cadey/maj
cadey
/
maj
1
0
Fork 1
Code Issues 4 Pull Requests Releases 7 Wiki Activity

retain client certs in maj::server::Request #7

New Issue
Open
opened 2020-09-25 06:28:30 +00:00 by boringcactus · 4 comments
boringcactus commented 2020-09-25 06:28:30 +00:00
Contributor
Copy Link

i noticed that the certs field is always empty, and it would be neat if that were not the case. (i'll prob work on a pull request for it in a bit.)

i noticed that the certs field is always empty, and it would be neat if that were not the case. (i'll prob work on a pull request for it in a bit.)
boringcactus commented 2020-09-25 06:46:16 +00:00
Author
Contributor
Copy Link

oh god this is blocked on https://github.com/async-rs/async-tls/issues/33

oh god this is blocked on https://github.com/async-rs/async-tls/issues/33
boringcactus commented 2020-09-25 10:23:13 +00:00
Author
Contributor
Copy Link

well i have a change in https://tulpa.dev/boringcactus/maj/src/branch/preserve-client-certs that at least halfway works. the other end is you need a ClientCertVerifier that actually handles Gemini client certs well - I wasn't having any luck with AllowAnyAnonymousOrAuthenticatedClient even though by all rights that should work. i threw together https://git.sr.ht/~boringcactus/gemifedi/tree/main/src/client_cert_fix.rs which technically works but is also an extremely bad idea.

well i have a change in https://tulpa.dev/boringcactus/maj/src/branch/preserve-client-certs that at least halfway works. the other end is you need a `ClientCertVerifier` that actually handles Gemini client certs well - I wasn't having any luck with [`AllowAnyAnonymousOrAuthenticatedClient`](https://docs.rs/rustls/0.18.0/rustls/struct.AllowAnyAnonymousOrAuthenticatedClient.html) even though by all rights that should work. i threw together https://git.sr.ht/~boringcactus/gemifedi/tree/main/src/client_cert_fix.rs which technically works but is also an extremely bad idea.
cadey commented 2020-09-26 13:23:37 +00:00
Owner
Copy Link

I'll take a look, I've been considering ripping out async-std and replacing it with Tokio. I think that its TLS wrapper has client cert support. Thanks!

I'll take a look, I've been considering ripping out async-std and replacing it with Tokio. I think that its TLS wrapper has client cert support. Thanks!
Ghost commented 2020-12-06 18:57:06 +00:00
Copy Link

if y'all find a way to do this without implementing a new ClientCertVerifier, that'd be hella cool. afaik the whole rust-gemini sever ecosystem uses the same hack, or at the very least northstar/kochab and stargazer all do.

if y'all find a way to do this without implementing a new ClientCertVerifier, that'd be hella cool. afaik the whole rust-gemini sever ecosystem uses the same hack, or at the very least [northstar]/[kochab] and [stargazer] all do. [northstar]: https://github.com/panicbit/northstar/blob/eebf7119fbe029d512c29900b9523975eee73160/src/lib.rs#L449 [kochab]: https://gitlab.com/Alch_Emi/kochab/-/blob/05089bfea6cc4aafd3e4d1d3977ae605e5cf0a8b/src/cert.rs#L220 [stargazer]: https://git.sr.ht/~zethra/stargazer/tree/63fb8359c784e86f25822124f763d15d28391c37/src/tls.rs#L44
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
main
karnycukta
maj-async-std
majc-history
v0.6.2
v0.6.1
v0.6.0
v0.5.0
v0.4.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
magc

an interactive curses client for gemini

  
magd

the daemon that serves static files and lua apps

  
question

More information is needed

  
wontfix

This won't be fixed

No Label
bug
duplicate
enhancement
help wanted
invalid
magc
magd
question
wontfix
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
3 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: cadey/maj#7
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?