi.Redirect(rw, req, "/login#password")
+			gmi.Redirect(rw, req, "/login/password")
 		})
 	})
 }
--- a/examples/client/client.go
+++ b/examples/client/client.go
@ -48,8 +48,6 @@ func init() {
 		}
 		return err
 	}
-
-	client.CertificateStore = gmi.CertificateStore{}
 	client.GetCertificate = func(hostname string, store gmi.CertificateStore) *tls.Certificate {
 		// If the certificate is in the store, return it
 		if cert, ok := store[hostname]; ok {
--- a/gemini.go
+++ b/gemini.go
@ -76,7 +76,6 @@ func init() {
 var setupDefaultClientOnce sync.Once

 func setupDefaultClient() {
-	DefaultClient.CertificateStore = CertificateStore{}
 	DefaultClient.KnownHosts.Load()
 }