summaryrefslogtreecommitdiffstats
path: root/dozentenmodul/src/main/java/org/openslx/dozmod/gui/GraphicalCertHandler.java
diff options
context:
space:
mode:
authorSimon Rettberg2015-09-10 12:06:04 +0200
committerSimon Rettberg2015-09-10 12:06:04 +0200
commita4a47f3a636df76885275136f6c0757207c72763 (patch)
tree75930c80306e48acea8e1978b4eae20daff417a8 /dozentenmodul/src/main/java/org/openslx/dozmod/gui/GraphicalCertHandler.java
parent[*] Improve SSL handling (diff)
downloadtutor-module-a4a47f3a636df76885275136f6c0757207c72763.tar.gz
tutor-module-a4a47f3a636df76885275136f6c0757207c72763.tar.xz
tutor-module-a4a47f3a636df76885275136f6c0757207c72763.zip
[client] Remember finger prints supplied by master server
Diffstat (limited to 'dozentenmodul/src/main/java/org/openslx/dozmod/gui/GraphicalCertHandler.java')
-rw-r--r--dozentenmodul/src/main/java/org/openslx/dozmod/gui/GraphicalCertHandler.java20
1 files changed, 15 insertions, 5 deletions
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/gui/GraphicalCertHandler.java b/dozentenmodul/src/main/java/org/openslx/dozmod/gui/GraphicalCertHandler.java
index 35297c9f..99c03373 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/gui/GraphicalCertHandler.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/gui/GraphicalCertHandler.java
@@ -54,17 +54,27 @@ public class GraphicalCertHandler {
md.update(encoded);
byte[] actualFingerprint = md.digest();
final String actualFingerprintReadable = new BigInteger(actualFingerprint).toString(16);
- // Now check the fingerprint
- byte[] expectedFingerprint = FingerprintManager.getFingerprint(address);
+ // Now check the finger print
+ byte[] expectedFingerprint = FingerprintManager.getKnownFingerprint(address);
+ if (expectedFingerprint == null) {
+ expectedFingerprint = FingerprintManager.getSuggestedFingerprint(address);
+ }
final String question;
if (expectedFingerprint == null) {
- // First time we connect to this server, so remember the fingerprint
- FingerprintManager.saveFingerprint(address, actualFingerprint);
+ // First time we connect to this server, so remember the finger print
+ FingerprintManager.saveKnownFingerprint(address, actualFingerprint);
return;
} else if (Arrays.equals(actualFingerprint, expectedFingerprint)) {
// Known, matches, everything's fine
return;
} else {
+ byte[] sf = FingerprintManager.getSuggestedFingerprint(address);
+ if (sf != null && Arrays.equals(actualFingerprint, sf)) {
+ // User stored invalid finger print, but master suggests the finger print we found.
+ // It probably changed, the satellite told the master server, but the user doesn't know yet.
+ FingerprintManager.saveKnownFingerprint(address, actualFingerprint);
+ return;
+ }
// Known, mismatch, panic!
question = "!!! ALARM !!!! ALARM !!!\n\n" + "Der Fingerabdruck von " + address
+ " hat sich verändert.\n" + "Erwartet: "
@@ -80,7 +90,7 @@ public class GraphicalCertHandler {
}
});
if (userOk) {
- FingerprintManager.saveFingerprint(address, actualFingerprint);
+ FingerprintManager.saveKnownFingerprint(address, actualFingerprint);
} else {
throw new CertificateException("Rejected by user");
}
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-06-13 12:56:07 +0200