Allow use of system TAs to be disabled via TLSOptions

Add new boolean flag to TLSOptions which when set to true prevents system Trust Anchors being loaded into new TLS contexts created using OpenSSL. Add new test to Swiften QA with appropriate comment. JIRA: SWIFT-425 Test-information: Checked logic of change under debugger while running the tests in CertificateTest.cpp which create TLS contexts. Change-Id: I2d4a8410ce9cc752e6774e1d1cdb84dcd37b01d7
author: Tim Costen <tim.costen@isode.com> 2019-10-28 11:15:57 (GMT)
committer: Tim Costen <tim.costen@isode.com> 2019-10-29 11:35:05 (GMT)
commit: be7632881677da5267eb711c1f2823ac82d43d09 (patch)
tree: 9088f5433f24017a4729becf03a0ca871b71a90f /Swiften/TLS/TLSOptions.h
parent: 8e0a9cd6a608ee2bf83b52c9eb9ac556bf10293f (diff)
download: swift-be7632881677da5267eb711c1f2823ac82d43d09.zip
swift-be7632881677da5267eb711c1f2823ac82d43d09.tar.bz2
1 files changed, 5 insertions, 0 deletions
diff --git a/Swiften/TLS/TLSOptions.h b/Swiften/TLS/TLSOptions.h
index 4109096..e3faaf9 100644
--- a/Swiften/TLS/TLSOptions.h
+++ b/Swiften/TLS/TLSOptions.h
@@ -68,5 +68,10 @@ namespace Swift {
          * Allows specification of application-specific Trust Anchors
          */
         boost::optional<std::vector<std::shared_ptr<Certificate>>> trustAnchors;
+
+        /**
+         * Turns off automatic loading of system Trust Anchors
+         */
+        bool ignoreSystemTrustAnchors = false;
     };
 }
author	Tim Costen <tim.costen@isode.com>	2019-10-28 11:15:57 (GMT)
committer	Tim Costen <tim.costen@isode.com>	2019-10-29 11:35:05 (GMT)
commit	be7632881677da5267eb711c1f2823ac82d43d09 (patch)
tree	9088f5433f24017a4729becf03a0ca871b71a90f /Swiften/TLS/TLSOptions.h
parent	8e0a9cd6a608ee2bf83b52c9eb9ac556bf10293f (diff)
download	swift-be7632881677da5267eb711c1f2823ac82d43d09.zip swift-be7632881677da5267eb711c1f2823ac82d43d09.tar.bz2