Added /tls cert to show current certificate fingerprint
This commit is contained in:
@@ -206,6 +206,7 @@ static struct cmd_t command_defs[] =
|
||||
"/tls allow",
|
||||
"/tls always",
|
||||
"/tls deny",
|
||||
"/tls cert",
|
||||
"/tls trusted",
|
||||
"/tls revoke <fingerprint>",
|
||||
"/tls certpath",
|
||||
@@ -218,6 +219,7 @@ static struct cmd_t command_defs[] =
|
||||
{ "allow", "Allow connection to continue with an invalid TLS certificate." },
|
||||
{ "always", "Always allow connections with this invalid TLS certificate." },
|
||||
{ "deny", "Terminate TLS connection." },
|
||||
{ "cert", "Show the current TLS certificate." },
|
||||
{ "trusted", "List manually trusted certificates (with /tls always)." },
|
||||
{ "revoke <fingerprint>", "Remove a manually trusted certificate." },
|
||||
{ "certpath", "Show the trusted certificate path." },
|
||||
@@ -2220,6 +2222,7 @@ cmd_init(void)
|
||||
autocomplete_add(tls_ac, "allow");
|
||||
autocomplete_add(tls_ac, "always");
|
||||
autocomplete_add(tls_ac, "deny");
|
||||
autocomplete_add(tls_ac, "cert");
|
||||
autocomplete_add(tls_ac, "trusted");
|
||||
autocomplete_add(tls_ac, "revoke");
|
||||
autocomplete_add(tls_ac, "certpath");
|
||||
|
||||
@@ -159,6 +159,7 @@ gboolean
|
||||
cmd_tls(ProfWin *window, const char *const command, gchar **args)
|
||||
{
|
||||
if (g_strcmp0(args[0], "certpath") == 0) {
|
||||
#ifdef HAVE_LIBMESODE
|
||||
if (g_strcmp0(args[1], "set") == 0) {
|
||||
if (args[2] == NULL) {
|
||||
cons_bad_cmd_usage(command);
|
||||
@@ -189,7 +190,12 @@ cmd_tls(ProfWin *window, const char *const command, gchar **args)
|
||||
cons_bad_cmd_usage(command);
|
||||
return TRUE;
|
||||
}
|
||||
#else
|
||||
cons_show("Certificate path setting only supported when built with libmesode.");
|
||||
return TRUE;
|
||||
#endif
|
||||
} else if (g_strcmp0(args[0], "trusted") == 0) {
|
||||
#ifdef HAVE_LIBMESODE
|
||||
GList *certs = tlscerts_list();
|
||||
GList *curr = certs;
|
||||
|
||||
@@ -224,7 +230,12 @@ cmd_tls(ProfWin *window, const char *const command, gchar **args)
|
||||
}
|
||||
g_list_free_full(certs, (GDestroyNotify)tlscerts_free);
|
||||
return TRUE;
|
||||
#else
|
||||
cons_show("Manual certificate trust only supported when built with libmesode.");
|
||||
return TRUE;
|
||||
#endif
|
||||
} else if (g_strcmp0(args[0], "revoke") == 0) {
|
||||
#ifdef HAVE_LIBMESODE
|
||||
if (args[1] == NULL) {
|
||||
cons_bad_cmd_usage(command);
|
||||
} else {
|
||||
@@ -236,8 +247,34 @@ cmd_tls(ProfWin *window, const char *const command, gchar **args)
|
||||
}
|
||||
}
|
||||
return TRUE;
|
||||
#else
|
||||
cons_show("Manual certificate trust only supported when built with libmesode.");
|
||||
return TRUE;
|
||||
#endif
|
||||
} else if (g_strcmp0(args[0], "show") == 0) {
|
||||
return _cmd_set_boolean_preference(args[1], command, "TLS titlebar indicator", PREF_TLS_SHOW);
|
||||
} else if (g_strcmp0(args[0], "cert") == 0) {
|
||||
#ifdef HAVE_LIBMESODE
|
||||
jabber_conn_status_t conn_status = jabber_get_connection_status();
|
||||
if (conn_status != JABBER_CONNECTED) {
|
||||
cons_show("You are not currently connected.");
|
||||
return TRUE;
|
||||
}
|
||||
if (!jabber_conn_is_secured()) {
|
||||
cons_show("No TLS connection established");
|
||||
return TRUE;
|
||||
}
|
||||
char *cert = jabber_get_tls_peer_cert();
|
||||
if (cert) {
|
||||
cons_show("TLS certificate fingerprint: %s", cert);
|
||||
} else {
|
||||
cons_show("Error getting TLS fingerprint.");
|
||||
}
|
||||
return TRUE;
|
||||
#else
|
||||
cons_show("Certificate fetching not supported.");
|
||||
return TRUE;
|
||||
#endif
|
||||
} else {
|
||||
cons_bad_cmd_usage(command);
|
||||
return TRUE;
|
||||
|
||||
Reference in New Issue
Block a user