diff options
| author | Hugo Wetterberg <[email protected]> | 2021-01-13 22:33:48 +0100 |
|---|---|---|
| committer | Adnan Maolood <[email protected]> | 2021-01-14 13:48:57 -0500 |
| commit | 95aff9c573f74da276d9fe76df3ddbd33462be9c (patch) | |
| tree | c6160da2b2f8f3ab93ce87f16b0028703e8fc0e7 /examples | |
| parent | client: set the client timout on the dialer, close connection on err (diff) | |
| download | go-gemini-95aff9c573f74da276d9fe76df3ddbd33462be9c.tar.xz go-gemini-95aff9c573f74da276d9fe76df3ddbd33462be9c.zip | |
tofu: Refactor
This commit changes underlying file handling and known hosts parsing.
A known hosts file opened through Load() never closed the underlying
file. During known hosts parsing most errors were unchecked, or just
led to the line being skipped.
I removed the KnownHosts type, which didn't really have a role after
the refactor. The embedding of KnownHosts in KnownHosts file has been
removed as it also leaked the map unprotected by the mutex.
The Fingerprint type is now KnownHost and has taken over the
responsibility of marshalling and unmarshalling.
SetOutput now takes a WriteCloser so that we can close the underlying
writer when it's replaced, or when it's explicitly closed through the
new Close() function.
KnownHostsFile.Add() now also writes the known host to the output if
set. I think that makes sense expectation-wise for the type.
Turned WriteAll() into WriteTo() to conform with the io.WriterTo
interface.
Load() is now Open() to better reflect the fact that a file is opened,
and kept open. It can now also return errors from the parsing process.
The parser does a lot more error checking, and this might be an area
where I've changed a desired behaviour as invalid entries no longer
are ignored, but aborts the parsing process. That could be changed to
a warning, or some kind of parsing feedback.
I added KnownHostsFile.TOFU() to fill the developer experience gap
that was left after the client no longer knows about
KnownHostsFile. It implements a basic non-interactive TOFU flow.
Diffstat (limited to 'examples')
| -rw-r--r-- | examples/client.go | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/examples/client.go b/examples/client.go index 251c6cd..60c8351 100644 --- a/examples/client.go +++ b/examples/client.go @@ -6,6 +6,7 @@ package main import ( "bufio" + "bytes" "crypto/x509" "errors" "fmt" @@ -29,7 +30,7 @@ var ( func init() { // Load known hosts file path := filepath.Join(xdg.DataHome(), "gemini", "known_hosts") - err := hosts.Load(path) + err := hosts.Open(path) if err != nil { log.Println(err) } @@ -47,25 +48,24 @@ Otherwise, this should be safe to trust. => ` func trustCertificate(hostname string, cert *x509.Certificate) error { - fingerprint := tofu.NewFingerprint(cert.Raw, cert.NotAfter) + host := tofu.NewKnownHost(hostname, cert.Raw, cert.NotAfter) + knownHost, ok := hosts.Lookup(hostname) if ok && time.Now().Before(knownHost.Expires) { // Check fingerprint - if knownHost.Hex == fingerprint.Hex { + if bytes.Equal(knownHost.Fingerprint, host.Fingerprint) { return nil } return errors.New("error: fingerprint does not match!") } - fmt.Printf(trustPrompt, hostname, fingerprint.Hex) + fmt.Printf(trustPrompt, hostname, host.Fingerprint) scanner.Scan() switch scanner.Text() { case "t": - hosts.Add(hostname, fingerprint) - hosts.Write(hostname, fingerprint) + hosts.Add(host) return nil case "o": - hosts.Add(hostname, fingerprint) return nil default: return errors.New("certificate not trusted") |