diff options
author | fiaxh <git@lightrise.org> | 2020-12-31 19:00:54 +0100 |
---|---|---|
committer | fiaxh <git@lightrise.org> | 2020-12-31 19:04:02 +0100 |
commit | 81a55052707d460a7f437b664682817c2c99dce6 (patch) | |
tree | 0d2b184a98d5a62d47beb2a4a09a13a4ea6e12a4 /xmpp-vala/src/core/starttls_xmpp_stream.vala | |
parent | 99e98ac8d97296b0a34351d3bc8b155b0c8fc6db (diff) | |
download | dino-81a55052707d460a7f437b664682817c2c99dce6.tar.gz dino-81a55052707d460a7f437b664682817c2c99dce6.zip |
Allow certificates from unknown CAs from .onion domains
It's barely possible for .onion servers to provide a non-self-signed cert. But that's fine because encryption is provided independently though TOR.
see #958
Diffstat (limited to 'xmpp-vala/src/core/starttls_xmpp_stream.vala')
-rw-r--r-- | xmpp-vala/src/core/starttls_xmpp_stream.vala | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/xmpp-vala/src/core/starttls_xmpp_stream.vala b/xmpp-vala/src/core/starttls_xmpp_stream.vala index 3df0dffb..401d7295 100644 --- a/xmpp-vala/src/core/starttls_xmpp_stream.vala +++ b/xmpp-vala/src/core/starttls_xmpp_stream.vala @@ -4,11 +4,13 @@ public class Xmpp.StartTlsXmppStream : TlsXmppStream { string host; uint16 port; + TlsXmppStream.OnInvalidCert on_invalid_cert_outer; - public StartTlsXmppStream(Jid remote, string host, uint16 port) { - this.remote_name = remote; + public StartTlsXmppStream(Jid remote, string host, uint16 port, TlsXmppStream.OnInvalidCert on_invalid_cert) { + base(remote); this.host = host; this.port = port; + this.on_invalid_cert_outer = on_invalid_cert; } public override async void connect() throws IOStreamError { @@ -40,6 +42,7 @@ public class Xmpp.StartTlsXmppStream : TlsXmppStream { reset_stream(conn); conn.accept_certificate.connect(on_invalid_certificate); + conn.accept_certificate.connect(on_invalid_cert_outer); } catch (Error e) { stderr.printf("Failed to start TLS: %s\n", e.message); } |