Use the stronger certificate fingerprint.

If a cert has a SHA256 use that one and only use SHA1 as fallback.

Closes: https://github.com/profanity-im/profanity/issues/2068
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
This commit is contained in:
Steffen Jaeckel
2025-11-04 17:46:48 +01:00
parent 0acea8d0d2
commit a07cff8a99
6 changed files with 31 additions and 22 deletions

View File

@@ -292,11 +292,11 @@ cmd_tls_trust(ProfWin* window, const char* const command, gchar** args)
}
cafile_add(cert);
if (tlscerts_exists(cert)) {
cons_show("Certificate %s already trusted.", cert->fingerprint_sha1);
cons_show("Certificate %s already trusted.", cert->fingerprint);
tlscerts_free(cert);
return TRUE;
}
cons_show("Adding %s to trusted certificates.", cert->fingerprint_sha1);
cons_show("Adding %s to trusted certificates.", cert->fingerprint);
tlscerts_add(cert);
tlscerts_free(cert);
return TRUE;