shithub: rd

Download patch

ref: d1415c2ea0cb13fd4504a51687863687e75409b8
parent: 358c45c5326b463845e900fd8f16475c85a8d681
author: glenda <glenda@9front.local>
date: Mon Jun 21 17:23:35 EDT 2021

add ssh-style thumbprint error message (thanks izaki)

--- a/tls.c
+++ b/tls.c
@@ -19,7 +19,10 @@
 	sha1(cert, certlen, digest, nil);
 	table = initThumbprints("/sys/lib/tls/rdp", "/sys/lib/tls/rdp.exclude", "x224");
 	if(!table || !okThumbprint(digest, SHA1dlen, table)){
-		werrstr("server certificate %.*H not recognized", SHA1dlen, digest);
+		werrstr("server certificate not recognized");
+		fprint(2, "verify server certificate %.*H \n", SHA1dlen, digest);
+		fprint(2, "add thumbprint after verification\n");
+		fprint(2, "\techo 'x224 sha1=%.*H' >> %q\n", SHA1dlen, digest, "/sys/lib/tls/rdp");
 		return 0;
 	}
 	freeThumbprints(table);