openssl: add back the dummy verify callback

The certificate verification happens on handshake on our case
author: Ignacio Casal Quinteiro <qignacio@amazon.com> 2019-05-16 13:02:56 +0200
committer: Ignacio Casal Quinteiro <qignacio@amazon.com> 2019-05-16 13:02:56 +0200
commit: 8c67b140bbe5e88b9ddcf2d3f91b55aca3317dae (patch)
tree: 2591a7f6ff969f7fa0f260f4ed01c96add602766
parent: ed484287ff10b70020924d4121034fb10de97f65 (diff)
download: glib-networking-8c67b140bbe5e88b9ddcf2d3f91b55aca3317dae.tar.gz
1 files changed, 8 insertions, 1 deletions
diff --git a/tls/openssl/gtlsserverconnection-openssl.c b/tls/openssl/gtlsserverconnection-openssl.c
index 3c3f363..a42294a 100644
--- a/tls/openssl/gtlsserverconnection-openssl.c
+++ b/tls/openssl/gtlsserverconnection-openssl.c
@@ -172,6 +172,13 @@ g_tls_server_connection_openssl_set_property (GObject      *object,
     }
 }
 
+static int
+verify_callback (int             preverify_ok,
+                 X509_STORE_CTX *ctx)
+{
+  return 1;
+}
+
 static void
 g_tls_server_connection_openssl_prepare_handshake (GTlsConnectionBase  *tls,
                                                    gchar              **advertised_protocols)
@@ -194,7 +201,7 @@ g_tls_server_connection_openssl_prepare_handshake (GTlsConnectionBase  *tls,
       break;
     }
 
-  SSL_set_verify (openssl->ssl, req_mode, NULL);
+  SSL_set_verify (openssl->ssl, req_mode, verify_callback);
   /* FIXME: is this ok? */
   SSL_set_verify_depth (openssl->ssl, 0);
author	Ignacio Casal Quinteiro <qignacio@amazon.com>	2019-05-16 13:02:56 +0200
committer	Ignacio Casal Quinteiro <qignacio@amazon.com>	2019-05-16 13:02:56 +0200
commit	8c67b140bbe5e88b9ddcf2d3f91b55aca3317dae (patch)
tree	2591a7f6ff969f7fa0f260f4ed01c96add602766
parent	ed484287ff10b70020924d4121034fb10de97f65 (diff)
download	glib-networking-8c67b140bbe5e88b9ddcf2d3f91b55aca3317dae.tar.gz