✨ Add cert expiry info to TOFU warning - fixes #34

CHANGELOG.md

@@ -17,6 +17,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Changed
 - Pages are rewrapped dynamically, whenever the terminal size changes (#33)
+- TOFU warning message mentions how long the previous cert was still valid for (#34)
 
 ### Fixed
 - Many potential network and display race conditions eliminated

client/tofu.go

@@ -112,3 +112,9 @@ func handleTofu(domain, port string, cert *x509.Certificate) bool {
 func ResetTofuEntry(domain, port string, cert *x509.Certificate) {
 	saveTofuEntry(domain, port, cert)
 }
+
+// GetExpiry returns the stored expiry date for the given host.
+// The time will be empty (zero) if there is not expiry date stored for that host.
+func GetExpiry(domain, port string) time.Time {
+	return tofuStore.GetTime(expiryKey(domain, port))
+}

display/modals.go

@@ -4,7 +4,9 @@ import (
 	"fmt"
 	"strconv"
 	"strings"
+	"time"
 
+	"github.com/dustin/go-humanize"
 	"github.com/gdamore/tcell"
 	"github.com/spf13/viper"
 	"gitlab.com/tslocum/cview"
@@ -193,6 +195,7 @@ func YesNo(prompt string) bool {
 	} else {
 		yesNoModal.SetBackgroundColor(tcell.ColorBlack)
 	}
+	yesNoModal.GetFrame().SetTitle("")
 	yesNoModal.SetText(prompt)
 	tabPages.ShowPage("yesno")
 	tabPages.SendToFront("yesno")
@@ -206,7 +209,7 @@ func YesNo(prompt string) bool {
 
 // Tofu displays the TOFU warning modal.
 // It returns a bool indicating whether the user wants to continue.
-func Tofu(host string) bool {
+func Tofu(host string, expiry time.Time) bool {
 	// Reuses yesNoModal, with error colour
 
 	if viper.GetBool("a-general.color") {
@@ -214,8 +217,12 @@ func Tofu(host string) bool {
 	} else {
 		yesNoModal.SetBackgroundColor(tcell.ColorBlack)
 	}
+	yesNoModal.GetFrame().SetTitle(" TOFU ")
 	yesNoModal.SetText(
-		fmt.Sprintf("%s's certificate has changed, possibly indicating an security issue. Are you sure you want to continue? ", host),
+		fmt.Sprintf("%s's certificate has changed, possibly indicating an security issue. The certificate would have expired %s. Are you sure you want to continue? ",
+			host,
+			humanize.Time(expiry),
+		),
 	)
 	tabPages.ShowPage("yesno")
 	tabPages.SendToFront("yesno")

display/private.go

@@ -292,7 +292,7 @@ func handleURL(t *tab, u string) (string, bool) {
 	}
 
 	if err == client.ErrTofu {
-		if Tofu(parsed.Host) {
+		if Tofu(parsed.Host, client.GetExpiry(parsed.Hostname(), parsed.Port())) {
 			// They want to continue anyway
 			client.ResetTofuEntry(parsed.Hostname(), parsed.Port(), res.Cert)
 			// Response can be used further down, no need to reload

go.mod

@@ -3,6 +3,7 @@ module github.com/makeworld-the-better-one/amfora
 go 1.14
 
 require (
+	github.com/dustin/go-humanize v1.0.0
 	github.com/fsnotify/fsnotify v1.4.9 // indirect
 	github.com/gdamore/tcell v1.3.1-0.20200608133353-cb1e5d6fa606
 	github.com/makeworld-the-better-one/go-gemini v0.7.0

go.sum

@@ -37,6 +37,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
+github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo=
+github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
 github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=