diff options
author | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2013-04-22 18:47:39 +0100 |
---|---|---|
committer | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2013-04-24 14:45:44 +0100 |
commit | eee0207464d160a0c8b7e430d927beb4d14cde74 (patch) | |
tree | 4879a8cbe7648039e88f1fca5ecf4376994621dd /src | |
parent | 3e0498048df554bfaa30c42aef1220f2b7135ed3 (diff) |
IdleServerConnection: check certificates properly, except in the tests
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=63810
Reviewed-by: Guillaume Desmottes <guillaume.desmottes@collabora.co.uk>
Diffstat (limited to 'src')
-rw-r--r-- | src/idle-server-connection.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/src/idle-server-connection.c b/src/idle-server-connection.c index 8a4bb98..6c5894f 100644 --- a/src/idle-server-connection.c +++ b/src/idle-server-connection.c @@ -505,9 +505,14 @@ IdleServerConnectionState idle_server_connection_get_state(IdleServerConnection void idle_server_connection_set_tls(IdleServerConnection *conn, gboolean tls) { IdleServerConnectionPrivate *priv = IDLE_SERVER_CONNECTION_GET_PRIVATE(conn); g_socket_client_set_tls(priv->socket_client, tls); - g_socket_client_set_tls_validation_flags(priv->socket_client, - G_TLS_CERTIFICATE_VALIDATE_ALL - & ~G_TLS_CERTIFICATE_UNKNOWN_CA - & ~G_TLS_CERTIFICATE_BAD_IDENTITY - & ~G_TLS_CERTIFICATE_EXPIRED); + + /* The regression tests don't have a CA-issued certificate, + * oddly enough. */ + if (!tp_strdiff (g_getenv ("IDLE_TEST_BE_VULNERABLE_TO_MAN_IN_THE_MIDDLE_ATTACKS"), "vulnerable")) { + g_socket_client_set_tls_validation_flags(priv->socket_client, + G_TLS_CERTIFICATE_VALIDATE_ALL + & ~G_TLS_CERTIFICATE_UNKNOWN_CA + & ~G_TLS_CERTIFICATE_BAD_IDENTITY + & ~G_TLS_CERTIFICATE_EXPIRED); + } } |