Feat: Use Fingerprint DB and SHA256

[sithlord48]

Port of parts of debauchee#1343
Fixes parts of #7806
Includes #8098
Fixes: #7943
Uses the FingerprintDB
Enable SHA256 checks, Fallback to SHA1 if not present.
New: Fingerprint dialog

Works (as in my clients connect) when i use it on two machines

[nbolton]

Removed self as reviewer until PR is open.

[sithlord48]

@nbolton please test CI builds from this on windows from scratch asap (thanks)

[nbolton]

windows from scratch asap (thanks)

Will test CI builds on fresh Windows VM.

[sithlord48]

did it generate a new key ?

[nbolton]

Happy to land as is, but it would be nice to fix a few minor nits before we do.

[nbolton]

Well that's odd, I just re-tested and I'm no longer able to connect. On the client, I always get this error after accepting the dialog:

[2025-02-12T11:03:11] NOTE: server fingerprint: (SHA1) 45:DD:9C:1B:A4:D9:7D:26:3A:A9:13:42:9B:4A:16:3D:79:EF:6D:8D (SHA256) BF:6F:FA:A9:4A:A8:DB:C5:3F:76:1B:DA:1C:EC:CA:ED:9C:08:1A:C9:F6:26:9C:C0:44:A7:82:4F:AB:EF:7E:2F
	/home/nick/Projects/deskflow/src/lib/net/SecureSocket.cpp:628
[2025-02-12T11:03:11] NOTE: read 1 fingerprints from /home/nick/.config/Deskflow/tls/trusted-servers
	/home/nick/Projects/deskflow/src/lib/net/SecureSocket.cpp:644
[2025-02-12T11:03:11] WARNING: fingerprint does not match trusted fingerprint
	/home/nick/Projects/deskflow/src/lib/net/SecureSocket.cpp:651
[2025-02-12T11:03:11] ERROR: failed to verify server certificate fingerprint

I tried rm /home/nick/.config/Deskflow/tls/trusted-servers and tried regenerating the cert on the server but that didn't help.

Fingerprint file contains:

v2:sha256:bf6ffaa94aa8dbc53f761bda1ceccaed9c081ac9f6269cc044a7824fabef7e2f

Edit: Found the bug: #8152 (comment)

[nbolton]

Had another idea.

[nbolton]

/tip $100 @sithlord48

[algora-pbc]

🎉🎈 @sithlord48 has been awarded $100! 🎈🎊

• Share on socials
• Give feedback