commit eb4388ee431fd55a5d1a9831935fb2eb77f46be9 from: Omar Polo date: Sun Apr 25 14:20:37 2021 UTC save certificates per (host, port) tuple, not only per-host commit - cedb48e05215d560cda65d66ed0f4cc9bd3a9cb6 commit + eb4388ee431fd55a5d1a9831935fb2eb77f46be9 blob - 393cd886c3af02a75255c128e80daa3497acad73 blob + 29eb896eea48da05f013fe9449898d56ba85677d --- ChangeLog +++ ChangeLog @@ -1,5 +1,7 @@ 2021-04-25 Omar Polo + * hash.c (telescope_lookup_tofu): save certificates per (host, port) tuple, not only per-host + * configure.ac: tagged 0.1.1 * gemini.c (blocking_conn_towards): fix compilation if !HAVE_ASR_RUN blob - 85da37ed241f9e889a3c21f4f5ed5f1a1d884755 blob + 493503f978fc585e875d1ac84a289b1cac1d527c --- hash.c +++ hash.c @@ -17,6 +17,7 @@ #include "telescope.h" #include +#include static void *hash_alloc(size_t, void*); static void *hash_calloc(size_t, size_t, void*); @@ -58,11 +59,18 @@ telescope_ohash_init(struct ohash *h, unsigned int sz, } struct tofu_entry * -telescope_lookup_tofu(struct ohash *h, const char *domain) +telescope_lookup_tofu(struct ohash *h, const char *domain, const char *port) { + char buf[GEMINI_URL_LEN]; unsigned int slot; - slot = ohash_qlookup(h, domain); + strlcpy(buf, domain, sizeof(buf)); + if (port != NULL && *port != '\0' && strcmp(port, "1965")) { + strlcat(buf, ":", sizeof(buf)); + strlcat(buf, port, sizeof(buf)); + } + + slot = ohash_qlookup(h, buf); return ohash_find(h, slot); } blob - eba38de500bc81123c6b190def37f8f30bdd0caa blob + 0114a9fca20231e26c4a1b3db5c6e8a57605665b --- telescope.1 +++ telescope.1 @@ -61,7 +61,7 @@ single space, according to the following format: where: .Bl -tag -width 12m .It HOST -is the hostname. +the hostname, optionally followed by a colon (":") and a port number. .It HASH is the hash of the certificate, as outputted by .Xr tls_peer_cert_hash 3 . blob - 135e8f3fcd9aa1ce68a299ecea4f6ccd80c295b5 blob + e251634d6a37fb0eff87424768dbafd912f746b6 --- telescope.c +++ telescope.c @@ -100,7 +100,7 @@ handle_imsg_check_cert(struct imsg *imsg, size_t datal tab = tab_by_id(imsg->hdr.peerid); - if ((e = telescope_lookup_tofu(&certs, tab->uri.host)) == NULL) { + if ((e = telescope_lookup_tofu(&certs, tab->uri.host, tab->uri.port)) == NULL) { /* TODO: an update in libressl/libretls changed * significantly. Find a better approach at storing * the certs! */ @@ -111,6 +111,10 @@ handle_imsg_check_cert(struct imsg *imsg, size_t datal if ((e = calloc(1, sizeof(*e))) == NULL) abort(); strlcpy(e->domain, tab->uri.host, sizeof(e->domain)); + if (*tab->uri.port != '\0' && strcmp(tab->uri.port, "1965")) { + strlcat(e->domain, ":", sizeof(e->domain)); + strlcat(e->domain, tab->uri.port, sizeof(e->domain)); + } strlcpy(e->hash, hash, sizeof(e->hash)); telescope_ohash_insert(&certs, e); imsg_compose(fsibuf, IMSG_SAVE_CERT, tab->id, 0, -1, blob - cb99ea7a939f7c5230e0b2f68e0d635a17c38f8b blob + fe940e5a5b5676539699936256b935d90222e28b --- telescope.h +++ telescope.h @@ -203,7 +203,7 @@ void gemtext_initparser(struct parser*); /* hash.c */ void telescope_ohash_init(struct ohash*, unsigned int, ptrdiff_t); -struct tofu_entry *telescope_lookup_tofu(struct ohash*, const char*); +struct tofu_entry *telescope_lookup_tofu(struct ohash*, const char*, const char*); void telescope_ohash_insert(struct ohash*, struct tofu_entry*); /* hist.c */