#3916: Mutt 1.8: TOFU approach bails out on first fail or reject, not offering
higher links of the cert' chain
--------------------------+----------------------
Reporter: kratem32 | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone: 1.8
Component: crypto | Version:
Resolution: | Keywords: tofu
--------------------------+----------------------
Comment (by kevin8t8):
Thank you Matthias!
Today is pretty crazy for me, so I don't think I'll have time to
thoroughly review/test until tomorrow.
I glanced quickly, and as you mentioned in comment:56 there is one extra
test that needs to be removed from ssl_verify_callback(), just before the
second call to interactive_check_cert():
{{{
if ((pos != 0) && (quadoption (OPT_SSLVERIFYPARTIAL) == MUTT_YES))
{
SSL_set_ex_data (ssl, SkipModeExDataIndex, &SkipModeExDataIndex);
return 1;
}
}}}
That was for the previous "auto-skip" functionality of the quadoption.
The other small issue is generating documentation. We'll need to add
whatever #ifdef test we use into doc/makedoc-defs.h so the option is
always generated in the documentation.
Finally, it sounds like we agree on attachment:ticket-3916-clear-
errs-v2.patch. So I will just go ahead and push that version up shortly.
--
Ticket URL: <https://dev.mutt.org/trac/ticket/3916#comment:57>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
