summaryrefslogtreecommitdiff
path: root/src/network/tcp_socket_handler.cpp
diff options
context:
space:
mode:
authorRomain DEP <rom1dep@gmail.com>2018-07-21 20:27:49 +0200
committerlouiz’ <louiz@louiz.org>2018-07-22 14:38:51 +0200
commit85288fd0b31027e7948180e0e057242e13f15da4 (patch)
tree3de9cd42529497b9289fa87f114da17aac6edafd /src/network/tcp_socket_handler.cpp
parent458ea53db3edc7318e88a2612baa793a1232cc75 (diff)
downloadbiboumi-85288fd0b31027e7948180e0e057242e13f15da4.tar.gz
biboumi-85288fd0b31027e7948180e0e057242e13f15da4.tar.bz2
biboumi-85288fd0b31027e7948180e0e057242e13f15da4.tar.xz
biboumi-85288fd0b31027e7948180e0e057242e13f15da4.zip
add 'verify_certificate' as possible configuration token for policy files
This lets the user configure a per-domain certificate validation policy
Diffstat (limited to 'src/network/tcp_socket_handler.cpp')
-rw-r--r--src/network/tcp_socket_handler.cpp5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/network/tcp_socket_handler.cpp b/src/network/tcp_socket_handler.cpp
index 642cf03..c6e173d 100644
--- a/src/network/tcp_socket_handler.cpp
+++ b/src/network/tcp_socket_handler.cpp
@@ -332,6 +332,11 @@ void TCPSocketHandler::tls_verify_cert_chain(const std::vector<Botan::X509_Certi
Botan::Usage_Type usage, const std::string& hostname,
const Botan::TLS::Policy& policy)
{
+ if (!this->policy.verify_certificate_info())
+ {
+ log_debug("Not verifying certificate due to domain policy ");
+ return;
+ }
log_debug("Checking remote certificate for hostname ", hostname);
try
{