SHA256
1
0
forked from pool/tigervnc
tigervnc/u_tigervnc-display-SHA-1-fingerprint-of-untrusted-certificate.patch
Michal Srb f3919e3250 Accepting request 316948 from home:michalsrb:branches:X11:XOrg
- Updated to tigervnc 1.5.0.
- Dropped no longer needed patches:
  * tigervnc-sf3495623.patch
  * u_syslog.patch
  * u_tigervnc-build-with-xserver-1.17.patch
- Use encryption everywhere. (fate#318936)
- Work with fltk 1.3.2.
  * N_tigervnc_revert_fltk_1_3_3_requirements.patch

OBS-URL: https://build.opensuse.org/request/show/316948
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/tigervnc?expand=0&rev=58
2015-07-15 14:13:40 +00:00

49 lines
1.8 KiB
Diff

From af09e89d54b57649cf60363d03f84d129baecd27 Mon Sep 17 00:00:00 2001
From: Michal Srb <michalsrb@gmail.com>
Date: Tue, 7 Jul 2015 02:38:18 +0300
Subject: [PATCH 2/2] Display SHA-1 fingerprint of untrusted certificate in
java client.
---
java/com/tigervnc/rfb/CSecurityTLS.java | 23 +++++++++++++++++++++--
1 file changed, 21 insertions(+), 2 deletions(-)
diff --git a/java/com/tigervnc/rfb/CSecurityTLS.java b/java/com/tigervnc/rfb/CSecurityTLS.java
index 7633f08..6014502 100644
--- a/java/com/tigervnc/rfb/CSecurityTLS.java
+++ b/java/com/tigervnc/rfb/CSecurityTLS.java
@@ -248,9 +248,28 @@ public class CSecurityTLS extends CSecurity {
tm.checkServerTrusted(chain, authType);
} catch (CertificateException e) {
Object[] answer = {"Proceed", "Exit"};
+
+ StringBuilder message = new StringBuilder();
+ message.append(e.getCause().getLocalizedMessage());
+ message.append("\nContinue connecting to this host?");
+
+ try {
+ MessageDigest sha1 = MessageDigest.getInstance("SHA1");
+ sha1.update(chain[0].getEncoded());
+
+ message.append("\nSHA-1 fingerprint: ");
+
+ for(byte B : sha1.digest()) {
+ message.append(Integer.toHexString(0xff & B));
+ message.append(':');
+ }
+ message.deleteCharAt(message.length() - 1);
+ } catch (NoSuchAlgorithmException noSuchAlgorithmException) {
+ // No fingerprint then...
+ }
+
int ret = JOptionPane.showOptionDialog(null,
- e.getCause().getLocalizedMessage()+"\n"+
- "Continue connecting to this host?",
+ message.toString(),
"Confirm certificate exception?",
JOptionPane.YES_NO_OPTION, JOptionPane.WARNING_MESSAGE,
null, answer, answer[0]);
--
2.1.4