agate

Simple gemini server for static files
git clone https://github.com/mbrubeck/agate.git
Log | Files | Refs | README
commit f85585155e9c3e2af1c5286e676c4caea25cd366
parent 869a784b593116d33b6e133a5dbe9169d2beec80
Author: Johann150 <johann.galle@protonmail.com>
Date:   Thu,  8 Apr 2021 00:13:18 +0200

switch default cert signing algorithm to ECDSA

resolves #42
resolves #49

I did not expect support for Ed25519 to be so bad as to receive multiple
complaints about it. I did expect some problems, hence why I provided the
--ecdsa flag. I had hoped support would be better to drive those who still
do not support it (while again there is no reason to not support this
algorithm!) to use it.

Diffstat:

Msrc/main.rs | 11+++++++----


1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/main.rs b/src/main.rs
@@ -136,9 +136,9 @@ fn args() -> Result<Args> {
         "Use a central .meta file in the content root directory. Decentral config files will be ignored.",
     );
     opts.optflag(
-        "",
-        "ecdsa",
-        "Generate keys using the ecdsa signature algorithm instead of the default ed25519.",
+        "e",
+        "ed25519",
+        "Generate keys using the Ed25519 signature algorithm instead of the default ECDSA.",
     );
 
     let matches = opts.parse(&args[1..]).map_err(|f| f.to_string())?;
@@ -202,13 +202,14 @@ fn args() -> Result<Args> {
                 // <CertificateParams as Default>::default() already implements a
                 // date in the far future from the time of writing: 4096-01-01
 
-                if !matches.opt_present("ecdsa") {
+                if matches.opt_present("e") {
                     cert_params.alg = &rcgen::PKCS_ED25519;
                 }
 
                 // generate the certificate with the configuration
                 let cert = Certificate::from_params(cert_params)?;
 
+                // make sure the certificate directory exists
                 fs::create_dir(certs_path.join(domain))?;
                 // write certificate data to disk
                 let mut cert_file = File::create(certs_path.join(format!(
@@ -217,6 +218,7 @@ fn args() -> Result<Args> {
                     certificates::CERT_FILE_NAME
                 )))?;
                 cert_file.write_all(&cert.serialize_der()?)?;
+                // write key data to disk
                 let mut key_file = File::create(certs_path.join(format!(
                     "{}/{}",
                     domain,
@@ -238,6 +240,7 @@ fn args() -> Result<Args> {
         certs.unwrap()
     };
 
+    // parse listening addresses
     let mut addrs = vec![];
     for i in matches.opt_strs("addr") {
         addrs.push(i.parse()?);