ref: d1415c2ea0cb13fd4504a51687863687e75409b8
parent: 358c45c5326b463845e900fd8f16475c85a8d681
author: glenda <glenda@9front.local>
date: Mon Jun 21 17:23:35 EDT 2021
add ssh-style thumbprint error message (thanks izaki)
--- a/tls.c
+++ b/tls.c
@@ -19,7 +19,10 @@
sha1(cert, certlen, digest, nil);
table = initThumbprints("/sys/lib/tls/rdp", "/sys/lib/tls/rdp.exclude", "x224"); if(!table || !okThumbprint(digest, SHA1dlen, table)){- werrstr("server certificate %.*H not recognized", SHA1dlen, digest);+ werrstr("server certificate not recognized");+ fprint(2, "verify server certificate %.*H \n", SHA1dlen, digest);
+ fprint(2, "add thumbprint after verification\n");
+ fprint(2, "\techo 'x224 sha1=%.*H' >> %q\n", SHA1dlen, digest, "/sys/lib/tls/rdp");
return 0;
}
freeThumbprints(table);