On 12/08/2010 04:24 PM, Salvatore Bonaccorso wrote: > ----- Forwarded message from Steffen Ullrich via RT > <bug-io-socket-...@rt.cpan.org> ----- > it's not that simple: > - usually SSL_verify_callback is used together with a valid CA file or > CA path, because one wants to let openssl pre-check the certificate > and only add additional checks (see SSL_set_verify openssl docs), > - if SSL_verifycn_scheme is set there will be an implicite > SSL_verify_callback which checks the name in the certificate > > Because the case, that somebody wants to check the certificate completly > by itself w/o having openssl check the certificate chain, is IMHO > uncommon, I don't change the code for now.
Hrm. i'm doing it with a tool i hope to release later this week, actually [0], so while it might be uncommon, it does happen. What do you suggest i do to make this work? maybe i should do something like: ca_path => '/' ? That seems pretty weird to me. Can you recommend a better way that i can fully disable these checks, or is this the best way? > I think it is safer than risk to not doing certificate checks. What do you think is the risk here? If no trusted root authorities are supplied (by either ca_path or ca_file), but a verify callback is present, that verify callback will simply never see a preverify_ok argument set to 1, right? why is that dangerous? --dkg [0] https://labs.riseup.net/code/issues/2016
signature.asc
Description: OpenPGP digital signature