LibProtocol+LibGemini+LibHTTP: Provide root certificates to LibTLS

Now we (almost) verify all the sites we browse. Certificate verification failures should not be unexpected, as the existing CA certificates are likely not complete.
author: AnotherTest <ali.mpfard@gmail.com> 2020-10-30 11:57:32 +0330
committer: Andreas Kling <kling@serenityos.org> 2020-10-30 23:42:03 +0100
commit: 812e3eceddc4d968de4ccec1e5d43d3555d1a27b (patch)
tree: a34bf6429f391079b9fe1c640d303a30aa0cb854 /Services/ProtocolServer
parent: 37c089fb7b31d37be302384de4313deea6191c75 (diff)
download: serenity-812e3eceddc4d968de4ccec1e5d43d3555d1a27b.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/Services/ProtocolServer/main.cpp b/Services/ProtocolServer/main.cpp
index df027e45dc..8b4b92a0f7 100644
--- a/Services/ProtocolServer/main.cpp
+++ b/Services/ProtocolServer/main.cpp
@@ -27,6 +27,7 @@
 #include <LibCore/EventLoop.h>
 #include <LibCore/LocalServer.h>
 #include <LibIPC/ClientConnection.h>
+#include <LibTLS/Certificate.h>
 #include <ProtocolServer/ClientConnection.h>
 #include <ProtocolServer/GeminiProtocol.h>
 #include <ProtocolServer/HttpProtocol.h>
@@ -38,6 +39,10 @@ int main(int, char**)
         perror("pledge");
         return 1;
     }
+
+    // Ensure the certificates are read out here.
+    (void)DefaultRootCACertificates::the();
+
     Core::EventLoop event_loop;
     // FIXME: Establish a connection to LookupServer and then drop "unix"?
     if (pledge("stdio inet shared_buffer accept unix", nullptr) < 0) {
author	AnotherTest <ali.mpfard@gmail.com>	2020-10-30 11:57:32 +0330
committer	Andreas Kling <kling@serenityos.org>	2020-10-30 23:42:03 +0100
commit	812e3eceddc4d968de4ccec1e5d43d3555d1a27b (patch)
tree	a34bf6429f391079b9fe1c640d303a30aa0cb854 /Services/ProtocolServer
parent	37c089fb7b31d37be302384de4313deea6191c75 (diff)
download	serenity-812e3eceddc4d968de4ccec1e5d43d3555d1a27b.zip