RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 09:37:34 +00:00
Code Issues Activity Actions

LibTLS: Add option to allow self-signed certificates

Browse source 
With this option enabled self-signed certificates will be accepted,
eventhough they cannot be verified.
This commit is contained in:
Michiel Visser 2022-02-23 18:21:21 +01:00 committed by Ali Mohammad Pur
parent 804af863b4
commit 7bc3b193c0
2 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Userland/Libraries/LibTLS/TLSv12.cpp
View file

@ -283,7 +283,7 @@ bool Context::verify_chain(StringView host) const
} else { } else {
if (subject_string == issuer_string) { if (subject_string == issuer_string) {
dbgln("verify_chain: Non-root self-signed certificate"); dbgln("verify_chain: Non-root self-signed certificate");
return false; return options.allow_self_signed_certificates;
} }
if ((cert_index + 1) >= local_chain->size()) { if ((cert_index + 1) >= local_chain->size()) {
dbgln("verify_chain: No trusted root certificate found before end of certificate chain"); dbgln("verify_chain: No trusted root certificate found before end of certificate chain");

1
Userland/Libraries/LibTLS/TLSv12.h
View file

@ -252,6 +252,7 @@ struct Options {
OPTION_WITH_DEFAULTS(bool, use_sni, true) OPTION_WITH_DEFAULTS(bool, use_sni, true)
OPTION_WITH_DEFAULTS(bool, use_compression, false) OPTION_WITH_DEFAULTS(bool, use_compression, false)
OPTION_WITH_DEFAULTS(bool, validate_certificates, true) OPTION_WITH_DEFAULTS(bool, validate_certificates, true)
OPTION_WITH_DEFAULTS(bool, allow_self_signed_certificates, false)
OPTION_WITH_DEFAULTS(Optional<Vector<Certificate>>, root_certificates, ) OPTION_WITH_DEFAULTS(Optional<Vector<Certificate>>, root_certificates, )
OPTION_WITH_DEFAULTS(Function<void(AlertDescription)>, alert_handler, [](auto) {}) OPTION_WITH_DEFAULTS(Function<void(AlertDescription)>, alert_handler, [](auto) {})
OPTION_WITH_DEFAULTS(Function<void()>, finish_callback, [] {}) OPTION_WITH_DEFAULTS(Function<void()>, finish_callback, [] {})