[Emacs-diffs] nsm 02/02: NSM: Use the public key hash as the fingerprint

emacs-diffs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Emacs-diffs] nsm 02/02: NSM: Use the public key hash as the fingerprint

From:	Lars Ingebrigtsen
Subject:	[Emacs-diffs] nsm 02/02: NSM: Use the public key hash as the fingerprint
Date:	Wed, 19 Nov 2014 14:16:07 +0000

branch: nsm
commit 703336f68cacf8290d300546d29f8191d8b07a7d
Author: Lars Magne Ingebrigtsen <address@hidden>
Date:   Wed Nov 19 15:15:59 2014 +0100

    NSM: Use the public key hash as the fingerprint
    
    * net/nsm.el (nsm-fingerprint): New function.
    (nsm-fingerprint-ok-p): Use the public key hash as the fingerprint
    instead of the certificate fingerprint.
---
 lisp/ChangeLog  |    6 ++++++
 lisp/net/nsm.el |   16 +++++++++-------
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/lisp/ChangeLog b/lisp/ChangeLog
index 5e761f6..0c0e81d 100644
--- a/lisp/ChangeLog
+++ b/lisp/ChangeLog
@@ -1,3 +1,9 @@
+2014-11-19  Lars Magne Ingebrigtsen  <address@hidden>
+
+       * net/nsm.el (nsm-fingerprint): New function.
+       (nsm-fingerprint-ok-p): Use the public key hash as the fingerprint
+       instead of the certificate fingerprint.
+
 2014-11-18  Lars Magne Ingebrigtsen  <address@hidden>
 
        * net/nsm.el (nsm-query): If running non-interactively, then say
diff --git a/lisp/net/nsm.el b/lisp/net/nsm.el
index 4086f3f..9e18d65 100644
--- a/lisp/net/nsm.el
+++ b/lisp/net/nsm.el
@@ -148,17 +148,20 @@ unencrypted."
              nil)
          process))))))
 
+(defun nsm-fingerprint (status)
+  (plist-get (plist-get status :certificate) :public-key-id))
+
 (defun nsm-fingerprint-ok-p (host port status settings)
   (if (and settings
           (not (eq (plist-get settings :fingerprint) :none))
-          (not (equal (plist-get status :fingerprint)
+          (not (equal (nsm-fingerprint status)
                       (plist-get settings :fingerprint)))
           (not (nsm-query
                 host port status 'fingerprint
                 "The fingerprint for the connection to %s:%s has changed 
from\n%s to\n%s"
                 host port
                 (plist-get settings :fingerprint)
-                (plist-get status :fingerprint))))
+                (nsm-fingerprint status))))
       ;; Not OK.
       nil
     t))
@@ -168,7 +171,7 @@ unencrypted."
    host port nil 'fingerprint
    "The fingerprint for the connection to %s:%s is new:\n%s"
    host port
-   (plist-get status :fingerprint)))
+   (nsm-fingerprint status)))
 
 (defun nsm-check-plain-connection (process host port settings warn-unencrypted)
   ;; If this connection used to be TLS, but is now plain, then it's
@@ -245,10 +248,9 @@ unencrypted."
   (let* ((id (nsm-id host port))
         (saved
          (list :id id
-               :fingerprint (if status
-                                (plist-get status :fingerprint)
-                              ;; Plain connection.
-                              :none))))
+               :fingerprint (or (nsm-fingerprint status)
+                                ;; Plain connection.
+                                :none))))
     (when (or (eq what 'conditions)
              nsm-save-host-names)
       (nconc saved (list :host (format "%s:%s" host port))))

[Prev in Thread]

Current Thread

[Next in Thread]

[Emacs-diffs] nsm updated (8c9ee5e -> 703336f), Lars Ingebrigtsen, 2014/11/19
- [Emacs-diffs] nsm 02/02: NSM: Use the public key hash as the fingerprint, Lars Ingebrigtsen <=
- [Emacs-diffs] nsm 01/02: (gnutls_certificate_details): Return the public key fingerprint, Lars Ingebrigtsen, 2014/11/19

Prev by Date: [Emacs-diffs] nsm updated (8c9ee5e -> 703336f)
Next by Date: [Emacs-diffs] nsm 01/02: (gnutls_certificate_details): Return the public key fingerprint
Previous by thread: [Emacs-diffs] nsm updated (8c9ee5e -> 703336f)
Next by thread: [Emacs-diffs] nsm 01/02: (gnutls_certificate_details): Return the public key fingerprint
Index(es):
- Date
- Thread