summaryrefslogtreecommitdiff
path: root/debian/patches/0502-Have-all-soup-sessions-validate-TLS-certificates.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/0502-Have-all-soup-sessions-validate-TLS-certificates.patch')
-rw-r--r--debian/patches/0502-Have-all-soup-sessions-validate-TLS-certificates.patch39
1 files changed, 39 insertions, 0 deletions
diff --git a/debian/patches/0502-Have-all-soup-sessions-validate-TLS-certificates.patch b/debian/patches/0502-Have-all-soup-sessions-validate-TLS-certificates.patch
new file mode 100644
index 0000000..df24283
--- /dev/null
+++ b/debian/patches/0502-Have-all-soup-sessions-validate-TLS-certificates.patch
@@ -0,0 +1,39 @@
+From ac6efab13554d1ef39eb8b86744234d72773c2da Mon Sep 17 00:00:00 2001
+From: Michael Catanzaro <mcatanzaro@igalia.com>
+Date: Fri, 4 Dec 2015 17:34:17 +0100
+Subject: [PATCH] Have all soup sessions validate TLS certificates
+
+Note that this commit is *not* sufficient to fix certificate verification
+on its own. The port to WK2 is also required, else WebKit's soup session
+will not verify certificates.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=751709
+---
+ plugins/common/RESTSupport.vala | 1 +
+ plugins/shotwell-publishing/FacebookPublishing.vala | 1 +
+ 2 files changed, 2 insertions(+)
+
+Index: trunk/plugins/common/RESTSupport.vala
+===================================================================
+--- trunk.orig/plugins/common/RESTSupport.vala
++++ trunk/plugins/common/RESTSupport.vala
+@@ -20,6 +20,7 @@ public abstract class Session {
+ public Session(string? endpoint_url = null) {
+ this.endpoint_url = endpoint_url;
+ soup_session = new Soup.SessionAsync();
++ this.soup_session.ssl_use_system_ca_file = true;
+ }
+
+ protected void notify_wire_message_unqueued(Soup.Message message) {
+Index: trunk/plugins/shotwell-publishing/FacebookPublishing.vala
+===================================================================
+--- trunk.orig/plugins/shotwell-publishing/FacebookPublishing.vala
++++ trunk/plugins/shotwell-publishing/FacebookPublishing.vala
+@@ -1473,6 +1473,7 @@ internal class GraphSession {
+ this.soup_session.timeout = 15;
+ this.access_token = null;
+ this.current_message = null;
++ this.soup_session.ssl_use_system_ca_file = true;
+ }
+
+ ~GraphSession() {
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-16 13:03:30 +0000