/*
-tofuproxy -- HTTP proxy with TLS certificates management
+tofuproxy -- flexible HTTP/WARC proxy with TLS certificates management
Copyright (C) 2021 Sergey Matveev <stargrave@stargrave.org>
This program is free software: you can redistribute it and/or modify
if tlsCert != nil {
return tlsCert, nil
}
+ sigSchemes := make([]string, 0, len(cri.SignatureSchemes))
+ for _, ss := range cri.SignatureSchemes {
+ sigSchemes = append(sigSchemes, ss.String())
+ }
var b bytes.Buffer
b.WriteString(fmt.Sprintf(`
+tk_setPalette grey
wm title . "TLS client authentication: %s"
-label .lVersion -text "Version: %s"
-grib .lVersion
-
set lb [listbox .lb]
.lb insert end ""
+grid .lb
+
+proc login {} {
+ global lb
+ puts [$lb get active]
+ exit
+}
+
+button .login -text "Use" -command login
+grid .login
+
+bind . <KeyPress> {switch -exact %%K {
+ q {exit 0} ; # reject once
+ l login
+}}
+
+label .lTLSVersion -text "TLS version: %s"
+grid .lTLSVersion
+
+set sigSchemeRow 0
+foreach sigScheme {%s} {
+ label .lSignatureScheme$sigSchemeRow -text "Signature scheme: $sigScheme"
+ grid .lSignatureScheme$sigSchemeRow
+ incr sigSchemeRow
+}
+
`,
g.host,
ucspi.TLSVersion(cri.Version),
+ strings.Join(sigSchemes, " "),
))
ents, err := os.ReadDir(CCerts)
})
b.WriteString(fmt.Sprintf(".lb insert end \"%d: %s\"\n", i, cert.Subject))
}
- b.WriteString(`
-grid .lb
-
-proc submit {} {
- global lb
- puts [$lb get active]
- exit
-}
-
-button .submit -text "Use" -command submit
-grid .submit
-`)
+ // ioutil.WriteFile("/tmp/tls-auth-dialog.tcl", b.Bytes(), 0666)
cmd := exec.Command(CmdWish)
cmd.Stdin = &b
out, err := cmd.Output()