Skip to content

Commit

Permalink
https: New option to validate, CertPubKey
Browse files Browse the repository at this point in the history 
This option validates signature of remote certificate.
It is always possible that malicious actor might put MITM
node and obtain his own certificate.
In fact such attack already happened, one of well documented cases:
https://notes.valdikss.org.ru/jabber.ru-mitm/
The only way to detect such malicious intent is by validating
certificate public key.

Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
  • Loading branch information
@nuclearcat
nuclearcat committed Jul 7, 2024
1 parent 3ae2ef7 commit 8df97e8
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions simplomon.hh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -239,6 +239,7 @@ private:

std::string d_method;
std::string d_agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36";
std::string d_cert_pubkey;
};


Expand Down

0 comments on commit 8df97e8

Please sign in to comment.