Skip to content
GitLab

net: Fix TLS cert validation not being done for any network call

Merged Bastien Nocera requested to merge wip/hadess/tls-verification into master

The default SoupSessionAsync behaviour does not perform any TLS certificate validation, unless the ssl-use-system-ca-file property is set to true.

See https://blogs.gnome.org/mcatanzaro/2021/05/25/reminder-soupsessionsync-and-soupsessionasync-default-to-no-tls-certificate-verification/

This mitigates CVE-2016-20011.

Closes: #146 (closed)

Merge request reports