summaryrefslogtreecommitdiff
path: root/src/gmrequest.c
diff options
context:
space:
mode:
authorJaakko Keränen <jaakko.keranen@iki.fi>2021-03-02 13:05:02 +0200
committerJaakko Keränen <jaakko.keranen@iki.fi>2021-03-02 13:05:02 +0200
commitf992ba117fe420a7231f005e62627380689d57ab (patch)
treecd8310f3deafb78f910832aaf47b2ff7ac98aa05 /src/gmrequest.c
parentff52105505dfa74fc93016aace904a1f1e86b570 (diff)
Server certificates may also be verified by CAs
If the CA file/path are configured in preferences, trust CA verification over manual TOFU checks.
Diffstat (limited to 'src/gmrequest.c')
-rw-r--r--src/gmrequest.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/gmrequest.c b/src/gmrequest.c
index 0208dc94..ea0a2d80 100644
--- a/src/gmrequest.c
+++ b/src/gmrequest.c
@@ -163,6 +163,9 @@ static void checkServerCertificate_GmRequest_(iGmRequest *d) {
163 if (checkTrust_GmCerts(d->certs, domain, cert)) { 163 if (checkTrust_GmCerts(d->certs, domain, cert)) {
164 resp->certFlags |= trusted_GmCertFlag; 164 resp->certFlags |= trusted_GmCertFlag;
165 } 165 }
166 if (verify_TlsCertificate(cert) == authority_TlsCertificateVerifyStatus) {
167 resp->certFlags |= authorityVerified_GmCertFlag;
168 }
166 validUntil_TlsCertificate(cert, &resp->certValidUntil); 169 validUntil_TlsCertificate(cert, &resp->certValidUntil);
167 set_String(&resp->certSubject, collect_String(subject_TlsCertificate(cert))); 170 set_String(&resp->certSubject, collect_String(subject_TlsCertificate(cert)));
168 } 171 }
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-17 13:52:49 +0000