Minor fix to how we verify hostnames #197

Merged
sloum merged 2 commits from tls-commonname-check into release2.3.3 2020-11-06 03:28:33 +00:00
Owner

I thought I had already added this fix to this release (or an earlier one), but a look at the codebase revealed I had not. This is an important fix to make sure that Bombadillo will still work with gemini hostname verification when compiled by Go version >= 15.0

If either the hostname or the common name match then we consider it valid. This is in line with the behavior of @makeworld 's amfora client and their go-gemini library. I would very much like this to be in the 2.3.3 release (which I may rename to 2.4.0 and merge to master after it lands on develop, there are enough package managers pulling off of master now that this seems like a good idea).

I thought I had already added this fix to this release (or an earlier one), but a look at the codebase revealed I had not. This is an important fix to make sure that Bombadillo will still work with gemini hostname verification when compiled by Go version >= 15.0 If _either_ the hostname or the common name match then we consider it valid. This is in line with the behavior of @makeworld 's amfora client and their go-gemini library. I would very much like this to be in the 2.3.3 release (which I may rename to 2.4.0 and merge to master after it lands on develop, there are enough package managers pulling off of master now that this seems like a good idea).
sloum merged commit ebcd1ff1d7 into release2.3.3 2020-11-06 03:28:34 +00:00
sloum deleted branch tls-commonname-check 2020-11-06 03:28:40 +00:00
First-time contributor

The current method my go-gemini uses does not support CommonName only wildcards. You will have to add more code to have full support. Currently go-gemini will only support wildcards if the wildcard string (like *.example.com) is also in the SAN area. I plan on fixing this, and Bombadillo probably should too.

See this for more details (note it's referring to a different go-gemini library): https://lists.orbitalfox.eu/archives/gemini/2020/003018.html

The current method my go-gemini uses does not support CommonName only wildcards. You will have to add more code to have full support. Currently go-gemini will only support wildcards if the wildcard string (like `*.example.com`) is also in the SAN area. I plan on fixing this, and Bombadillo probably should too. See this for more details (note it's referring to a different go-gemini library): https://lists.orbitalfox.eu/archives/gemini/2020/003018.html
Author
Owner

Awesome. Thanks for letting me know @makeworld. I'm not sure I will do so for this release (as I was trying to wrap things up tonight), but I will be sure to start work on that soon :)

At the very least, this PR will provide improved behavior for a more common use case. It has been awhile, things going well? I have not made a new build of amfora in a spell. Cool new stuff?

Awesome. Thanks for letting me know @makeworld. I'm not sure I will do so for this release (as I was trying to wrap things up tonight), but I will be sure to start work on that soon :) At the very least, this PR will provide improved behavior for a more common use case. It has been awhile, things going well? I have not made a new build of amfora in a spell. Cool new stuff?
First-time contributor

Same here, I should work on it soon.

It has been a while! And same, I've been meaning to check out bombadillo again. I just released a new Amfora version yesterday, feeling good about it. Got some early client cert support in, and fixed ANSI rendering, so Astrobotany is looking nice :)

Same here, I should work on it soon. It has been a while! And same, I've been meaning to check out bombadillo again. I just released a new Amfora version yesterday, feeling good about it. Got some early client cert support in, and fixed ANSI rendering, so Astrobotany is looking nice :)
Author
Owner

Awesome! Out of curiosity, what ansi rendering stuff needed fixing?

Awesome! Out of curiosity, what ansi rendering stuff needed fixing?
First-time contributor

I changed the way some color stuff is rendered a while time ago (by setting the text color and bg at the start of each line), which was overriding any ANSI color codes. Here's the issue and the commit. Basically just stopped resetting the text color each line.

I changed the way some color stuff is rendered a while time ago (by setting the text color and bg at the start of each line), which was overriding any ANSI color codes. Here's the [issue](https://github.com/makeworld-the-better-one/amfora/issues/59) and the [commit](https://github.com/makeworld-the-better-one/amfora/commit/819023daec1b5f207c8713ecc884936808610c3f). Basically just stopped resetting the text color each line.
Sign in to join this conversation.
No reviewers
No Milestone
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: sloum/bombadillo#197
No description provided.