set content disposition for cert (#2527)

* set content disposition for cert
* update content type for cert
* remove unnecessary frontend download attr

core/startos/src/db/model.rs

@@ -22,7 +22,7 @@ use crate::net::utils::{get_iface_ipv4_addr, get_iface_ipv6_addr};
 use crate::prelude::*;
 use crate::s9pk::manifest::{Manifest, PackageId};
 use crate::status::Status;
-use crate::util::cpupower::{get_preferred_governor, Governor};
+use crate::util::cpupower::{Governor};
 use crate::util::Version;
 use crate::version::{Current, VersionT};
 use crate::{ARCH, PLATFORM};

core/startos/src/init.rs

@@ -4,7 +4,7 @@ use std::path::Path;
 use std::time::{Duration, SystemTime};
 
 use color_eyre::eyre::eyre;
-use helpers::NonDetachingJoinHandle;
+
 use models::ResultExt;
 use rand::random;
 use sqlx::{Pool, Postgres};
@@ -18,9 +18,9 @@ use crate::disk::mount::util::unmount;
 use crate::install::PKG_ARCHIVE_DIR;
 use crate::middleware::auth::LOCAL_AUTH_COOKIE_PATH;
 use crate::prelude::*;
-use crate::sound::BEP;
+
 use crate::util::cpupower::{
-    current_governor, get_available_governors, get_preferred_governor, set_governor,
+    get_available_governors, get_preferred_governor, set_governor,
 };
 use crate::util::docker::{create_bridge_network, CONTAINER_DATADIR, CONTAINER_TOOL};
 use crate::util::Invoke;

core/startos/src/net/keys.rs

@@ -280,7 +280,7 @@ pub fn test_keygen() {
     key.openssl_key_nistp256();
 }
 
-fn display_requires_reboot(arg: RequiresReboot, matches: &ArgMatches) {
+fn display_requires_reboot(arg: RequiresReboot, _matches: &ArgMatches) {
     if arg.0 {
         println!("Server must be restarted for changes to take effect");
     }

core/startos/src/net/static_server.rs

@@ -23,6 +23,7 @@ use tokio_util::io::ReaderStream;
 use crate::context::{DiagnosticContext, InstallContext, RpcContext, SetupContext};
 use crate::core::rpc_continuations::RequestGuid;
 use crate::db::subscribe;
+use crate::hostname::Hostname;
 use crate::install::PKG_PUBLIC_DIR;
 use crate::middleware::auth::{auth as auth_middleware, HasValidSession};
 use crate::middleware::cors::cors;
@@ -339,7 +340,8 @@ async fn main_embassy_ui(req: Request<Body>, ctx: RpcContext) -> Result<Response
             .await
         }
         (&Method::GET, Some(("eos", "local.crt"))) => {
-            cert_send(&ctx.account.read().await.root_ca_cert)
+            let account = ctx.account.read().await;
+            cert_send(&account.root_ca_cert, &account.hostname)
         }
         (&Method::GET, _) => {
             let uri_path = UiMode::Main.path(
@@ -405,7 +407,7 @@ fn bad_request() -> Response<Body> {
         .unwrap()
 }
 
-fn cert_send(cert: &X509) -> Result<Response<Body>, Error> {
+fn cert_send(cert: &X509, hostname: &Hostname) -> Result<Response<Body>, Error> {
     let pem = cert.to_pem()?;
     Response::builder()
         .status(StatusCode::OK)
@@ -417,8 +419,12 @@ fn cert_send(cert: &X509) -> Result<Response<Body>, Error> {
             )
             .to_lowercase(),
         )
-        .header(http::header::CONTENT_TYPE, "application/x-pem-file")
+        .header(http::header::CONTENT_TYPE, "application/x-x509-ca-cert")
         .header(http::header::CONTENT_LENGTH, pem.len())
+        .header(
+            http::header::CONTENT_DISPOSITION,
+            format!("attachment; filename={}.crt", &hostname.0),
+        )
         .body(Body::from(pem))
         .with_kind(ErrorKind::Network)
 }