forked from sloum/bombadillo
Compare commits
8 Commits
master
...
gemini-cer
Author | SHA1 | Date |
---|---|---|
sloum | 00313442d4 | |
sloum | cb151f75aa | |
Sloom Sloum Sluom IV | 36ae4a228f | |
sloum | 961bdfc92f | |
sloum | 26b3223379 | |
sloum | cdfec887fd | |
sloum | bfb6b85844 | |
sloum | 9af1a4d642 |
|
@ -106,6 +106,10 @@ R
|
|||
Reload the current page (does not destroy forward history).
|
||||
.TP
|
||||
.B
|
||||
1, 2, 3, 4, 5, 6, 7, 8, 9, 0
|
||||
Quick navigation to the first 10 links on a page. The 0 key will navigate to the link numbered '10', all other numbers navigate to their matching link number.
|
||||
.TP
|
||||
.B
|
||||
u
|
||||
Scroll up an amount corresponding to 75% of your terminal window height in the current document.
|
||||
.TP
|
||||
|
|
|
@ -162,6 +162,12 @@ func (c *client) TakeControlInput() {
|
|||
input := cui.Getch()
|
||||
|
||||
switch input {
|
||||
case '1', '2', '3', '4', '5', '6', '7', '8', '9', '0':
|
||||
if input == '0' {
|
||||
c.goToLink("10")
|
||||
} else {
|
||||
c.goToLink(string(input))
|
||||
}
|
||||
case 'j', 'J':
|
||||
// scroll down one line
|
||||
c.ClearMessage()
|
||||
|
|
|
@ -56,8 +56,8 @@ func Exit(exitCode int, msg string) {
|
|||
// InitTerm sets the terminal modes appropriate for Bombadillo
|
||||
func InitTerm() {
|
||||
SetCharMode()
|
||||
Tput("rmam") // turn off line wrapping
|
||||
Tput("smcup") // use alternate screen
|
||||
Tput("rmam") // turn off line wrapping
|
||||
}
|
||||
|
||||
// CleanupTerm reverts changs to terminal mode made by InitTerm
|
||||
|
|
|
@ -49,8 +49,8 @@ func (t *TofuDigest) Purge(host string) error {
|
|||
return fmt.Errorf("Invalid host %q", host)
|
||||
}
|
||||
|
||||
func (t *TofuDigest) Add(host, hash string) {
|
||||
t.certs[strings.ToLower(host)] = hash
|
||||
func (t *TofuDigest) Add(host, hash string, time int64) {
|
||||
t.certs[strings.ToLower(host)] = fmt.Sprintf("%s|%d", hash, time)
|
||||
}
|
||||
|
||||
func (t *TofuDigest) Exists(host string) bool {
|
||||
|
@ -67,12 +67,11 @@ func (t *TofuDigest) Find(host string) (string, error) {
|
|||
return "", fmt.Errorf("Invalid hostname, no key saved")
|
||||
}
|
||||
|
||||
func (t *TofuDigest) Match(host string, cState *tls.ConnectionState) error {
|
||||
host = strings.ToLower(host)
|
||||
func (t *TofuDigest) Match(host, localCert string, cState *tls.ConnectionState) error {
|
||||
now := time.Now()
|
||||
|
||||
for _, cert := range cState.PeerCertificates {
|
||||
if t.certs[host] != hashCert(cert.Raw) {
|
||||
if localCert != hashCert(cert.Raw) {
|
||||
continue
|
||||
}
|
||||
|
||||
|
@ -118,13 +117,40 @@ func (t *TofuDigest) newCert(host string, cState *tls.ConnectionState) error {
|
|||
continue
|
||||
}
|
||||
|
||||
t.Add(host, hashCert(cert.Raw))
|
||||
t.Add(host, hashCert(cert.Raw), cert.NotAfter.Unix())
|
||||
return nil
|
||||
}
|
||||
|
||||
return fmt.Errorf(reasons.String())
|
||||
}
|
||||
|
||||
func (t *TofuDigest) GetCertAndTimestamp(host string) (string, int64, error) {
|
||||
certTs, err := t.Find(host)
|
||||
if err != nil {
|
||||
return "", -1, err
|
||||
}
|
||||
certTsSplit := strings.SplitN(certTs, "|", -1)
|
||||
if len(certTsSplit) < 2 {
|
||||
_ = t.Purge(host)
|
||||
return certTsSplit[0], -1, fmt.Errorf("Invalid certstring, no delimiter")
|
||||
}
|
||||
ts, err := strconv.ParseInt(certTsSplit[1], 10, 64)
|
||||
if err != nil {
|
||||
_ = t.Purge(host)
|
||||
return certTsSplit[0], -1, err
|
||||
}
|
||||
now := time.Now()
|
||||
if ts < now.Unix() {
|
||||
// Ignore error return here since an error would indicate
|
||||
// the host does not exist and we have already checked for
|
||||
// that and the desired outcome of the action is that the
|
||||
// host will no longer exist, so we are good either way
|
||||
_ = t.Purge(host)
|
||||
return "", -1, fmt.Errorf("Expired cert")
|
||||
}
|
||||
return certTsSplit[0], ts, nil
|
||||
}
|
||||
|
||||
func (t *TofuDigest) IniDump() string {
|
||||
if len(t.certs) < 1 {
|
||||
return ""
|
||||
|
@ -176,9 +202,11 @@ func Retrieve(host, port, resource string, td *TofuDigest) (string, error) {
|
|||
return "", fmt.Errorf("Insecure, no certificates offered by server")
|
||||
}
|
||||
|
||||
if td.Exists(host) {
|
||||
localCert, localTs, err := td.GetCertAndTimestamp(host)
|
||||
|
||||
if localTs > 0 {
|
||||
// See if we have a matching cert
|
||||
err := td.Match(host, &connState)
|
||||
err := td.Match(host, localCert, &connState)
|
||||
if err != nil && err.Error() != "EXP" {
|
||||
// If there is no match and it isnt because of an expiration
|
||||
// just return the error
|
||||
|
|
17
main.go
17
main.go
|
@ -25,8 +25,10 @@ import (
|
|||
"os"
|
||||
"os/signal"
|
||||
"path/filepath"
|
||||
"strconv"
|
||||
"strings"
|
||||
"syscall"
|
||||
"time"
|
||||
|
||||
"tildegit.org/sloum/bombadillo/config"
|
||||
"tildegit.org/sloum/bombadillo/cui"
|
||||
|
@ -132,7 +134,20 @@ func loadConfig() {
|
|||
}
|
||||
|
||||
for _, v := range settings.Certs {
|
||||
bombadillo.Certs.Add(v.Key, v.Value)
|
||||
// Remove expired certs
|
||||
vals := strings.SplitN(v.Value, "|", -1)
|
||||
if len(vals) < 2 {
|
||||
continue
|
||||
}
|
||||
ts, err := strconv.ParseInt(vals[1], 10, 64)
|
||||
now := time.Now()
|
||||
if err != nil || now.Unix() > ts {
|
||||
continue
|
||||
}
|
||||
// Satisfied that the cert is not expired
|
||||
// or malformed: add to the current client
|
||||
// instance
|
||||
bombadillo.Certs.Add(v.Key, vals[0], ts)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue