commit - cedb48e05215d560cda65d66ed0f4cc9bd3a9cb6
commit + eb4388ee431fd55a5d1a9831935fb2eb77f46be9
blob - 393cd886c3af02a75255c128e80daa3497acad73
blob + 29eb896eea48da05f013fe9449898d56ba85677d
--- ChangeLog
+++ ChangeLog
2021-04-25 Omar Polo <op@omarpolo.com>
+ * hash.c (telescope_lookup_tofu): save certificates per (host, port) tuple, not only per-host
+
* configure.ac: tagged 0.1.1
* gemini.c (blocking_conn_towards): fix compilation if !HAVE_ASR_RUN
blob - 85da37ed241f9e889a3c21f4f5ed5f1a1d884755
blob + 493503f978fc585e875d1ac84a289b1cac1d527c
--- hash.c
+++ hash.c
#include "telescope.h"
#include <stdlib.h>
+#include <string.h>
static void *hash_alloc(size_t, void*);
static void *hash_calloc(size_t, size_t, void*);
}
struct tofu_entry *
-telescope_lookup_tofu(struct ohash *h, const char *domain)
+telescope_lookup_tofu(struct ohash *h, const char *domain, const char *port)
{
+ char buf[GEMINI_URL_LEN];
unsigned int slot;
- slot = ohash_qlookup(h, domain);
+ strlcpy(buf, domain, sizeof(buf));
+ if (port != NULL && *port != '\0' && strcmp(port, "1965")) {
+ strlcat(buf, ":", sizeof(buf));
+ strlcat(buf, port, sizeof(buf));
+ }
+
+ slot = ohash_qlookup(h, buf);
return ohash_find(h, slot);
}
blob - eba38de500bc81123c6b190def37f8f30bdd0caa
blob + 0114a9fca20231e26c4a1b3db5c6e8a57605665b
--- telescope.1
+++ telescope.1
where:
.Bl -tag -width 12m
.It HOST
-is the hostname.
+the hostname, optionally followed by a colon (":") and a port number.
.It HASH
is the hash of the certificate, as outputted by
.Xr tls_peer_cert_hash 3 .
blob - 135e8f3fcd9aa1ce68a299ecea4f6ccd80c295b5
blob + e251634d6a37fb0eff87424768dbafd912f746b6
--- telescope.c
+++ telescope.c
tab = tab_by_id(imsg->hdr.peerid);
- if ((e = telescope_lookup_tofu(&certs, tab->uri.host)) == NULL) {
+ if ((e = telescope_lookup_tofu(&certs, tab->uri.host, tab->uri.port)) == NULL) {
/* TODO: an update in libressl/libretls changed
* significantly. Find a better approach at storing
* the certs! */
if ((e = calloc(1, sizeof(*e))) == NULL)
abort();
strlcpy(e->domain, tab->uri.host, sizeof(e->domain));
+ if (*tab->uri.port != '\0' && strcmp(tab->uri.port, "1965")) {
+ strlcat(e->domain, ":", sizeof(e->domain));
+ strlcat(e->domain, tab->uri.port, sizeof(e->domain));
+ }
strlcpy(e->hash, hash, sizeof(e->hash));
telescope_ohash_insert(&certs, e);
imsg_compose(fsibuf, IMSG_SAVE_CERT, tab->id, 0, -1,
blob - cb99ea7a939f7c5230e0b2f68e0d635a17c38f8b
blob + fe940e5a5b5676539699936256b935d90222e28b
--- telescope.h
+++ telescope.h
/* hash.c */
void telescope_ohash_init(struct ohash*, unsigned int, ptrdiff_t);
-struct tofu_entry *telescope_lookup_tofu(struct ohash*, const char*);
+struct tofu_entry *telescope_lookup_tofu(struct ohash*, const char*, const char*);
void telescope_ohash_insert(struct ohash*, struct tofu_entry*);
/* hist.c */