gmnlm already allows overriding invalid cert error, so it makes little
sense not to allow the same for cert mismatch one. I have also reversed
the offered options for both to reflect the suggested course of action
and added a warning for invalid cert as the possibility of MitM is quite
similar to cert mismatch.
---
src/gmnlm.c | 17 ++++++++++-------
1 file changed, 10 insertions(+), 7 deletions(-)
diff --git a/src/gmnlm.c b/src/gmnlm.c
index 884796c..0270b07 100644
--- a/src/gmnlm.c
+++ b/src/gmnlm.c
@@ -1140,9 +1140,11 @@ tofu_callback(enum tofu_error error, const char *fingerprint,
assert(0); // Invariant
case TOFU_INVALID_CERT:
snprintf(prompt, sizeof(prompt),
- "The server presented an invalid certificate. If you choose to proceed, "
- "you should not disclose personal information or trust the contents of the page.\n"
- "trust [o]nce; [a]bort\n"
+ "The certificate offered by this server IS INVALID.\n"
+ "/!\\ Someone may be eavesdropping on or manipulating this connection. /!\\\n"
+ "If you choose to proceed, you should not disclose personal information or trust "
+ "the contents of the page.\n"
+ "[a]bort; trust [o]nce\n"
"=> ");
break;
case TOFU_UNTRUSTED_CERT:;
@@ -1170,10 +1172,11 @@ tofu_callback(enum tofu_error error, const char *fingerprint,
"%s\n\n"
"The expected fingerprint is:\n"
"%s\n\n"
- "If you're certain that this is correct, edit %s:%d\n",
- fingerprint, khost->fingerprint,
- browser->tofu.known_hosts_path, khost->lineno);
- return TOFU_FAIL;
+ "If you choose to proceed, you should not disclose personal information or trust "
+ "the contents of the page.\n"
+ "[a]bort; trust [o]nce; [t]rust anyway\n"
+ "=> ", fingerprint, khost->fingerprint);
+ break;
}
bool prompting = true;
--
2.37.1