From 25b9e637c77c31d07c10f2cead00b2d1d83cdeb4 Mon Sep 17 00:00:00 2001 From: Seonah Moon Date: Wed, 18 Sep 2019 21:00:54 +0900 Subject: [PATCH] Handle self-signed error (X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) DF190917-00911 DF190917-00912 Change-Id: Icb2e921989ce45d7e3c2a2da2523ba92714ccb75 --- meson.build | 6 ++++++ meson_options.txt | 1 + packaging/glib-networking.spec | 2 +- tls/openssl/gtlscertificate-openssl.c | 3 +++ 4 files changed, 11 insertions(+), 1 deletion(-) diff --git a/meson.build b/meson.build index cf2241e..d3d5642 100644 --- a/meson.build +++ b/meson.build @@ -27,6 +27,11 @@ if get_option('default_ca_file') != '' config_h.set_quoted('TIZEN_DEFAULT_CA_FILE', get_option('default_ca_file')) endif +# TIZEN extension +if get_option('tizen_ext') + config_h.set('TIZEN_EXT', get_option('tizen_ext')) +endif + # compiler flags common_flags = [ '-DHAVE_CONFIG_H', @@ -200,4 +205,5 @@ output += ' openssl support: ' + backends.contains('openssl').to_string() + output += ' libproxy support: ' + libproxy_dep.found().to_string() + '\n' output += ' GNOME proxy support: ' + gsettings_desktop_schemas_dep.found().to_string() + '\n' output += ' TIZEN default CA file: ' + get_option('default_ca_file') + '\n' +output += ' TIZEN extension: ' + get_option('tizen_ext').to_string() + '\n' message(output) diff --git a/meson_options.txt b/meson_options.txt index dab9617..cab6d48 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -5,3 +5,4 @@ option('gnome_proxy', type: 'feature', value: 'auto', description: 'support for option('installed_tests', type: 'boolean', value: false, description: 'enable installed tests') option('static_modules', type: 'boolean', value: false, description: 'build static modules') option('default_ca_file', type: 'string', value: '', description: 'set default CA file') +option('tizen_ext', type: 'boolean', value: false, description: 'enable TIZEN extension') diff --git a/packaging/glib-networking.spec b/packaging/glib-networking.spec index 71e5a1a..1c9ee9a 100755 --- a/packaging/glib-networking.spec +++ b/packaging/glib-networking.spec @@ -36,7 +36,7 @@ Currently, there is only a proxy module based on libproxy. cp %{SOURCE1001} . %build -meson --prefix /usr/ --libdir %{_libdir} build -Dstatic_modules=false -Dgnutls=disabled -Dopenssl=enabled -Ddefault_ca_file=%{TZ_SYS_RO_CA_BUNDLE} +meson --prefix /usr/ --libdir %{_libdir} build -Dstatic_modules=false -Dgnutls=disabled -Dopenssl=enabled -Ddefault_ca_file=%{TZ_SYS_RO_CA_BUNDLE} -Dtizen_ext=true ninja -C build all %install diff --git a/tls/openssl/gtlscertificate-openssl.c b/tls/openssl/gtlscertificate-openssl.c index 83e6e28..3472cd9 100644 --- a/tls/openssl/gtlscertificate-openssl.c +++ b/tls/openssl/gtlscertificate-openssl.c @@ -587,6 +587,9 @@ g_tls_certificate_openssl_convert_error (guint openssl_error) break; case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: +#ifdef TIZEN_EXT + case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: +#endif gtls_flags = G_TLS_CERTIFICATE_UNKNOWN_CA; break; default: -- 2.7.4