More secondary preimage resistance. Also better docs and less vague and less promoted Android
UI.
Feedback from Adam Langley, but likely misinterpreted.
Change-Id: I3bf1029b6fc07c0b8dab2af44926aa87b0d4cbad
A new client configuration parameter, "trustedCerts" (list of strings)
is introduced. A certificate fingerprint is defined as the 10 digits
prefix of the sha1 of the whole certificate (in ASN1. DER form).
trustedCerts should contain the list of fingerprints of the
certificates we trust. If not empty, the server's certificate
is checked against that list, instead of using the full x509 validation
on it.
-added a dial function and tls configuration, which check if we're using
SSL, and if we're in "trustedCerts" mode.
pkg/client/client.go
pkg/client/config.go
-moved android specific hacks from camput to the client layer, so that
the dial and tls config could reuse/access them. Also allows future
reuse for other commands, such as camget.
pkg/client/android.go
-adapted camput to the above changes:
cmd/camput/android.go
cmd/camput/camput.go
cmd/camput/files.go
-server prints a hint when it generates the self-signed:
pkg/misc/misc.go
server/camlistored/camlistored.go
-camliactivity:
clients/android/res/xml/preferences.xml
clients/android/src/org/camlistore/Preferences.java
clients/android/src/org/camlistore/SettingsActivity.java
clients/android/src/org/camlistore/UploadService.java
clients/android/src/org/camlistore/UploadThread.java
http://camlistore.org/issue/131
Change-Id: I6be20161549a69aafc8eb7b9e96e9351dc1c5b09
works, but UI is terrible and unreliable. but it uploaded and vivified a photo shared from the gallery.
Change-Id: I63199a4d25597739920b276ac240efa27c07926c
Brad Fitzpatrick