From 448184b20869b73732b983bf991f8c59a72192e9 Mon Sep 17 00:00:00 2001 From: Debarshi Ray Date: Sat, 13 Aug 2011 12:37:40 +0300 Subject: [PATCH 4/4] IdleServerConnection: Reduce the number of certificate checks The following checks have been disabled: + G_TLS_CERTIFICATE_UNKNOWN_CA + G_TLS_CERTIFICATE_BAD_IDENTITY + G_TLS_CERTIFICATE_EXPIRED The first one allows self-signed certificates, while the other two are needed to satisfy the certificate used in the test suite. Once Channel.Type.ServerTLSConnection is implemented we will see if we can restore these checks. Fixes: https://bugs.freedesktop.org/37145 --- src/idle-server-connection.c | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-) diff --git a/src/idle-server-connection.c b/src/idle-server-connection.c index de46441..52eb111 100644 --- a/src/idle-server-connection.c +++ b/src/idle-server-connection.c @@ -434,4 +434,9 @@ IdleServerConnectionState idle_server_connection_get_state(IdleServerConnection void idle_server_connection_set_tls(IdleServerConnection *conn, gboolean tls) { IdleServerConnectionPrivate *priv = IDLE_SERVER_CONNECTION_GET_PRIVATE(conn); g_socket_client_set_tls(priv->socket_client, tls); + g_socket_client_set_tls_validation_flags(priv->socket_client, + G_TLS_CERTIFICATE_VALIDATE_ALL + & ~G_TLS_CERTIFICATE_UNKNOWN_CA + & ~G_TLS_CERTIFICATE_BAD_IDENTITY + & ~G_TLS_CERTIFICATE_EXPIRED); } -- 1.7.6