From 81a55052707d460a7f437b664682817c2c99dce6 Mon Sep 17 00:00:00 2001
From: fiaxh <git@lightrise.org>
Date: Thu, 31 Dec 2020 19:00:54 +0100
Subject: Allow certificates from unknown CAs from .onion domains

It's barely possible for .onion servers to provide a non-self-signed cert. But that's fine because encryption is provided independently though TOR.

see #958
---
 xmpp-vala/src/core/stream_connect.vala | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'xmpp-vala/src/core/stream_connect.vala')

diff --git a/xmpp-vala/src/core/stream_connect.vala b/xmpp-vala/src/core/stream_connect.vala
index a7615e9f..9a3dac76 100644
--- a/xmpp-vala/src/core/stream_connect.vala
+++ b/xmpp-vala/src/core/stream_connect.vala
@@ -8,12 +8,12 @@ namespace Xmpp {
     }
 
     public class XmppStreamResult {
-        public XmppStream? stream { get; set; }
+        public TlsXmppStream? stream { get; set; }
         public TlsCertificateFlags? tls_errors { get; set; }
         public IOStreamError? io_error { get; set; }
     }
 
-    public async XmppStreamResult establish_stream(Jid bare_jid, Gee.List<XmppStreamModule> modules, string? log_options) {
+    public async XmppStreamResult establish_stream(Jid bare_jid, Gee.List<XmppStreamModule> modules, string? log_options, TlsXmppStream.OnInvalidCert on_invalid_cert) {
         Jid remote = bare_jid.domain_jid;
 
         //Lookup xmpp-client and xmpps-client SRV records
@@ -58,9 +58,9 @@ namespace Xmpp {
         foreach (SrvTargetInfo target in targets) {
             try {
                 if (target.service == "xmpp-client") {
-                    stream = new StartTlsXmppStream(remote, target.host, target.port);
+                    stream = new StartTlsXmppStream(remote, target.host, target.port, on_invalid_cert);
                 } else {
-                    stream = new DirectTlsXmppStream(remote, target.host, target.port);
+                    stream = new DirectTlsXmppStream(remote, target.host, target.port, on_invalid_cert);
                 }
                 stream.log = new XmppLog(bare_jid.to_string(), log_options);
 
-- 
cgit v1.2.3-54-g00ecf