Client cert verifier: return error if name does not match
This commit is contained in:
Nathan Fisher
parent
8cc3c13389
commit
67b7a2d0ea
1 changed files with 9 additions and 1 deletions
|
|
@ -1,6 +1,9 @@
|
||||||
use crate::{fingerprint::GetFingerprint, mailuser::Mailuser};
|
use crate::{fingerprint::GetFingerprint, mailuser::Mailuser};
|
||||||
use rustls::server::{ClientCertVerified, ClientCertVerifier};
|
use rustls::server::{ClientCertVerified, ClientCertVerifier};
|
||||||
use std::{sync::{Arc, Mutex}, io::Read};
|
use std::{
|
||||||
|
io::Read,
|
||||||
|
sync::{Arc, Mutex},
|
||||||
|
};
|
||||||
use x509_parser::prelude::*;
|
use x509_parser::prelude::*;
|
||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Debug)]
|
||||||
|
|
@ -40,6 +43,11 @@ impl<S: FingerPrintStore> ClientCertVerifier for Verifier<S> {
|
||||||
name_match = name == user.to_string();
|
name_match = name == user.to_string();
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
if !name_match {
|
||||||
|
return Err(rustls::Error::InvalidCertificate(
|
||||||
|
rustls::CertificateError::NotValidForName,
|
||||||
|
));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
todo!()
|
todo!()
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue