diff options
author | Mikhail Zabaluev <mikhail.zabaluev@nokia.com> | 2011-05-20 16:25:42 +0300 |
---|---|---|
committer | Mikhail Zabaluev <mikhail.zabaluev@nokia.com> | 2011-05-20 16:25:42 +0300 |
commit | 01d10bf1deca680b64592314a009ecccacdb1d9d (patch) | |
tree | 1d77f59ff14cbe719338bed28685fa926746a286 /src | |
parent | c63db60141b7330cca797e601e2f1d39343191fd (diff) |
Added connection parameter "ignore-tls-errors"
The client should be able to circumvent the newly strict behavior, if
they don't care about the security of their connection.
Diffstat (limited to 'src')
-rw-r--r-- | src/sip-connection-manager.c | 10 | ||||
-rw-r--r-- | src/sip-connection-private.h | 1 | ||||
-rw-r--r-- | src/sip-connection.c | 16 |
3 files changed, 26 insertions, 1 deletions
diff --git a/src/sip-connection-manager.c b/src/sip-connection-manager.c index 34ca30f..2da4fe0 100644 --- a/src/sip-connection-manager.c +++ b/src/sip-connection-manager.c @@ -71,6 +71,7 @@ typedef struct { guint local_port; gchar *extra_auth_user; gchar *extra_auth_password; + gboolean ignore_tls_errors; } TpsipConnParams; static void * @@ -121,6 +122,7 @@ enum { TPSIP_CONN_PARAM_LOCAL_PORT, TPSIP_CONN_PARAM_EXTRA_AUTH_USER, TPSIP_CONN_PARAM_EXTRA_AUTH_PASSWORD, + TPSIP_CONN_PARAM_IGNORE_TLS_ERRORS, N_TPSIP_CONN_PARAMS }; @@ -200,6 +202,10 @@ static const TpCMParamSpec tpsip_params[] = { { "extra-auth-password", DBUS_TYPE_STRING_AS_STRING, G_TYPE_STRING, TP_CONN_MGR_PARAM_FLAG_SECRET, NULL, G_STRUCT_OFFSET (TpsipConnParams, extra_auth_password) }, + /* If true, TLS validation errors will be ignored */ + { "ignore-tls-errors", DBUS_TYPE_BOOLEAN_AS_STRING, G_TYPE_BOOLEAN, + TP_CONN_MGR_PARAM_FLAG_HAS_DEFAULT, GUINT_TO_POINTER(FALSE), + G_STRUCT_OFFSET (TpsipConnParams, ignore_tls_errors) }, { NULL, NULL, 0, 0, NULL, 0 } }; @@ -549,5 +555,9 @@ tpsip_connection_manager_new_connection (TpBaseConnectionManager *base, SET_PROPERTY_IF_PARAM_SET ("extra-auth-password", TPSIP_CONN_PARAM_EXTRA_AUTH_PASSWORD, params->extra_auth_password); + SET_PROPERTY_IF_PARAM_SET ("ignore-tls-errors", + TPSIP_CONN_PARAM_IGNORE_TLS_ERRORS, + params->ignore_tls_errors); + return connection; } diff --git a/src/sip-connection-private.h b/src/sip-connection-private.h index 6a7efcf..f79fa93 100644 --- a/src/sip-connection-private.h +++ b/src/sip-connection-private.h @@ -69,6 +69,7 @@ struct _TpsipConnectionPrivate gboolean loose_routing; gboolean discover_binding; gboolean immutable_streams; + gboolean ignore_tls_errors; gboolean keepalive_interval_specified; diff --git a/src/sip-connection.c b/src/sip-connection.c index 3651f13..9ad8fff 100644 --- a/src/sip-connection.c +++ b/src/sip-connection.c @@ -103,6 +103,7 @@ enum PROP_LOCAL_PORT, /**< Local port for SIP (normally not needed, chosen by stack) */ PROP_EXTRA_AUTH_USER, /**< User name to use for extra authentication challenges */ PROP_EXTRA_AUTH_PASSWORD,/**< Password to use for extra authentication challenges */ + PROP_IGNORE_TLS_ERRORS, /**< If true, TLS errors will be ignored */ PROP_SOFIA_ROOT, /**< Event root pointer from the Sofia-SIP stack */ LAST_PROPERTY }; @@ -304,6 +305,9 @@ tpsip_connection_set_property (GObject *object, priv->extra_auth_password = g_value_dup_string (value); break; } + case PROP_IGNORE_TLS_ERRORS: + priv->ignore_tls_errors = g_value_get_boolean (value); + break; case PROP_SOFIA_ROOT: { priv->sofia_root = g_value_get_pointer (value); break; @@ -393,6 +397,9 @@ tpsip_connection_get_property (GObject *object, g_value_set_uint (value, priv->local_port); break; } + case PROP_IGNORE_TLS_ERRORS: + g_value_set_boolean (value, priv->ignore_tls_errors); + break; case PROP_SOFIA_ROOT: { g_value_set_pointer (value, priv->sofia_root); break; @@ -585,6 +592,12 @@ tpsip_connection_class_init (TpsipConnectionClass *klass) G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); INST_PROP(PROP_EXTRA_AUTH_PASSWORD); + param_spec = g_param_spec_boolean ("ignore-tls-errors", "Ignore TLS errors", + "If true, the TLS verification errors will be ignored", + FALSE, + G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); + INST_PROP(PROP_IGNORE_TLS_ERRORS); + #undef INST_PROP tp_dbus_properties_mixin_class_init (object_class, @@ -930,7 +943,8 @@ tpsip_connection_start_connecting (TpBaseConnection *base, NUTAG_AUTOANSWER(0), NUTAG_APPL_METHOD("MESSAGE"), SIPTAG_ALLOW_STR("INVITE, ACK, BYE, CANCEL, OPTIONS, PRACK, MESSAGE, UPDATE"), - TPTAG_TLS_VERIFY_POLICY(TPTLS_VERIFY_ALL), + TAG_IF(!priv->ignore_tls_errors, + TPTAG_TLS_VERIFY_POLICY(TPTLS_VERIFY_ALL)), TAG_NULL()); if (priv->sofia_nua == NULL) { |