SoupTransport: drop CA file check

It used to be necessary to specify a CA file for libsoup to enable SSL certificate checking. Nowadays libsoup uses the default CA store unless told otherwise, so the check in SyncEvolution became obsolete. However, now there is a certain risk that no SSL checking is done although the user asked for it (when libsoup is not recent enough or compiled correctly).
author: Patrick Ohly <patrick.ohly@intel.com> 2014-09-08 12:44:55 +0200
committer: Patrick Ohly <patrick.ohly@intel.com> 2014-09-12 11:38:56 +0200
commit: f5ae660c70fbab214bdd11895178629371b91d17 (patch)
tree: b219a7a81563b4f0c1ee97313fee8c1e516900d6
parent: b747a8c2e404f85eee148f119cad4b0bb646ba10 (diff)
1 files changed, 1 insertions, 6 deletions
diff --git a/src/syncevo/SoupTransportAgent.cpp b/src/syncevo/SoupTransportAgent.cpp
index 0caec3d6..b9a3c8de 100644
--- a/src/syncevo/SoupTransportAgent.cpp
+++ b/src/syncevo/SoupTransportAgent.cpp
@@ -127,15 +127,10 @@ void SoupTransportAgent::send(const char *data, size_t len)
     }
 
     // use CA certificates if available and needed,
-    // fail if not available and needed
+    // otherwise let soup use system default certificates
     if (m_verifySSL) {
         if (!m_cacerts.empty()) {
             g_object_set(m_session.get(), SOUP_SESSION_SSL_CA_FILE, m_cacerts.c_str(), NULL);
-        } else {
-            SoupURI *uri = soup_message_get_uri(message.get());
-            if (!strcmp(uri->scheme, SOUP_URI_SCHEME_HTTPS)) {
-                SE_THROW_EXCEPTION(TransportException, "SSL certificate checking requested, but no CA certificate file configured");
-            }
         }
     }
author	Patrick Ohly <patrick.ohly@intel.com>	2014-09-08 12:44:55 +0200
committer	Patrick Ohly <patrick.ohly@intel.com>	2014-09-12 11:38:56 +0200
commit	f5ae660c70fbab214bdd11895178629371b91d17 (patch)
tree	b219a7a81563b4f0c1ee97313fee8c1e516900d6
parent	b747a8c2e404f85eee148f119cad4b0bb646ba10 (diff)