From cc7d61e81bead36adcca5b0be300c17a51b61b64 Mon Sep 17 00:00:00 2001 From: Debarshi Ray Date: Sat, 13 Aug 2011 12:37:40 +0300 Subject: [PATCH 05/18] IdleServerConnection: Reduce the number of certificate checks The following checks have been disabled: + G_TLS_CERTIFICATE_UNKNOWN_CA + G_TLS_CERTIFICATE_BAD_IDENTITY + G_TLS_CERTIFICATE_EXPIRED The first one allows self-signed certificates, while the other two are needed to satisfy the certificate used in the test suite. Once Channel.Type.ServerTLSConnection is implemented we will see if we can restore these checks. Fixes: https://bugs.freedesktop.org/37145 --- src/idle-server-connection.c | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-) diff --git a/src/idle-server-connection.c b/src/idle-server-connection.c index 10f185b..45e5e23 100644 --- a/src/idle-server-connection.c +++ b/src/idle-server-connection.c @@ -448,4 +448,9 @@ IdleServerConnectionState idle_server_connection_get_state(IdleServerConnection void idle_server_connection_set_tls(IdleServerConnection *conn, gboolean tls) { IdleServerConnectionPrivate *priv = IDLE_SERVER_CONNECTION_GET_PRIVATE(conn); g_socket_client_set_tls(priv->socket_client, tls); + g_socket_client_set_tls_validation_flags(priv->socket_client, + G_TLS_CERTIFICATE_VALIDATE_ALL + & ~G_TLS_CERTIFICATE_UNKNOWN_CA + & ~G_TLS_CERTIFICATE_BAD_IDENTITY + & ~G_TLS_CERTIFICATE_EXPIRED); } -- 1.7.6.2