Prepare to use SHA256 fingerprints of certs.

First let's make clear we're currently using SHA1 & untangle the tlscerts
API from fingerprint specific details.

Related-to: https://github.com/profanity-im/profanity/issues/2068
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
This commit is contained in:
Steffen Jaeckel
2025-11-04 17:09:54 +01:00
parent 7f5ae430af
commit 4dcaa839fa
6 changed files with 50 additions and 51 deletions

View File

@@ -291,12 +291,12 @@ cmd_tls_trust(ProfWin* window, const char* const command, gchar** args)
return TRUE;
}
cafile_add(cert);
if (tlscerts_exists(cert->fingerprint)) {
cons_show("Certificate %s already trusted.", cert->fingerprint);
if (tlscerts_exists(cert)) {
cons_show("Certificate %s already trusted.", cert->fingerprint_sha1);
tlscerts_free(cert);
return TRUE;
}
cons_show("Adding %s to trusted certificates.", cert->fingerprint);
cons_show("Adding %s to trusted certificates.", cert->fingerprint_sha1);
tlscerts_add(cert);
tlscerts_free(cert);
return TRUE;