diff options
| author | fiaxh <git@lightrise.org> | 2020-12-31 19:00:54 +0100 |
|---|---|---|
| committer | fiaxh <git@lightrise.org> | 2020-12-31 19:04:02 +0100 |
| commit | 81a55052707d460a7f437b664682817c2c99dce6 (patch) | |
| tree | 0d2b184a98d5a62d47beb2a4a09a13a4ea6e12a4 /libdino/src/service/registration.vala | |
| parent | 99e98ac8d97296b0a34351d3bc8b155b0c8fc6db (diff) | |
| download | dino-81a55052707d460a7f437b664682817c2c99dce6.tar.gz dino-81a55052707d460a7f437b664682817c2c99dce6.zip | |
Allow certificates from unknown CAs from .onion domains
It's barely possible for .onion servers to provide a non-self-signed cert. But that's fine because encryption is provided independently though TOR.
see #958
Diffstat (limited to 'libdino/src/service/registration.vala')
| -rw-r--r-- | libdino/src/service/registration.vala | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/libdino/src/service/registration.vala b/libdino/src/service/registration.vala index b4377b98..dc9ed95c 100644 --- a/libdino/src/service/registration.vala +++ b/libdino/src/service/registration.vala @@ -29,7 +29,9 @@ public class Register : StreamInteractionModule, Object{ list.add(new Iq.Module()); list.add(new Sasl.Module(account.bare_jid.to_string(), account.password)); - XmppStreamResult stream_result = yield Xmpp.establish_stream(account.bare_jid.domain_jid, list, Application.print_xmpp); + XmppStreamResult stream_result = yield Xmpp.establish_stream(account.bare_jid.domain_jid, list, Application.print_xmpp, + (_, peer_cert, errors) => { return ConnectionManager.on_invalid_certificate(account.domainpart, peer_cert, errors); } + ); if (stream_result.stream == null) { if (stream_result.tls_errors != null) { @@ -80,7 +82,9 @@ public class Register : StreamInteractionModule, Object{ Gee.List<XmppStreamModule> list = new ArrayList<XmppStreamModule>(); list.add(new Iq.Module()); - XmppStreamResult stream_result = yield Xmpp.establish_stream(jid.domain_jid, list, Application.print_xmpp); + XmppStreamResult stream_result = yield Xmpp.establish_stream(jid.domain_jid, list, Application.print_xmpp, + (_, peer_cert, errors) => { return ConnectionManager.on_invalid_certificate(jid.domainpart, peer_cert, errors); } + ); if (stream_result.stream == null) { if (stream_result.io_error != null) { @@ -125,7 +129,9 @@ public class Register : StreamInteractionModule, Object{ list.add(new Iq.Module()); list.add(new Xep.InBandRegistration.Module()); - XmppStreamResult stream_result = yield Xmpp.establish_stream(jid.domain_jid, list, Application.print_xmpp); + XmppStreamResult stream_result = yield Xmpp.establish_stream(jid.domain_jid, list, Application.print_xmpp, + (_, peer_cert, errors) => { return ConnectionManager.on_invalid_certificate(jid.domainpart, peer_cert, errors); } + ); if (stream_result.stream == null) { return null; @@ -169,7 +175,9 @@ public class Register : StreamInteractionModule, Object{ list.add(new Iq.Module()); list.add(new Xep.InBandRegistration.Module()); - XmppStreamResult stream_result = yield Xmpp.establish_stream(jid.domain_jid, list, Application.print_xmpp); + XmppStreamResult stream_result = yield Xmpp.establish_stream(jid.domain_jid, list, Application.print_xmpp, + (_, peer_cert, errors) => { return ConnectionManager.on_invalid_certificate(jid.domainpart, peer_cert, errors); } + ); if (stream_result.stream == null) { return null; |