[ot][spam][crazy][puzzle?][spam][crazy]
Undescribed Horrific Abuse, One Victim & Survivor of Many
gmkarl at gmail.com
Thu Jul 20 12:13:26 PDT 2023
On 7/20/23, Undescribed Horrific Abuse, One Victim & Survivor of Many
<gmkarl at gmail.com> wrote:
> one of the curiosities is whether he server's certificate verification
> in [akash] is as broken as the client's
>
> dunno! there's a file adjacent to client.go called router.go that
> looks like it might do most of the http server setup work
I found some server cert code at
https://github.com/akash-network/provider/blob/44c85af39a56a43830efbdcbe7a2fd83c1d9776b/gateway/rest/middleware.go#L68L88
. The function starts like this:
> if r.TLS == nil || len(r.TLS.PeerCertificates) == 0 {
> http.Error(w, "", http.StatusUnauthorized)
> return
> }
>
> // at this point client certificate has been validated
> // so only thing left to do is get account id stored in the CommonName
> owner, err := sdk.AccAddressFromBech32(r.TLS.PeerCertificates[0].Subject.CommonName)
> if err != nil {
> http.Error(w, err.Error(), http.StatusUnauthorized)
> return
> }
It's strange it says "at this point client certificate has been
validated" without doing anything to the client certificate. [desktop
interruption, mysterious]
More information about the cypherpunks
mailing list