X-Git-Url: http://www.git.stargrave.org/?a=blobdiff_plain;f=tlsauth.go;h=b980e08122f17f12ea97c43bb81a13e255756bea;hb=b4e23c13d7b2ea73f8b1167c044a521d540120ad;hp=0965335a3ffb3ad3a3a07ee41f76d7fcbe826836;hpb=2df541457d24653f0fb789bfdc8de828c03f4f6c;p=tofuproxy.git

diff --git a/tlsauth.go b/tlsauth.go
index 0965335..b980e08 100644
--- a/tlsauth.go
+++ b/tlsauth.go
@@ -51,19 +51,42 @@ func (g *ClientCertificateGetter) get(
 	if tlsCert != nil {
 		return tlsCert, nil
 	}
+	sigSchemes := make([]string, 0, len(cri.SignatureSchemes))
+	for _, ss := range cri.SignatureSchemes {
+		sigSchemes = append(sigSchemes, ss.String())
+	}
 	var b bytes.Buffer
 	b.WriteString(fmt.Sprintf(`
 tk_setPalette grey
 wm title . "TLS client authentication: %s"
 
-label .lVersion -text "Version: %s"
-grib .lVersion
-
 set lb [listbox .lb]
 .lb insert end ""
+grid .lb
+
+proc submit {} {
+    global lb
+    puts [$lb get active]
+    exit
+}
+
+button .submit -text "Use" -command submit
+grid .submit
+
+label .lTLSVersion -text "TLS version: %s"
+grid .lTLSVersion
+
+set sigSchemeRow 0
+foreach sigScheme {%s} {
+    label .lSignatureScheme$sigSchemeRow -text "Signature scheme: $sigScheme"
+    grid .lSignatureScheme$sigSchemeRow
+    incr sigSchemeRow
+}
+
 `,
 		g.host,
 		ucspi.TLSVersion(cri.Version),
+		strings.Join(sigSchemes, " "),
 	))
 
 	ents, err := os.ReadDir(CCerts)
@@ -89,18 +112,7 @@ set lb [listbox .lb]
 		})
 		b.WriteString(fmt.Sprintf(".lb insert end \"%d: %s\"\n", i, cert.Subject))
 	}
-	b.WriteString(`
-grid .lb
-
-proc submit {} {
-    global lb
-    puts [$lb get active]
-    exit
-}
-
-button .submit -text "Use" -command submit
-grid .submit
-`)
+	// ioutil.WriteFile("/tmp/tls-auth-dialog.tcl", b.Bytes(), 0666)
 	cmd := exec.Command(CmdWish)
 	cmd.Stdin = &b
 	out, err := cmd.Output()