-
-
Notifications
You must be signed in to change notification settings - Fork 240
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A simple fix for I2P and Lokinet. #1445
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a way to request the domain's suffix e.g. domain.get_suffix()
and check it if it is in an array/list of suffixes instead? This would simplify the code a bit. Then other proxified suffixes can be easily added to the array/list.
I know nothing about Vala, I just treated Vala as C when I was writing that code and was afraid of breaking anything. Maybe some others could get it into an array instead. |
Would be great to add snode aswell if that's possible |
@@ -382,9 +382,11 @@ public class ConnectionManager : Object { | |||
} | |||
|
|||
public static bool on_invalid_certificate(string domain, TlsCertificate peer_cert, TlsCertificateFlags errors) { | |||
if (domain.has_suffix(".onion") && errors == TlsCertificateFlags.UNKNOWN_CA) { | |||
if ((domain.has_suffix(".onion") || domain.has_suffix(".i2p") || domain.has_suffix(".loki")) && errors == TlsCertificateFlags.UNKNOWN_CA) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
as @Quix0r pointed, you could do something like
string[] domain_exceptions = {".onion", ".i2p", ".loki", ".etc"};
foreach (string domain_exception in domain_exceptions) {
if ( domain.has_suffix(domain_exception) && errors == TlsCertificateFlags.UNKNOWN_CA) {
//do stuff
return true;
}
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll do that shortly.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@PoneyClairDeLune Nice, and I wanted to add too that the domain_exceptions
variable should have a more apt name like tld_exceptions
, I think it's more readable
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@eerielili Done in e4da09f
PS: Not sure if I should have that string array placed outside of that validation function though... I know nothing about Vala.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@PoneyClairDeLune Nice. Yeah, you should place inside the function, it looks cleaner and it'll work the same since they'll be in the same scope.
I'm not too big on OOP but I suggest declaring it as a private const string[]
at the top of the class if needed in other functions, then you could call it with this.tld_exceptions
.
@XutaxKamay What's an "snode"? Edit: Is it something related to the "Snet" in Cuba? |
https://git.lokinet.io/lokinet/lokinet/src/branch/dev/docs/dns-overview.md |
A simple fix for I2P and Lokinet.
The job of maintaining TLDs for mixnet TLDs can become overwhelming, just saying. Better to just offer a togglable option to allow untrusted certificates.