gmnlm already allows overriding invalid cert error, so it makes little sense not to allow the same for cert mismatch one. I have also reversed the offered options for both to reflect the suggested course of action and added a warning for invalid cert as the possibility of MitM is quite similar to cert mismatch. --- src/gmnlm.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/src/gmnlm.c b/src/gmnlm.c index 884796c..0270b07 100644 --- a/src/gmnlm.c +++ b/src/gmnlm.c @@ -1140,9 +1140,11 @@ tofu_callback(enum tofu_error error, const char *fingerprint, assert(0); // Invariant case TOFU_INVALID_CERT: snprintf(prompt, sizeof(prompt), - "The server presented an invalid certificate. If you choose to proceed, " - "you should not disclose personal information or trust the contents of the page.\n" - "trust [o]nce; [a]bort\n" + "The certificate offered by this server IS INVALID.\n" + "/!\\ Someone may be eavesdropping on or manipulating this connection. /!\\\n" + "If you choose to proceed, you should not disclose personal information or trust " + "the contents of the page.\n" + "[a]bort; trust [o]nce\n" "=> "); break; case TOFU_UNTRUSTED_CERT:; @@ -1170,10 +1172,11 @@ tofu_callback(enum tofu_error error, const char *fingerprint, "%s\n\n" "The expected fingerprint is:\n" "%s\n\n" - "If you're certain that this is correct, edit %s:%d\n", - fingerprint, khost->fingerprint, - browser->tofu.known_hosts_path, khost->lineno); - return TOFU_FAIL; + "If you choose to proceed, you should not disclose personal information or trust " + "the contents of the page.\n" + "[a]bort; trust [o]nce; [t]rust anyway\n" + "=> ", fingerprint, khost->fingerprint); + break; } bool prompting = true; -- 2.37.1
We should still print the path and line number of the offending cert in known_hosts here.