Allow self-signed certificates for gemini

This commit is contained in:
Mike Cifelli 2024-05-04 15:06:40 -04:00
parent 53bfdbd75d
commit fe2000600a
Signed by: mike
GPG Key ID: 6B08C6BE47D08E4C
8 changed files with 37 additions and 5 deletions

View File

@ -5,6 +5,7 @@ defmodule Chronoscope.Gemini.Client do
alias Chronoscope.Gemini.ConnectionClient
@interval_in_seconds 30
@date_time Application.compile_env(:chronoscope, :date_time, DateTime)
def start_link(resource: resource, name: name) do

View File

@ -6,6 +6,7 @@ defmodule Chronoscope.Gemini.ConnectionClient do
alias Chronoscope.Gemini.Response
@timeout_in_milliseconds 3000
@ssl Application.compile_env(:chronoscope, :ssl, :ssl)
def connect(%{host: host, port: port, path: _} = resource) do
@ -25,9 +26,24 @@ defmodule Chronoscope.Gemini.ConnectionClient do
|> @ssl.connect(port, tls_options(host), @timeout_in_milliseconds)
end
defp tls_options(_host) do
# TODO
[]
defp tls_options(host) do
host
|> :tls_certificate_check.options()
|> Keyword.put(:verify_fun, {verify_fun(host), nil})
end
defp verify_fun(hostname) do
hostname_charlist = String.to_charlist(hostname)
fn
certificate, {:bad_cert, :selfsigned_peer}, _state ->
:ssl_verify_hostname.verify_fun(certificate, :valid_peer, check_hostname: hostname_charlist)
{:valid, :selfsigned_peer}
certificate, event, _state ->
IO.inspect(event)
:ssl_verify_hostname.verify_fun(certificate, event, check_hostname: hostname_charlist)
end
end
defp make_request(socket, url) do

View File

@ -2,6 +2,7 @@ defmodule Chronoscope.NTS.Behaviour do
@callback(key_establishment(host :: String.t(), port :: integer()) :: {:ok, Map.t()}, {:error, any()})
end
# TODO - create macro
defmodule Chronoscope.NTS do
@behaviour Chronoscope.NTS.Behaviour

View File

@ -5,6 +5,7 @@ defmodule Chronoscope.NTS.Client do
alias Chronoscope.NTS.KeyEstablishmentClient
@interval_in_seconds 30
@date_time Application.compile_env(:chronoscope, :date_time, DateTime)
def start_link(server: server, name: name) do

View File

@ -6,6 +6,7 @@ defmodule Chronoscope.NTS.KeyEstablishmentClient do
alias Chronoscope.NTS.KeyEstablishmentResponse
@timeout_in_milliseconds 3000
@ssl Application.compile_env(:chronoscope, :ssl, :ssl)
def key_establishment(%{host: host, port: port}) do
@ -35,6 +36,7 @@ defmodule Chronoscope.NTS.KeyEstablishmentClient do
:ok = @ssl.send(socket, KeyEstablishmentRequest.create())
{:ok, peercert} = @ssl.peercert(socket)
# TODO - refactor?
receive do
{:ssl, _socket, response} ->
@ssl.close(socket)

View File

@ -8,6 +8,7 @@ defmodule ChronoscopeWeb.API.V1.Gemini.ConnectionController do
@default_port 1965
@default_path "/"
@max_host_length 255
@gemini Application.compile_env(:chronoscope, :gemini, Gemini)
def get(conn, %{"host" => host, "port" => port, "path" => path}) do
@ -23,7 +24,11 @@ defmodule ChronoscopeWeb.API.V1.Gemini.ConnectionController do
end
def get(conn, %{"host" => host, "port" => port}) do
handle_get(conn, %{host: host, port: port, path: @default_path})
try do
handle_get(conn, %{host: host, port: String.to_integer(port), path: @default_path})
rescue
ArgumentError -> bad_request_response(conn, "invalid port")
end
end
def get(conn, %{"host" => host}) do

View File

@ -1,9 +1,14 @@
defmodule ChronoscopeWeb.API.V1.HealthController do
use ChronoscopeWeb, :controller
alias Chronoscope.Gemini
alias Chronoscope.NTS
def get(conn, _params) do
json(conn, %{healthy: NTS.healthy?()})
json(conn, %{healthy: healthy?()})
end
defp healthy?() do
NTS.healthy?() && Gemini.healthy?()
end
end

View File

@ -7,6 +7,7 @@ defmodule ChronoscopeWeb.API.V1.NTS.KeyEstablishmentController do
@default_port 4460
@max_host_length 255
@nts Application.compile_env(:chronoscope, :nts, NTS)
def get(conn, %{"host" => host, "port" => port}) do