aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjake <jake@jakes-mail.top>2022-01-30 22:11:58 -0500
committerjake <jake@jakes-mail.top>2022-01-30 22:11:58 -0500
commit5b50cb700bf70a79f43f901a3512d7dd9ad05536 (patch)
treeff0437ad914b4cd9e04c4e125bbb603cb266472e
parentd3331e07e7f2d7a77cb5eabe7af84ec6942a5018 (diff)
peer_cert() fix when server sends us more than one cert
-rwxr-xr-xgmi.pl17
1 files changed, 12 insertions, 5 deletions
diff --git a/gmi.pl b/gmi.pl
index 4f0e8d3..8b7d595 100755
--- a/gmi.pl
+++ b/gmi.pl
@@ -10,7 +10,7 @@ use warnings;
use feature qw(refaliasing);
no warnings qw(experimental::refaliasing);
-our $VERSION = 'v0.0.28';
+our $VERSION = 'v0.0.29';
# TODO:
# back() only works once; should fix this
@@ -29,6 +29,7 @@ use Smart::Comments; # CPAN
use URI::Encode qw(uri_encode); # CPAN
use IO::Socket::SSL::Utils; # CPAN
use File::Slurper qw(read_dir); # CPAN
+use Data::Dumper;
# sudo cpanm IO::Socket::SSL URL::XS IO::Pager Text::Wraper Term::ReadKey Path::Naive Text::ParseWords Term::ReadLine Smart::Comments URI::Encode IO::Socket::SSL::Utils File::Slurper
@@ -278,12 +279,18 @@ sub url {
}
sub peer_cert {
+ ### peer_cert
# 1. compare figureprint if possible
# 2. is it expired?
# 3. if error: ask user for imput
my ($cl, $hostname) = @_;
- my $peer_cert = CERT_asHash($cl->peer_certificates);
- # IO::Socket::SSL::Utils already has done fingerprinting so we do not need to.
+ ### before CERT_asHash
+ my @peer_certs = $cl->peer_certificates;
+ #print $OUT Dumper(\@peer_certs);
+ #
+ # if the server sends us more than ONE cert then I am baffled as to why but it happens
+ my $peer_cert = CERT_asHash($peer_certs[0]);
+ ### IO Socket SSL Utils already has done fingerprinting so we do not need to.
my $peer_fingerprint = $peer_cert->{fingerprint_sha256};
my $peer_not_before = $peer_cert->{not_before};
my $peer_not_after = $peer_cert->{not_after};
@@ -324,11 +331,11 @@ sub peer_cert {
}
else {
# fingerprint NOT same
- print $OUT colored("!!! THE HOSTS FINGERPRINT IS NOT THE SAME !!!\n", 'bright_red');
+ print $OUT colored("!!! THE HOST'S FINGERPRINT IS NOT THE SAME !!!\n", 'bright_red');
print $OUT "Do you still wish to connect to it? y/N ";
chomp(my $yORn = <STDIN>);
if (lc $yORn eq 'y') {
- print $OUT "Would you like to replace the current fingerprint with this one? y/N ";
+ print $OUT "Would you like to replace the known_host fingerprint with this one? y/N ";
chomp(my $yORn = <STDIN>);
if (lc $yORn eq 'y') {
$known_hosts{$hostname} = $peer_fingerprint;