diff options
author | Rob Bradford <rob@linux.intel.com> | 2011-11-10 16:26:07 +0000 |
---|---|---|
committer | Rob Bradford <rob@linux.intel.com> | 2011-11-10 16:26:07 +0000 |
commit | e01f2be50938a629cec7adaace3d7635282369d2 (patch) | |
tree | db66753a596f5744e0e7fd6faeeec17bc5a44f29 | |
parent | 9229ec62b17660536d1bb1e9af6abab2c1ea6dac (diff) |
proxy: Force all SSL certificates to be trustedlibrest-0.7.12
By setting the CA file we make it a certificate error if the certificate
is self-signed.
Fixes: https://bugzilla.gnome.org/show_bug.cgi?id=663783
-rw-r--r-- | rest/rest-proxy.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/rest/rest-proxy.c b/rest/rest-proxy.c index 69bd90f..088fd0a 100644 --- a/rest/rest-proxy.c +++ b/rest/rest-proxy.c @@ -247,6 +247,16 @@ rest_proxy_init (RestProxy *self) priv->session = soup_session_async_new (); priv->session_sync = soup_session_sync_new (); + + /* with ssl-strict (defaults TRUE) setting ssl-ca-file forces all + * certificates to be trusted */ + g_object_set (priv->session, + "ssl-ca-file", REST_SYSTEM_CA_FILE, + NULL); + g_object_set (priv->session_sync, + "ssl-ca-file", REST_SYSTEM_CA_FILE, + NULL); + #if WITH_GNOME soup_session_add_feature_by_type (priv->session, SOUP_TYPE_PROXY_RESOLVER_GNOME); |