Compare commits

...

3 commits

3 changed files with 12 additions and 4 deletions

View file

@ -5,9 +5,9 @@ Gemini protocol client and server implementation written in Rust with Tokio.
## TODO ## TODO
- [ ] Write tests for Client - [ ] Write tests for Client
- [ ] Check self-signed cert with DANE before trusting it - [x] Check self-signed cert with DANE before trusting it
- [ ] Clean up `FileBasedCertVerifier` code - [x] Clean up `FileBasedCertVerifier` code
- [ ] Add `SqliteBasedCertVerifier` (?) - [ ] Add `SqliteBasedCertVerifier` (?)
- [ ] Implement automatic redirection following
- [ ] Implement client authorization - [ ] Implement client authorization
- [ ] Separate general I/O error into different error types
- [ ] Implement server - [ ] Implement server

View file

@ -13,8 +13,15 @@ use tokio_rustls::rustls::{
#[derive(Debug)] #[derive(Debug)]
pub struct AllowAllCertVerifier(Arc<CryptoProvider>); pub struct AllowAllCertVerifier(Arc<CryptoProvider>);
impl Default for AllowAllCertVerifier {
/// Same as [`AllowAllCertVerifier::new()`].
fn default() -> Self {
Self::new()
}
}
impl AllowAllCertVerifier { impl AllowAllCertVerifier {
/// Constructor for this verifier /// Constructor for this verifier.
pub fn new() -> Self { pub fn new() -> Self {
AllowAllCertVerifier( AllowAllCertVerifier(
CryptoProvider::get_default() CryptoProvider::get_default()

View file

@ -125,6 +125,7 @@ impl KnownHostsFile {
/// Write a new trusted cert's fingerprint to the known_hosts file. /// Write a new trusted cert's fingerprint to the known_hosts file.
/// - `fp` is a TLS cert hash in base64 (see [`CertFingerprint::base64`]), /// - `fp` is a TLS cert hash in base64 (see [`CertFingerprint::base64`]),
/// - `fptype` is a name of hashing algorithm (see [`CertFingerprint::fingerprint_type_str`]). /// - `fptype` is a name of hashing algorithm (see [`CertFingerprint::fingerprint_type_str`]).
///
/// The certificate will not be trusted in the current session unless you call `add_cert_to_hashmap`, /// The certificate will not be trusted in the current session unless you call `add_cert_to_hashmap`,
/// so use this function only if you need modularity, otherwise just use `add_trusted_cert`. /// so use this function only if you need modularity, otherwise just use `add_trusted_cert`.
pub async fn add_cert_to_file( pub async fn add_cert_to_file(