WIP implement tofu

CandyCorvid
Jul 13, 2023, 10:58 AM
W6L422WPVB6BD5L42EBUQX5CS2ZN5KBLIOFPAGUNA37PYPLP2GAAC

Dependencies

  • [2] 3SPNKI46 Improve parsing. Add modules that were missed

Change contents

  • edit in src/danger.rs at line 5
    [2.9993][2.9993:10019]()
    // unconditionally trusts
  • edit in src/danger.rs at line 6
    [2.10038]
    [2.10038]
    /// Unconditionally trusts all certificates
  • replacement in src/danger.rs at line 8
    [2.10056][2.10056:10097]()
    // trust on first use
    pub struct Tofu {}
    [2.10056]
    [2.10097]
  • edit in src/danger.rs at line 22
    [2.10449]
    /// Trust on first use
    pub struct Tofu {
    known_hosts: Vec<TofuHost>,
    }
    pub struct TofuHost {}
    /*
    impl rustls::client::ServerCertVerifier for Tofu {
    fn verify_server_cert(
    &self,
    end_entity: &Certificate,
    _: &[Certificate],
    server_name: &ServerName,
    scts: &mut dyn Iterator<Item = &[u8]>,
    ocsp_response: &[u8],
    now: SystemTime,
    ) -> Result<ServerCertVerified, Error> {
    let host: TofuHost = TofuHost::new();
    if self.knows(host) {
    if self.trusts(host) {
    Ok(())
    } else {
    Err(())
    }
    } else {
    self.remember(host);
    Ok(())
    }
    }
    }
    */