unsafely disable TLS cert validation for now

2020-07-25 14:16:31 -04:00 · 2020-07-25 14:16:31 -04:00 · 02558b4dff
parent d96a7a85bf
commit 02558b4dff
3 changed files with 40 additions and 27 deletions
--- a/Cargo.toml
+++ b/Cargo.toml
@ -10,7 +10,7 @@ edition = "2018"
 num = "0.2"
 num-derive = "0.3"
 num-traits = "0.2"
-rustls = { version = "0.18", optional = true }
+rustls = { version = "0.18", optional = true, features = ["dangerous_configuration"] }
 webpki = { version = "0.21.0", optional = true }
 webpki-roots = { version = "0.20", optional = true }
 log = "0.4"
--- a/majc/src/main.rs
+++ b/majc/src/main.rs
@ -1,7 +1,7 @@
 use cursive::{
    event::Key,
    menu::MenuTree,
-    theme::{BaseColor, Color, Effect, Style},
+    theme::{Effect, Style},
    traits::*,
    utils::markup::StyledString,
    views::{Dialog, EditView, Panel, ResizedView, TextView},
@ -53,7 +53,9 @@ fn help(siv: &mut Cursive) {
    let content = include_str!("./help.gmi");

    siv.add_layer(
-        Dialog::around(Panel::new(TextView::new(render_gemini(content)).scrollable()))
+        Dialog::around(Panel::new(
+            TextView::new(render_gemini(content)).scrollable(),
+        ))
        .title("Help")
        .dismiss_button("Ok"),
    );
@ -99,11 +101,15 @@ fn show(siv: &mut Cursive, url: &str, resp: Response) {
    use StatusCode::*;

    match resp.status {
-        Success => {
-            match str::from_utf8(&resp.body) {
+        Success => match str::from_utf8(&resp.body) {
            Ok(content) => {
+                let content: StyledString = if resp.meta.starts_with("text/gemini") {
+                    render_gemini(content)
+                } else {
+                    StyledString::plain(content)
+                };
                siv.add_fullscreen_layer(ResizedView::with_full_screen(
-                        Dialog::around(TextView::new(render_gemini(content)).scrollable())
+                    Dialog::around(TextView::new(content).scrollable())
                        .title(format!("{}: {}", url, resp.meta)),
                ));
            }
@ -113,8 +119,7 @@ fn show(siv: &mut Cursive, url: &str, resp: Response) {
                    url, why
                )));
            }
-            }
-        }
+        },

        TemporaryRedirect => {
            open(siv, resp.meta.as_str());
@ -141,10 +146,7 @@ fn render_gemini(body: &str) -> StyledString {
        match node {
            Text(line) => styled.append(StyledString::plain(line)),
            Link { to, name } => match name {
-                None => styled.append(StyledString::styled(
-                    to,
-                    Style::from(Effect::Underline),
-                )),
+                None => styled.append(StyledString::styled(to, Style::from(Effect::Underline))),
                Some(name) => styled.append(StyledString::styled(
                    format!("{}: {}", to, name),
                    Style::from(Effect::Underline),
--- a/src/client.rs
+++ b/src/client.rs
@ -5,10 +5,21 @@ use url::Url;

 fn config() -> ClientConfig {
    let mut config = ClientConfig::new();
+    config.dangerous().set_certificate_verifier(Arc::new(NoCertificateVerification{}));
+
    config
-        .root_store
-        .add_server_trust_anchors(&webpki_roots::TLS_SERVER_ROOTS);
-    config
+}
+
+struct NoCertificateVerification {}
+
+impl rustls::ServerCertVerifier for NoCertificateVerification {
+    fn verify_server_cert(&self,
+                          _roots: &rustls::RootCertStore,
+                          _presented_certs: &[rustls::Certificate],
+                          _dns_name: webpki::DNSNameRef<'_>,
+                          _ocsp: &[u8]) -> Result<rustls::ServerCertVerified, rustls::TLSError> {
+        Ok(rustls::ServerCertVerified::assertion())
+    }
 }

 #[derive(thiserror::Error, Debug)]