Add verify argument to ssl_connect() so HTTPS-based stuff is also secure.

(Think of Twitter, but also MSN/Yahoo! authentication.)
author: Wilmer van der Gaast <wilmer@gaast.net> 2011-12-19 18:57:20 +0100
committer: Wilmer van der Gaast <wilmer@gaast.net> 2011-12-19 18:57:20 +0100
commit: a72dc2bb447e754295f8efc6f44fc6572f0f8511 (patch)
tree: 3cd1c6bdc1630cd571740b74b3f1e51dd976fa40 /lib/ssl_gnutls.c
parent: 25b05b75be1acdd4c96a301839be525809f35a47 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/ssl_gnutls.c b/lib/ssl_gnutls.c
index 3ecc6eee..b4bc72d5 100644
--- a/lib/ssl_gnutls.c
+++ b/lib/ssl_gnutls.c
@@ -77,7 +77,7 @@ void ssl_init( void )
 	atexit( gnutls_global_deinit );
 }
 
-void *ssl_connect( char *host, int port, ssl_input_function func, gpointer data )
+void *ssl_connect( char *host, int port, gboolean verify, ssl_input_function func, gpointer data )
 {
 	struct scd *conn = g_new0( struct scd, 1 );
 	
@@ -85,6 +85,8 @@ void *ssl_connect( char *host, int port, ssl_input_function func, gpointer data
 	conn->func = func;
 	conn->data = data;
 	conn->inpa = -1;
+	conn->hostname = g_strdup( host );
+	conn->verify = verify && global.conf->cafile;
 	
 	if( conn->fd < 0 )
 	{
author	Wilmer van der Gaast <wilmer@gaast.net>	2011-12-19 18:57:20 +0100
committer	Wilmer van der Gaast <wilmer@gaast.net>	2011-12-19 18:57:20 +0100
commit	a72dc2bb447e754295f8efc6f44fc6572f0f8511 (patch)
tree	3cd1c6bdc1630cd571740b74b3f1e51dd976fa40 /lib/ssl_gnutls.c
parent	25b05b75be1acdd4c96a301839be525809f35a47 (diff)