proxy: Force all SSL certificates to be trustedlibrest-0.7.12

By setting the CA file we make it a certificate error if the certificate is self-signed. Fixes: https://bugzilla.gnome.org/show_bug.cgi?id=663783
author: Rob Bradford <rob@linux.intel.com> 2011-11-10 16:26:07 +0000
committer: Rob Bradford <rob@linux.intel.com> 2011-11-10 16:26:07 +0000
commit: e01f2be50938a629cec7adaace3d7635282369d2 (patch)
tree: db66753a596f5744e0e7fd6faeeec17bc5a44f29
parent: 9229ec62b17660536d1bb1e9af6abab2c1ea6dac (diff)
download: librest-e01f2be50938a629cec7adaace3d7635282369d2.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/rest/rest-proxy.c b/rest/rest-proxy.c
index 69bd90f..088fd0a 100644
--- a/rest/rest-proxy.c
+++ b/rest/rest-proxy.c
@@ -247,6 +247,16 @@ rest_proxy_init (RestProxy *self)
 
   priv->session = soup_session_async_new ();
   priv->session_sync = soup_session_sync_new ();
+
+  /* with ssl-strict (defaults TRUE) setting ssl-ca-file forces all
+   * certificates to be trusted */
+  g_object_set (priv->session,
+                "ssl-ca-file", REST_SYSTEM_CA_FILE,
+                NULL);
+  g_object_set (priv->session_sync,
+                "ssl-ca-file", REST_SYSTEM_CA_FILE,
+                NULL);
+
 #if WITH_GNOME
   soup_session_add_feature_by_type (priv->session,
                                     SOUP_TYPE_PROXY_RESOLVER_GNOME);
author	Rob Bradford <rob@linux.intel.com>	2011-11-10 16:26:07 +0000
committer	Rob Bradford <rob@linux.intel.com>	2011-11-10 16:26:07 +0000
commit	e01f2be50938a629cec7adaace3d7635282369d2 (patch)
tree	db66753a596f5744e0e7fd6faeeec17bc5a44f29
parent	9229ec62b17660536d1bb1e9af6abab2c1ea6dac (diff)
download	librest-e01f2be50938a629cec7adaace3d7635282369d2.tar.gz