On Tue, Aug 10, 2010 at 06:44:14PM +0100, Darren J Moffat wrote: > On 10/08/2010 18:27, [email protected] wrote: > >Ok, after reading your explanation, I agree that asking OpenSSL doesn't > >sound ideal. I'm wondering if it would be better to configure the CA > >path as an image-property. > > I was originally going to suggest exactly that, but felt it was over > kill for now.
Famous last words: It probably shouldn't be too much extra work. :) > > This means that we pick a default initially, > >but that the user/administrator could change it by using the 'pkg > >set-property' command. Does this seem useful, or would this open us up > >to more security problems instead? > > It might be useful and I don't see any security problems it could > cause. In fact for user images (I think that is what they are > called, I mean those that aren't an OpenSolaris bootable image or > Zone root) it would be useful to point elsewhere sometimes (like > using /etc/openssl/ instead of somewhere inside the image). Ok, I'll proceed with that approach. I'd like to try to get this into build 146, which means that I need to be in the gate by Thursday. I'll send out another review later this afternoon. A follow on question: is there any legitimate use case where the client wouldn't want to verify the peer's certificate? Prior to this change, if no CA directory was present, the client wouldn't bother to try to verify the server's certificate. If we allow the user to specify a CA directory, should setting the CA directory to None allow the client to forgo the peer verification? (For the record, the current webrev always has the client verifying the peer). Thanks, -j _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
