diff options
| author | adnano <[email protected]> | 2020-09-25 21:43:13 -0400 |
|---|---|---|
| committer | adnano <[email protected]> | 2020-09-25 21:43:13 -0400 |
| commit | b4295dd2dc0e2a1cfe1bb932833f10896d23f26f (patch) | |
| tree | 8b9dc74056dda28d902038474cf9949c4101e6f0 /examples | |
| parent | Add KnownHost.Write function (diff) | |
| download | go-gemini-b4295dd2dc0e2a1cfe1bb932833f10896d23f26f.tar.xz go-gemini-b4295dd2dc0e2a1cfe1bb932833f10896d23f26f.zip | |
Implement basic TOFU
Diffstat (limited to 'examples')
| -rw-r--r-- | examples/client/client.go | 14 | ||||
| -rw-r--r-- | examples/server/server.go | 5 |
2 files changed, 7 insertions, 12 deletions
diff --git a/examples/client/client.go b/examples/client/client.go index 89bdb12..6887ebf 100644 --- a/examples/client/client.go +++ b/examples/client/client.go @@ -14,12 +14,12 @@ import ( ) var ( - client = &gemini.Client{ - VerifyCertificate: func(cert *x509.Certificate, req *gemini.Request) error { - return nil + client = &gemini.TOFUClient{ + Trusts: func(cert *x509.Certificate, req *gemini.Request) bool { + // Trust all certificates + return true }, } - cert tls.Certificate ) @@ -29,7 +29,7 @@ func init() { // // openssl genrsa -out client.key 2048 // openssl ecparam -genkey -name secp384r1 -out client.key - // openssl req -new -x509 -sha256 -key client.key -out client.crt -days 3650 + // openssl req -new -x509 -sha512 -key client.key -out client.crt -days 365 // var err error cert, err = tls.LoadX509KeyPair("examples/client/client.crt", "examples/client/client.key") @@ -45,13 +45,11 @@ func makeRequest(url string) { } req.Certificate = cert - resp, err := client.Send(req) + resp, err := gemini.Send(client, req) if err != nil { log.Fatal(err) } - fmt.Println(gemini.Fingerprint(resp.TLS.PeerCertificates[0])) - fmt.Println("Status code:", resp.Status) fmt.Println("Meta:", resp.Meta) diff --git a/examples/server/server.go b/examples/server/server.go index 02e8643..f99c6cd 100644 --- a/examples/server/server.go +++ b/examples/server/server.go @@ -15,7 +15,7 @@ func main() { // // openssl genrsa -out server.key 2048 // openssl ecparam -genkey -name secp384r1 -out server.key - // openssl req -new -x509 -sha256 -key server.key -out server.crt -days 3650 + // openssl req -new -x509 -sha512 -key server.key -out server.crt -days 365 // cert, err := tls.LoadX509KeyPair("examples/server/server.crt", "examples/server/server.key") if err != nil { @@ -27,9 +27,6 @@ func main() { rw.WriteHeader(gemini.StatusSuccess, "text/gemini") rw.Write([]byte("You requested " + req.URL.String())) log.Printf("Request from %s for %s", req.RemoteAddr.String(), req.URL) - if len(req.TLS.PeerCertificates) != 0 { - log.Print("Client certificate: ", gemini.Fingerprint(req.TLS.PeerCertificates[0])) - } }) server := gemini.Server{ |