[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] nsm 02/02: NSM: Use the public key hash as the fingerprint
From: |
Lars Ingebrigtsen |
Subject: |
[Emacs-diffs] nsm 02/02: NSM: Use the public key hash as the fingerprint |
Date: |
Wed, 19 Nov 2014 14:16:07 +0000 |
branch: nsm
commit 703336f68cacf8290d300546d29f8191d8b07a7d
Author: Lars Magne Ingebrigtsen <address@hidden>
Date: Wed Nov 19 15:15:59 2014 +0100
NSM: Use the public key hash as the fingerprint
* net/nsm.el (nsm-fingerprint): New function.
(nsm-fingerprint-ok-p): Use the public key hash as the fingerprint
instead of the certificate fingerprint.
---
lisp/ChangeLog | 6 ++++++
lisp/net/nsm.el | 16 +++++++++-------
2 files changed, 15 insertions(+), 7 deletions(-)
diff --git a/lisp/ChangeLog b/lisp/ChangeLog
index 5e761f6..0c0e81d 100644
--- a/lisp/ChangeLog
+++ b/lisp/ChangeLog
@@ -1,3 +1,9 @@
+2014-11-19 Lars Magne Ingebrigtsen <address@hidden>
+
+ * net/nsm.el (nsm-fingerprint): New function.
+ (nsm-fingerprint-ok-p): Use the public key hash as the fingerprint
+ instead of the certificate fingerprint.
+
2014-11-18 Lars Magne Ingebrigtsen <address@hidden>
* net/nsm.el (nsm-query): If running non-interactively, then say
diff --git a/lisp/net/nsm.el b/lisp/net/nsm.el
index 4086f3f..9e18d65 100644
--- a/lisp/net/nsm.el
+++ b/lisp/net/nsm.el
@@ -148,17 +148,20 @@ unencrypted."
nil)
process))))))
+(defun nsm-fingerprint (status)
+ (plist-get (plist-get status :certificate) :public-key-id))
+
(defun nsm-fingerprint-ok-p (host port status settings)
(if (and settings
(not (eq (plist-get settings :fingerprint) :none))
- (not (equal (plist-get status :fingerprint)
+ (not (equal (nsm-fingerprint status)
(plist-get settings :fingerprint)))
(not (nsm-query
host port status 'fingerprint
"The fingerprint for the connection to %s:%s has changed
from\n%s to\n%s"
host port
(plist-get settings :fingerprint)
- (plist-get status :fingerprint))))
+ (nsm-fingerprint status))))
;; Not OK.
nil
t))
@@ -168,7 +171,7 @@ unencrypted."
host port nil 'fingerprint
"The fingerprint for the connection to %s:%s is new:\n%s"
host port
- (plist-get status :fingerprint)))
+ (nsm-fingerprint status)))
(defun nsm-check-plain-connection (process host port settings warn-unencrypted)
;; If this connection used to be TLS, but is now plain, then it's
@@ -245,10 +248,9 @@ unencrypted."
(let* ((id (nsm-id host port))
(saved
(list :id id
- :fingerprint (if status
- (plist-get status :fingerprint)
- ;; Plain connection.
- :none))))
+ :fingerprint (or (nsm-fingerprint status)
+ ;; Plain connection.
+ :none))))
(when (or (eq what 'conditions)
nsm-save-host-names)
(nconc saved (list :host (format "%s:%s" host port))))