guint is_server:1;
guint ssl_strict:1;
guint ssl_fallback:1;
- guint ssl_ca_in_creds:1;
guint clean_dispose:1;
gpointer ssl_creds;
+ gboolean ssl_ca_in_creds;
GMainContext *async_context;
GSource *watch_src;
SoupSocketPrivate *priv = SOUP_SOCKET_GET_PRIVATE (sock);
if (soup_ssl_credentials_verify_certificate (priv->ssl_creds,
- cert, errors)) {
- priv->ssl_ca_in_creds = TRUE;
+ cert, errors,
+ &priv->ssl_ca_in_creds))
return TRUE;
- }
return !priv->ssl_strict;
}
gboolean
soup_ssl_credentials_verify_certificate (SoupSSLCredentials *creds,
GTlsCertificate *cert,
- GTlsCertificateFlags errors)
+ GTlsCertificateFlags errors,
+ gboolean *ca_in_creds)
{
errors = errors & creds->validation_flags;
+ *ca_in_creds = FALSE;
if (errors & G_TLS_CERTIFICATE_UNKNOWN_CA) {
GList *ca;
for (ca = creds->ca_list; ca; ca = ca->next) {
if ((g_tls_certificate_verify (cert, NULL, ca->data) & G_TLS_CERTIFICATE_UNKNOWN_CA) == 0) {
errors &= ~G_TLS_CERTIFICATE_UNKNOWN_CA;
+ *ca_in_creds = TRUE;
break;
}
}
void soup_ssl_free_client_credentials (SoupSSLCredentials *creds);
gboolean soup_ssl_credentials_verify_certificate (SoupSSLCredentials *creds,
GTlsCertificate *cert,
- GTlsCertificateFlags errors);
+ GTlsCertificateFlags errors,
+ gboolean *ca_in_creds);
SoupSSLCredentials *soup_ssl_get_server_credentials (const char *cert_file,
const char *key_file);
projects / platform / upstream / libsoup.git / commitdiff