From 239e09805d35079a7876ea6cbed4be70600a17d8 Mon Sep 17 00:00:00 2001 From: klve bunc ntnn Date: Mon, 22 Nov 2021 23:02:59 +0200 Subject: [PATCH] Added NoTrustStore for cert verification --- src/bin/poptea-cli.rs | 19 ++++++++++++------- src/infra/fs.rs | 13 ++++++++----- src/infra/mod.rs | 2 +- src/infra/tls.rs | 9 +++++++++ src/lib.rs | 2 +- 5 files changed, 31 insertions(+), 14 deletions(-) diff --git a/src/bin/poptea-cli.rs b/src/bin/poptea-cli.rs index 67722c0..b816908 100644 --- a/src/bin/poptea-cli.rs +++ b/src/bin/poptea-cli.rs @@ -7,18 +7,23 @@ use std::{ fn main() { let url = std::env::args().nth(1).expect("please provide gemini url"); - let fs = Arc::new(Mutex::new(poptea::FileSystem::new(".poptea".into()).expect("failed to init file storage"))); + /* To use file as a trust store uncomment the code bellow */ + // let fs = Arc::new(Mutex::new( + // poptea::FileSystem::new(".poptea".into()).expect("failed to init file storage"), + // )); - let client = poptea::TlsClient::new(fs.clone()); + let no_ts = poptea::NoTrustStore::default(); + let ts = Arc::new(Mutex::new(no_ts)); + + let client = poptea::TlsClient::new(ts.clone()); let res = client.get(&url).expect("failed to make a request"); io::stdout() .write_all(&res.body.unwrap_or_else(|| b"response has no body".to_vec())) .expect("failed to write to stdout"); - fs - .lock() - .expect("filesystem mutex deadlock") - .flush_trust_store() - .expect("failed to persist known hosts"); + // fs.lock() + // .expect("filesystem mutex deadlock") + // .flush_trust_store() + // .expect("failed to persist known hosts"); } diff --git a/src/infra/fs.rs b/src/infra/fs.rs index dc7056f..f1f3b76 100644 --- a/src/infra/fs.rs +++ b/src/infra/fs.rs @@ -1,9 +1,9 @@ +use crate::{PopError, PopResult, TrustStore, VerifyStatus}; use std::collections::HashMap; -use std::fs::{create_dir, OpenOptions}; +use std::fs::OpenOptions; use std::io::prelude::*; use std::io::LineWriter; use std::io::{self, BufRead}; -use crate::{PopError, PopResult, TrustStore, VerifyStatus}; pub struct FileSystem { trust_store: HashMap, @@ -21,7 +21,7 @@ impl FileSystem { }) } - fn load_trust_store(pop_dir: &str, store: &mut HashMap) -> PopResult<()>{ + fn load_trust_store(pop_dir: &str, store: &mut HashMap) -> PopResult<()> { let trust_path = format!("{}/known_hosts", pop_dir); let file = OpenOptions::new() .write(true) @@ -31,7 +31,9 @@ impl FileSystem { for line in io::BufReader::new(file).lines() { if let Ok(kh) = line { - let (host, fingerprint) = kh.split_once(" ").ok_or_else(|| PopError::Local("failed parse fingerprint line".into()))?; + let (host, fingerprint) = kh + .split_once(" ") + .ok_or_else(|| PopError::Local("failed parse fingerprint line".into()))?; store.insert(host.to_string(), fingerprint.to_string()); } @@ -50,7 +52,8 @@ impl FileSystem { let mut file = LineWriter::new(file); for (h, f) in &self.trust_store { - file.write_all(format!("{} {}\n", h, f).as_bytes()).map_err(|e| PopError::Local(e.to_string()))?; + file.write_all(format!("{} {}\n", h, f).as_bytes()) + .map_err(|e| PopError::Local(e.to_string()))?; } file.flush().map_err(|e| PopError::Local(e.to_string()))?; diff --git a/src/infra/mod.rs b/src/infra/mod.rs index 1ab5a22..a4debff 100644 --- a/src/infra/mod.rs +++ b/src/infra/mod.rs @@ -2,4 +2,4 @@ mod fs; mod tls; pub use fs::FileSystem; -pub use tls::TlsClient; +pub use tls::{NoTrustStore, TlsClient}; diff --git a/src/infra/tls.rs b/src/infra/tls.rs index 944b14d..24e298d 100644 --- a/src/infra/tls.rs +++ b/src/infra/tls.rs @@ -135,3 +135,12 @@ impl GeminiClient for TlsClient { }) } } + +#[derive(Default)] +pub struct NoTrustStore {} + +impl TrustStore for NoTrustStore { + fn verify(&mut self, _addr: &str, _fingerprint: String) -> PopResult { + Ok(VerifyStatus::Trusted) + } +} diff --git a/src/lib.rs b/src/lib.rs index 11d19c0..84d2b0b 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -2,7 +2,7 @@ use std::fmt; use std::str::FromStr; mod infra; -pub use infra::{FileSystem, TlsClient}; +pub use infra::*; #[derive(Debug)] pub enum GemStatus { -- 2.38.5