Verified Commit 339722e6 authored by Vojtech Myslivec's avatar Vojtech Myslivec
Browse files

registration: Cancel certificate pinning

parent 0321f8fd
......@@ -29,13 +29,12 @@ set -e
# Some constants
TIMEOUT=120
CA_FILE=/etc/ssl/www_turris_cz_ca.pem
CHALLENGE_URL=https://api.turris.cz/challenge.cgi
CONTRACT_URL='https://project.turris.cz/api/contract-valid.txt?registration_code='
# Get today's registration code
CODE=$(curl -k -m $TIMEOUT "$CHALLENGE_URL" | atsha204cmd challenge-response | head -c 16)
# Ask for the status of the contract
RESULT=$(curl -s -S -L -H "Accept: plain/text" --cacert "$CA_FILE" --cert-status -m "$TIMEOUT" "$CONTRACT_URL$CODE" | sed -ne 's/^result: *\(..*\)/\1/p')
RESULT=$(curl -s -S -L -H "Accept: plain/text" --cert-status -m "$TIMEOUT" "$CONTRACT_URL$CODE" | sed -ne 's/^result: *\(..*\)/\1/p')
if [ "$RESULT" = "valid" ] ; then
if uci -d'
......
......@@ -95,7 +95,7 @@ function datastore:user_rpc(rpc, data)
-- query the server
local ecode, stdout, stderr = run_command(
nil, 'curl', '-s', '-S', '-L', '-H', 'Accept-Language: ' .. language,
'-H', 'Accept: plain/text', '--cacert', '/etc/ssl/www_turris_cz_ca.pem', '--cert-status',
'-H', 'Accept: plain/text', '--cert-status',
'-m', tostring(connection_timeout), '-w', "\ncode: %{http_code}",
lookup_url .. "?registration_code=" .. registration_code .. "&email=" .. simple_escape(email_node:text())
);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment