Add option to trust server's certificate

New tls policy "trust" added to /connect and /account. With the policy TLS connection is established even with invalid certificate. Note, that trust policy forces TLS connection and it fails when server doesn't support TLS. Examples: /connect <jid> tls trust /account <name> set tls trust
author: Dmitry Podgorny <pasis.ua@gmail.com> 2018-11-06 14:01:27 +0200
committer: Dmitry Podgorny <pasis.ua@gmail.com> 2018-11-06 14:09:02 +0200
commit: 7f65aaa9a2ba1e7d9fe182cc18938fa39462e095 (patch)
tree: 7de15c627bd8d52ac34e38da1a23b2aa9216550e /src/xmpp/connection.c
parent: 671849c71152e7cc9272480ecab6d35f92e199ed (diff)
download: profani-tty-7f65aaa9a2ba1e7d9fe182cc18938fa39462e095.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/src/xmpp/connection.c b/src/xmpp/connection.c
index 1d142e3f..2602032d 100644
--- a/src/xmpp/connection.c
+++ b/src/xmpp/connection.c
@@ -150,6 +150,9 @@ connection_connect(const char *const jid, const char *const passwd, const char *
 
     if (!tls_policy || (g_strcmp0(tls_policy, "force") == 0)) {
         xmpp_conn_set_flags(conn.xmpp_conn, XMPP_CONN_FLAG_MANDATORY_TLS);
+    } else if (g_strcmp0(tls_policy, "trust") == 0) {
+        xmpp_conn_set_flags(conn.xmpp_conn, XMPP_CONN_FLAG_MANDATORY_TLS);
+        xmpp_conn_set_flags(conn.xmpp_conn, XMPP_CONN_FLAG_TRUST_TLS);
     } else if (g_strcmp0(tls_policy, "disable") == 0) {
         xmpp_conn_set_flags(conn.xmpp_conn, XMPP_CONN_FLAG_DISABLE_TLS);
     } else if (g_strcmp0(tls_policy, "legacy") == 0) {
author	Dmitry Podgorny <pasis.ua@gmail.com>	2018-11-06 14:01:27 +0200
committer	Dmitry Podgorny <pasis.ua@gmail.com>	2018-11-06 14:09:02 +0200
commit	7f65aaa9a2ba1e7d9fe182cc18938fa39462e095 (patch)
tree	7de15c627bd8d52ac34e38da1a23b2aa9216550e /src/xmpp/connection.c
parent	671849c71152e7cc9272480ecab6d35f92e199ed (diff)
download	profani-tty-7f65aaa9a2ba1e7d9fe182cc18938fa39462e095.tar.gz