-- Leo's gemini proxy
-- Connecting to typed-hole.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini
commit 0719a64b8ee4c8cfac1aaf133ca8c73c56719777
Author: Julien Blanchard <julien@sideburns.eu>
Date: Mon Apr 20 09:41:40 2020 +0200
Read client certificates
diff --git a/Cargo.lock b/Cargo.lock
index 79e60df..4d89443 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -149,6 +149,7 @@ dependencies = [
"lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
"native-tls 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)",
"open 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "openssl 0.10.26 (registry+https://github.com/rust-lang/crates.io-index)",
"pango 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)",
"percent-encoding 2.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
"regex 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
diff --git a/Cargo.toml b/Cargo.toml
index 411c2f6..3262b65 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -16,6 +16,7 @@ pango = "*"
open = "*"
regex = "*"
native-tls = "*"
+openssl = "*"
url = "*"
tempfile = "*"
dirs = "*"
diff --git a/src/gemini/certificate.rs b/src/gemini/certificate.rs
new file mode 100644
index 0000000..ce06257
--- /dev/null
+++ b/src/gemini/certificate.rs
@@ -0,0 +1,30 @@
+extern crate dirs;
+use std::fs;
+use openssl::pkcs12::Pkcs12;
+
+pub fn get_certificate(host: &str) -> Option<Pkcs12> {
+ let mut key_path = dirs::home_dir().unwrap();
+ let mut cert_path = dirs::home_dir().unwrap();
+ let key_name = format!("{}.key", host);
+ let cert_name = format!("{}.crt", host);
+
+ key_path.push(key_name);
+ cert_path.push(cert_name);
+
+ let key = match fs::read(key_path.to_str().unwrap()) {
+ Ok(file) => file,
+ Err(_) => return None
+ };
+
+ let cert = match fs::read(cert_path.to_str().unwrap()) {
+ Ok(file) => file,
+ Err(_) => return None
+ };
+
+ let rsa_key = openssl::rsa::Rsa::private_key_from_pem(&key).expect("Invalid RSA key");
+ let pkey = openssl::pkey::PKey::from_rsa(rsa_key).expect("Invalid PKey");
+ let cert = openssl::x509::X509::from_pem(&cert).expect("Invalid certificate");
+
+ let pkcs_cert = Pkcs12::builder().build("", "", &pkey, &cert).expect("Can't build PKCS12");
+ Some(pkcs_cert)
+}
diff --git a/src/gemini/client.rs b/src/gemini/client.rs
index 0658ff0..42501c4 100644
--- a/src/gemini/client.rs
+++ b/src/gemini/client.rs
@@ -13,6 +13,16 @@ pub fn get_data<T: Protocol>(url: T) -> Result<(Option<Vec<u8>>, Vec<u8>), Strin
let mut builder = TlsConnector::builder();
builder.danger_accept_invalid_hostnames(true);
builder.danger_accept_invalid_certs(true);
+
+ match crate::gemini::certificate::get_certificate(host) {
+ Some(cert) => {
+ let der = cert.to_der().unwrap();
+ let identity = native_tls::Identity::from_pkcs12(&der, "").unwrap();
+ builder.identity(identity);
+ },
+ None => ()
+ };
+
let connector = builder.build().unwrap();
match urlf.to_socket_addrs() {
diff --git a/src/gemini/mod.rs b/src/gemini/mod.rs
index b6c0233..927a04b 100644
--- a/src/gemini/mod.rs
+++ b/src/gemini/mod.rs
@@ -1,3 +1,4 @@
+pub mod certificate;
pub mod client;
pub mod link;
pub mod parser;
diff --git a/src/main.rs b/src/main.rs
index 456da9c..33c81b6 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -180,6 +180,7 @@ fn visit_url<T: AbsoluteUrl + Protocol>(gui: &Arc<Gui>, url: T) {
Ok(absolute_url) => match gemini::client::get_data(url) {
Ok((meta, new_content)) => {
let meta_str = String::from_utf8_lossy(&meta.unwrap()).to_string();
+ println!("{:?}", meta_str);
if let Ok(status) = Status::from_str(&meta_str) {
match status {
Status::Success(meta) => {
---
Served by Pollux Gemini Server.
-- Response ended
-- Page fetched on Sun May 19 06:31:03 2024