Merge pull request #63 from achilleasa/support-registration-of-bad-ce…

…rt-handler

Support registration of bad cert handler

lib/src/client/connection_settings.dart

@@ -30,6 +30,7 @@ class ConnectionSettings {
 
   // TLS settings (if TLS connection is required)
   SecurityContext? tlsContext;
+  bool Function(X509Certificate)? onBadCertificate;
 
   ConnectionSettings({
     this.host = "127.0.0.1",
@@ -40,5 +41,6 @@ class ConnectionSettings {
     this.reconnectWaitTime = const Duration(milliseconds: 1500),
     TuningSettings? tuningSettings,
     this.tlsContext,
+    this.onBadCertificate,
   }) : tuningSettings = tuningSettings ?? TuningSettings();
 }

lib/src/client/impl/client_impl.dart

@@ -43,6 +43,7 @@ class _ClientImpl implements Client {
         settings.host,
         settings.port,
         context: settings.tlsContext,
+        onBadCertificate: settings.onBadCertificate,
       );
     } else {
       connectionLogger.info(

test/lib/client_test.dart

@@ -136,5 +136,24 @@ main({bool enableLogger = true}) {
       client = Client(settings: settings);
       await client.connect();
     });
+
+    test("bad certificate handler", () async {
+      Completer testCompleter = Completer();
+
+      SecurityContext ctx = SecurityContext(withTrustedRoots: true);
+      ConnectionSettings settings = ConnectionSettings(
+          port: 5671,
+          tlsContext: ctx,
+          onBadCertificate: (X509Certificate cert) {
+            print(
+                " [x] onBadCertificate: allowing TLS connection to be established even though we cannot verify the certificate");
+            testCompleter.complete();
+            return true; // allow connection to proceed
+          });
+      client = Client(settings: settings);
+      await client.connect();
+
+      return testCompleter.future;
+    });
   }, skip: skipTLSTests);
 }