diff options
| author | Jaakko Keränen <jaakko.keranen@iki.fi> | 2021-07-16 15:45:08 +0300 |
|---|---|---|
| committer | Jaakko Keränen <jaakko.keranen@iki.fi> | 2021-07-16 15:45:08 +0300 |
| commit | 393f6b682c1f67d8fb3f468a60e361d6f4e1b348 (patch) | |
| tree | 479b724011f06b8156eab8cdbf63cdc1c36cd8b2 /src/gmutil.h | |
| parent | d16ec2473b826790238b0f0404f037c3155fe19a (diff) | |
Improved TOFU implementation
If a server sends a different certificate (checked by matching public key fingerprints), abort the connection at the TLS handshake stage.
A new error page is shown explaining the situation. A button is provided for conveniently opening Page Information, where trust can be updated.
The file format of "visited.txt" was updated, so it is now called "visited.2.txt". The new format includes server port numbers, and the fingerprints are calculated based on public keys.
IssueID #308
IssueID #309
IssueID #310
Diffstat (limited to 'src/gmutil.h')
| -rw-r--r-- | src/gmutil.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/gmutil.h b/src/gmutil.h index 40fa1cf9..1bf41775 100644 --- a/src/gmutil.h +++ b/src/gmutil.h | |||
| @@ -43,6 +43,7 @@ enum iGmStatusCode { | |||
| 43 | unknownStatusCode_GmStatusCode, | 43 | unknownStatusCode_GmStatusCode, |
| 44 | invalidLocalResource_GmStatusCode, | 44 | invalidLocalResource_GmStatusCode, |
| 45 | tlsFailure_GmStatusCode, | 45 | tlsFailure_GmStatusCode, |
| 46 | tlsServerCertificateNotVerified_GmStatusCode, | ||
| 46 | 47 | ||
| 47 | none_GmStatusCode = 0, | 48 | none_GmStatusCode = 0, |
| 48 | /* general status code categories */ | 49 | /* general status code categories */ |