Removes support for client certificates in Bombadillo #181
12
bombadillo.1
12
bombadillo.1
|
@ -33,7 +33,7 @@ Gopher is the default protocol for \fBbombadillo\fP. Any textual item types will
|
|||
.TP
|
||||
.B
|
||||
gemini
|
||||
Gemini is supported, but as a new protocol with an incomplete specification, features may change over time. At present Bombadillo supports TLS with a trust on first use certificate pinning system (similar to SSH). Client certificates are also supported as a configurable option. Gemini maps and other text types are rendered in the browser and non-text types will be downloaded.
|
||||
Gemini is supported, but as a new protocol with an incomplete specification, features may change over time. At present Bombadillo supports TLS with a trust on first use certificate pinning system (similar to SSH). Gemini maps and other text types are rendered in the browser and non-text types will be downloaded.
|
||||
.TP
|
||||
.B
|
||||
finger
|
||||
|
@ -259,16 +259,6 @@ Can toggle between visual modes. Valid values are \fInormal\fP, \fIcolor\fP, and
|
|||
.B
|
||||
timeout
|
||||
The number of seconds after which connections to gopher or gemini servers should time out if the server has not responded.
|
||||
.TP
|
||||
.B
|
||||
tlscertificate
|
||||
A path to a tls certificate file on a user's local filesystem. Defaults to NULL. Both \fItlscertificate\fP and \fItlskey\fP must be set for client certificates to work in gemini.
|
||||
.TP
|
||||
.B
|
||||
tlskey
|
||||
A path to a tls key that pairs with the tlscertificate setting, on a user's local filesystem. Defaults to NULL. Both \fItlskey\fP and \fItlscertificate\fP must be set for client certificates to work in gemini.
|
||||
.TP
|
||||
.B
|
||||
webmode
|
||||
Controls behavior when following web links. The following values are valid: \fInone\fP will disable following web links, \fIgui\fP will have the browser attempt to open web links in a user's default graphical web browser; \fIlynx\fP, \fIw3m\fP, and \fIelinks\fP will have the browser attempt to use the selected terminal web browser to handle the rendering of web pages and will display the pages directly in Bombadillo.
|
||||
|
||||
|
|
|
@ -451,9 +451,7 @@ func (c *client) doCommandAs(action string, values []string) {
|
|||
return
|
||||
}
|
||||
c.Options[values[0]] = lowerCaseOpt(values[0], val)
|
||||
if values[0] == "tlskey" || values[0] == "tlscertificate" {
|
||||
c.Certs.LoadCertificate(c.Options["tlscertificate"], c.Options["tlskey"])
|
||||
} else if values[0] == "geminiblocks" {
|
||||
if values[0] == "geminiblocks" {
|
||||
gemini.BlockBehavior = c.Options[values[0]]
|
||||
} else if values[0] == "timeout" {
|
||||
updateTimeouts(c.Options[values[0]])
|
||||
|
|
|
@ -55,8 +55,6 @@ var defaultOptions = map[string]string{
|
|||
"telnetcommand": "telnet",
|
||||
"theme": "normal", // "normal", "inverted", "color"
|
||||
"timeout": "15", // connection timeout for gopher/gemini in seconds
|
||||
"tlscertificate": "",
|
||||
"tlskey": "",
|
||||
"webmode": "none", // "none", "gui", "lynx", "w3m", "elinks"
|
||||
}
|
||||
|
||||
|
|
|
@ -23,7 +23,6 @@ type Capsule struct {
|
|||
|
||||
type TofuDigest struct {
|
||||
certs map[string]string
|
||||
ClientCert tls.Certificate
|
||||
}
|
||||
|
||||
var BlockBehavior string = "block"
|
||||
|
@ -33,15 +32,6 @@ var TlsTimeout time.Duration = time.Duration(15) * time.Second
|
|||
// + + + R E C E I V E R S + + + \\
|
||||
//--------------------------------------------------\\
|
||||
|
||||
func (t *TofuDigest) LoadCertificate(cert, key string) {
|
||||
certificate, err := tls.LoadX509KeyPair(cert, key)
|
||||
if err != nil {
|
||||
t.ClientCert = tls.Certificate{}
|
||||
return
|
||||
}
|
||||
t.ClientCert = certificate
|
||||
}
|
||||
|
||||
func (t *TofuDigest) Purge(host string) error {
|
||||
host = strings.ToLower(host)
|
||||
if host == "*" {
|
||||
|
@ -187,10 +177,6 @@ func Retrieve(host, port, resource string, td *TofuDigest) (string, error) {
|
|||
InsecureSkipVerify: true,
|
||||
}
|
||||
|
||||
conf.GetClientCertificate = func(*tls.CertificateRequestInfo) (*tls.Certificate, error) {
|
||||
return &td.ClientCert, nil
|
||||
}
|
||||
|
||||
conn, err := tls.DialWithDialer(&net.Dialer{Timeout: TlsTimeout}, "tcp", addr, conf)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("TLS Dial Error: %s", err.Error())
|
||||
|
@ -284,7 +270,7 @@ func Fetch(host, port, resource string, td *TofuDigest) ([]byte, error) {
|
|||
case 5:
|
||||
return make([]byte, 0), fmt.Errorf("[5] Permanent Failure.")
|
||||
case 6:
|
||||
return make([]byte, 0), fmt.Errorf("[6] Client Certificate Required")
|
||||
return make([]byte, 0), fmt.Errorf("[6] Client Certificate Required (Unsupported)")
|
||||
default:
|
||||
return make([]byte, 0), fmt.Errorf("Invalid response status from server")
|
||||
}
|
||||
|
@ -364,7 +350,7 @@ func Visit(host, port, resource string, td *TofuDigest) (Capsule, error) {
|
|||
case 5:
|
||||
return capsule, fmt.Errorf("[5] Permanent Failure. %s", header[1])
|
||||
case 6:
|
||||
return capsule, fmt.Errorf("[6] Client Certificate Required")
|
||||
return capsule, fmt.Errorf("[6] Client Certificate Required (Unsupported)")
|
||||
default:
|
||||
return capsule, fmt.Errorf("Invalid response status from server")
|
||||
}
|
||||
|
@ -449,5 +435,5 @@ func MakeCapsule() Capsule {
|
|||
}
|
||||
|
||||
func MakeTofuDigest() TofuDigest {
|
||||
return TofuDigest{make(map[string]string), tls.Certificate{}}
|
||||
return TofuDigest{make(map[string]string)}
|
||||
}
|
||||
|
|
5
main.go
5
main.go
|
@ -153,8 +153,8 @@ func loadConfig() {
|
|||
if len(vals) < 2 {
|
||||
continue
|
||||
}
|
||||
ts, err := strconv.ParseInt(vals[1], 10, 64)
|
||||
now := time.Now()
|
||||
ts, err := strconv.ParseInt(vals[1], 10, 64)
|
||||
if err != nil || now.Unix() > ts {
|
||||
continue
|
||||
}
|
||||
|
@ -168,9 +168,6 @@ func loadConfig() {
|
|||
func initClient() {
|
||||
bombadillo = MakeClient(" ((( Bombadillo ))) ")
|
||||
loadConfig()
|
||||
if bombadillo.Options["tlscertificate"] != "" && bombadillo.Options["tlskey"] != "" {
|
||||
bombadillo.Certs.LoadCertificate(bombadillo.Options["tlscertificate"], bombadillo.Options["tlskey"])
|
||||
}
|
||||
}
|
||||
|
||||
// In the event of specific signals, ensure the display is shown correctly.
|
||||
|
|
Loading…
Reference in New Issue