With option --tofu, gnutls-cli waits with a yes-no-question upon
certificate changes. I added the option --stricttofu that omits the
question and fails instead.
The contribution is in accordance to the "Developer's Certificate of
Origin" as found in the file doc/DCO.txt.
Best wishes
Jens
Signed-off-by: Jens Lechtenbörger <jens.lechtenboerger@fsfe.org>
doc = "This option will, in addition to certificate authentication, perform authentication based on previously seen public keys, a model similar to SSH authentication.";
};
+flag = {
+ name = strict-tofu;
+ descrip = "Fail to connect if a known certificate has changed";
+ disabled;
+ disable = "no";
+ doc = "This option will perform authentication as with option --tofu; however, while --tofu asks whether to trust a changed certificate, this option will fail in case of certificate changes.";
+};
+
flag = {
name = dane;
descrip = "Enable DANE certificate verification (DNSSEC)";
Notice that the private key only differs from the certificate in the object-type.
_EOF_;
};
-
int rc;
unsigned int status = 0;
int ssh = ENABLED_OPT(TOFU);
+ int strictssh = ENABLED_OPT(STRICT_TOFU);
+ if (strictssh) {
+ ssh = strictssh;
+ }
+
#ifdef HAVE_DANE
int dane = ENABLED_OPT(DANE);
#endif
"Its certificate is valid for %s.\n",
hostname);
- rc = read_yesno
- ("Do you trust the received key? (y/N): ");
- if (rc == 0)
- return -1;
+ if (strictssh == 0) {
+ rc = read_yesno
+ ("Do you trust the received key? (y/N): ");
+ if (rc == 0)
+ return -1;
+ } else return -1;
+
} else if (rc < 0) {
fprintf(stderr,
"gnutls_verify_stored_pubkey: %s\n",
projects / thirdparty / gnutls.git / commitdiff
