From fc736b89e2fdb8f2673bd289535636ef91d3871d Mon Sep 17 00:00:00 2001
From: Tim Otten <totten@civicrm.org>
Date: Tue, 30 Jun 2015 16:21:10 -0700
Subject: [PATCH] CRM-16757 - Use customized CertificateValidator

---
 CRM/Cxn/BAO/Cxn.php | 17 ++++++++++++++++-
 api/v3/CxnApp.php   |  3 ++-
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/CRM/Cxn/BAO/Cxn.php b/CRM/Cxn/BAO/Cxn.php
index f41cb576c0..4e8a690f6d 100644
--- a/CRM/Cxn/BAO/Cxn.php
+++ b/CRM/Cxn/BAO/Cxn.php
@@ -161,8 +161,9 @@ class CRM_Cxn_BAO_Cxn extends CRM_Cxn_DAO_Cxn {
    */
   public static function createRegistrationClient() {
     $cxnStore = new \CRM_Cxn_CiviCxnStore();
-    $client = new \Civi\Cxn\Rpc\RegistrationClient(self::getCACert(), $cxnStore, \CRM_Cxn_BAO_Cxn::getSiteCallbackUrl());
+    $client = new \Civi\Cxn\Rpc\RegistrationClient($cxnStore, \CRM_Cxn_BAO_Cxn::getSiteCallbackUrl());
     $client->setLog(new \CRM_Utils_SystemLogger());
+    $client->setCertValidator(self::createCertificateValidator());
     return $client;
   }
 
@@ -175,8 +176,22 @@ class CRM_Cxn_BAO_Cxn extends CRM_Cxn_DAO_Cxn {
     $cxnStore = new CRM_Cxn_CiviCxnStore();
     $apiServer = new \Civi\Cxn\Rpc\ApiServer($cxnStore);
     $apiServer->setLog(new CRM_Utils_SystemLogger());
+    $apiServer->setCertValidator(self::createCertificateValidator());
     $apiServer->setRouter(array('CRM_Cxn_ApiRouter', 'route'));
     return $apiServer;
   }
 
+  /**
+   * @return \Civi\Cxn\Rpc\CertificateValidatorInterface
+   * @throws CRM_Core_Exception
+   */
+  public static function createCertificateValidator() {
+    $caCert = self::getCACert();
+    if ($caCert === NULL) {
+      return new \Civi\Cxn\Rpc\DefaultCertificateValidator(NULL, NULL, NULL);
+    }
+    else {
+      return new \Civi\Cxn\Rpc\DefaultCertificateValidator($caCert);
+    }
+  }
 }
diff --git a/api/v3/CxnApp.php b/api/v3/CxnApp.php
index be10d3b82e..5f7afd6a41 100644
--- a/api/v3/CxnApp.php
+++ b/api/v3/CxnApp.php
@@ -104,7 +104,8 @@ function civicrm_api3_cxn_app_get($params) {
     throw new API_Exception("Failed to download application list.");
   }
 
-  $agent = new \Civi\Cxn\Rpc\Agent(CRM_Cxn_BAO_Cxn::getCACert(), NULL, NULL);
+  $agent = new \Civi\Cxn\Rpc\Agent(NULL, NULL);
+  $agent->setCertValidator(CRM_Cxn_BAO_Cxn::createCertificateValidator());
   $message = $agent->decode(array(AppMetasMessage::NAME, GarbledMessage::NAME), $blob);
 
   if ($message instanceof AppMetasMessage) {
-- 
2.25.1