diff options
Diffstat (limited to 'louloulibs/network')
-rw-r--r-- | louloulibs/network/credentials_manager.cpp | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/louloulibs/network/credentials_manager.cpp b/louloulibs/network/credentials_manager.cpp index d5b0eb3..c5b8493 100644 --- a/louloulibs/network/credentials_manager.cpp +++ b/louloulibs/network/credentials_manager.cpp @@ -81,8 +81,18 @@ void BasicCredentialsManager::load_certs() log_debug("Using ca bundle: " << path); while (!bundle.end_of_data() && bundle.check_available(27)) { - const Botan::X509_Certificate cert(bundle); - BasicCredentialsManager::certificate_store.add_certificate(cert); + // TODO: remove this work-around for Botan 1.11.29 + // https://github.com/randombit/botan/issues/438#issuecomment-192866796 + // Note that every certificate that fails to be transcoded into latin-1 + // will be ignored. As a result, some TLS connection may be refused + // because the certificate is signed by an issuer that was ignored. + try { + const Botan::X509_Certificate cert(bundle); + BasicCredentialsManager::certificate_store.add_certificate(cert); + } catch (const Botan::Decoding_Error& error) + { + continue; + } } // Only use the first file that can successfully be read. goto success; |