diff options
author | jake <jake@jakes-mail.top> | 2022-01-30 22:11:58 -0500 |
---|---|---|
committer | jake <jake@jakes-mail.top> | 2022-01-30 22:11:58 -0500 |
commit | 5b50cb700bf70a79f43f901a3512d7dd9ad05536 (patch) | |
tree | ff0437ad914b4cd9e04c4e125bbb603cb266472e | |
parent | d3331e07e7f2d7a77cb5eabe7af84ec6942a5018 (diff) |
peer_cert() fix when server sends us more than one cert
-rwxr-xr-x | gmi.pl | 17 |
1 files changed, 12 insertions, 5 deletions
@@ -10,7 +10,7 @@ use warnings; use feature qw(refaliasing); no warnings qw(experimental::refaliasing); -our $VERSION = 'v0.0.28'; +our $VERSION = 'v0.0.29'; # TODO: # back() only works once; should fix this @@ -29,6 +29,7 @@ use Smart::Comments; # CPAN use URI::Encode qw(uri_encode); # CPAN use IO::Socket::SSL::Utils; # CPAN use File::Slurper qw(read_dir); # CPAN +use Data::Dumper; # sudo cpanm IO::Socket::SSL URL::XS IO::Pager Text::Wraper Term::ReadKey Path::Naive Text::ParseWords Term::ReadLine Smart::Comments URI::Encode IO::Socket::SSL::Utils File::Slurper @@ -278,12 +279,18 @@ sub url { } sub peer_cert { + ### peer_cert # 1. compare figureprint if possible # 2. is it expired? # 3. if error: ask user for imput my ($cl, $hostname) = @_; - my $peer_cert = CERT_asHash($cl->peer_certificates); - # IO::Socket::SSL::Utils already has done fingerprinting so we do not need to. + ### before CERT_asHash + my @peer_certs = $cl->peer_certificates; + #print $OUT Dumper(\@peer_certs); + # + # if the server sends us more than ONE cert then I am baffled as to why but it happens + my $peer_cert = CERT_asHash($peer_certs[0]); + ### IO Socket SSL Utils already has done fingerprinting so we do not need to. my $peer_fingerprint = $peer_cert->{fingerprint_sha256}; my $peer_not_before = $peer_cert->{not_before}; my $peer_not_after = $peer_cert->{not_after}; @@ -324,11 +331,11 @@ sub peer_cert { } else { # fingerprint NOT same - print $OUT colored("!!! THE HOSTS FINGERPRINT IS NOT THE SAME !!!\n", 'bright_red'); + print $OUT colored("!!! THE HOST'S FINGERPRINT IS NOT THE SAME !!!\n", 'bright_red'); print $OUT "Do you still wish to connect to it? y/N "; chomp(my $yORn = <STDIN>); if (lc $yORn eq 'y') { - print $OUT "Would you like to replace the current fingerprint with this one? y/N "; + print $OUT "Would you like to replace the known_host fingerprint with this one? y/N "; chomp(my $yORn = <STDIN>); if (lc $yORn eq 'y') { $known_hosts{$hostname} = $peer_fingerprint; |