From 3afd061b713ce5fff604dee62dec8410a1de6a9c Mon Sep 17 00:00:00 2001
From: Tobias Markmann <tm@ayena.de>
Date: Mon, 1 Feb 2016 17:23:59 +0100
Subject: Disable certificate revocation checking in OS X TLS backend

Default to disabled certificate revocation checking for
SecureTransport TLS backend on OS X. SecureTransport internal
revocation checking machine is not very stable and sometimes
fails reporting a positive revocation check leading to bad
UX.

Test-Information:

Swift login still works and ./scons test=system pass on OS X
10.11.3.

Change-Id: I298ccca4ecab07af5517fe393fdb887d79d70bf1

diff --git a/Swiften/TLS/SecureTransport/SecureTransportContextFactory.cpp b/Swiften/TLS/SecureTransport/SecureTransportContextFactory.cpp
index eb761e9..ce19839 100644
--- a/Swiften/TLS/SecureTransport/SecureTransportContextFactory.cpp
+++ b/Swiften/TLS/SecureTransport/SecureTransportContextFactory.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015 Isode Limited.
+ * Copyright (c) 2015-2016 Isode Limited.
  * All rights reserved.
  * See the COPYING file for more information.
  */
@@ -11,7 +11,10 @@
 
 namespace Swift {
 
-SecureTransportContextFactory::SecureTransportContextFactory() : checkCertificateRevocation_(true), disconnectOnCardRemoval_(true) {
+// Default to disabled revocation checking as SecureTransport API is missing
+// methods for detailed revocation checking configuration which are needed for
+// good UX.
+SecureTransportContextFactory::SecureTransportContextFactory() : checkCertificateRevocation_(false), disconnectOnCardRemoval_(true) {
 
 }
 
-- 
cgit v0.10.2-6-g49f6