SoupMessage: fix setting of SOUP_MESSAGE_CERTIFICATE_TRUSTED flag

It was accidentally getting cleared at the wrong time (although the
tls-certificate and tls-errors properties were still correct).

Also add a test for this case.

https://bugzilla.gnome.org/show_bug.cgi?id=665182

diff --git a/libsoup/soup-message.c b/libsoup/soup-message.c
index dea3748..dc99f38 100644 (file)
--- a/libsoup/soup-message.c
+++ b/libsoup/soup-message.c
@@ -750,7 +750,9 @@ set_property (GObject *object, guint prop_id,
                if (priv->tls_certificate)
                        g_object_unref (priv->tls_certificate);
                priv->tls_certificate = g_value_dup_object (value);
-               if (priv->tls_certificate && !priv->tls_errors)
+               if (priv->tls_errors)
+                       priv->msg_flags &= ~SOUP_MESSAGE_CERTIFICATE_TRUSTED;
+               else if (priv->tls_certificate)
                        priv->msg_flags |= SOUP_MESSAGE_CERTIFICATE_TRUSTED;
                break;
        case PROP_TLS_ERRORS:
@@ -1394,7 +1396,6 @@ soup_message_cleanup_response (SoupMessage *req)
                priv->decoders = g_slist_delete_link (priv->decoders, priv->decoders);
        }
        priv->msg_flags &= ~SOUP_MESSAGE_CONTENT_DECODED;
-       priv->msg_flags &= ~SOUP_MESSAGE_CERTIFICATE_TRUSTED;
 
        req->status_code = SOUP_STATUS_NONE;
        if (req->reason_phrase) {

diff --git a/tests/ssl-test.c b/tests/ssl-test.c
index 37e746e..0308254 100644 (file)
--- a/tests/ssl-test.c
+++ b/tests/ssl-test.c
@@ -35,6 +35,10 @@ do_properties_test_for_session (SoupSession *session, char *uri)
                debug_printf (1, "    Response not https\n");
                errors++;
        }
+       if (soup_message_get_flags (msg) & SOUP_MESSAGE_CERTIFICATE_TRUSTED) {
+               debug_printf (1, "    CERTIFICATE_TRUSTED set?\n");
+               errors++;
+       }
 
        g_object_unref (msg);
 }
@@ -98,7 +102,18 @@ do_one_strict_test (SoupSession *session, char *uri,
                        debug_printf (1, "              tls error flags: 0x%x\n", flags);
                }
                errors++;
+       } else if (with_ca_list && SOUP_STATUS_IS_SUCCESSFUL (msg->status_code)) {
+               if (!(soup_message_get_flags (msg) & SOUP_MESSAGE_CERTIFICATE_TRUSTED)) {
+                       debug_printf (1, "    CERTIFICATE_TRUSTED not set?\n");
+                       errors++;
+               }
+       } else {
+               if (with_ca_list && soup_message_get_flags (msg) & SOUP_MESSAGE_CERTIFICATE_TRUSTED) {
+                       debug_printf (1, "    CERTIFICATE_TRUSTED set?\n");
+                       errors++;
+               }
        }
+
        g_object_unref (msg);
 }