#3916: Mutt 1.8: TOFU host certificate not working
-----------------------+----------------------
Reporter: kratem32 | Owner: mutt-dev
Type: defect | Status: new
Priority: major | Milestone: 1.8
Component: crypto | Version:
Resolution: | Keywords: tofu
-----------------------+----------------------
Comment (by m-a):
What you call "should not do that" is the normal OpenSSL behaviour, and
you're just used to mutt's older custom behaviour, because OpenSSL assumes
if a certificate closer to the root fails verification, the entire chain
is invalid.
If, OTOH you accept the root once, it is trusted and since the signatures
themselves are valid, the entire chain is considered verified OK.
In order to get the old behaviour back, mutt would have to add and track a
"please confirm every certificate" marker through the multiple calls to
ssl_verify_callback(), and in this mode it would have to behave as though
preverify_ok were 0 (so as to present the cerficiate) but still return 1
from ssl_verify_callback() except when someone rejects the host
certificate.
--
Ticket URL: <https://dev.mutt.org/trac/ticket/3916#comment:7>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
