Emi/kochab
Emi
/
kochab
1
1
Fork 0
Code Issues Pull Requests Releases Activity

Merge pull request #32 from Alch-Emi/fix-kristall 

Include a workaround for a bug with rustls & webpki
This commit is contained in:
panicbit 2020-11-22 10:18:15 +01:00 committed by GitHub
parent 0ca71e46c9 4d0b0521d6
commit 6930a06ece
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/lib.rs
View File

@ -17,6 +17,7 @@ use tokio::{
}; };
use tokio::net::TcpListener; use tokio::net::TcpListener;
use rustls::ClientCertVerifier; use rustls::ClientCertVerifier;
use rustls::internal::msgs::handshake::DigitallySignedStruct;
use tokio_rustls::{rustls, TlsAcceptor}; use tokio_rustls::{rustls, TlsAcceptor};
use rustls::*; use rustls::*;
use anyhow::*; use anyhow::*;
@ -434,6 +435,8 @@ impl ClientCertVerifier for AllowAnonOrSelfsignedClient {
Some(false) Some(false)
} }
// the below methods are a hack until webpki doesn't break with certain certs
fn verify_client_cert( fn verify_client_cert(
&self, &self,
_: &[Certificate], _: &[Certificate],
@ -441,6 +444,24 @@ impl ClientCertVerifier for AllowAnonOrSelfsignedClient {
) -> Result<ClientCertVerified, TLSError> { ) -> Result<ClientCertVerified, TLSError> {
Ok(ClientCertVerified::assertion()) Ok(ClientCertVerified::assertion())
} }
fn verify_tls12_signature(
&self,
_message: &[u8],
_cert: &Certificate,
_dss: &DigitallySignedStruct,
) -> Result<HandshakeSignatureValid, TLSError> {
Ok(HandshakeSignatureValid::assertion())
}
fn verify_tls13_signature(
&self,
_message: &[u8],
_cert: &Certificate,
_dss: &DigitallySignedStruct,
) -> Result<HandshakeSignatureValid, TLSError> {
Ok(HandshakeSignatureValid::assertion())
}
} }
#[cfg(test)] #[cfg(test)]