On 12/08/2010 04:24 PM, Salvatore Bonaccorso wrote:
- Forwarded message from Steffen Ullrich via RT
bug-io-socket-...@rt.cpan.org -
it's not that simple:
- usually SSL_verify_callback is used together with a valid CA file or
CA path, because one wants to let openssl pre-check the certificate
and only add additional checks (see SSL_set_verify openssl docs),
- if SSL_verifycn_scheme is set there will be an implicite
SSL_verify_callback which checks the name in the certificate
Because the case, that somebody wants to check the certificate completly
by itself w/o having openssl check the certificate chain, is IMHO
uncommon, I don't change the code for now.
Hrm. i'm doing it with a tool i hope to release later this week,
actually [0], so while it might be uncommon, it does happen.
What do you suggest i do to make this work? maybe i should do something
like:
ca_path = '/'
?
That seems pretty weird to me. Can you recommend a better way that i
can fully disable these checks, or is this the best way?
I think it is safer than risk to not doing certificate checks.
What do you think is the risk here? If no trusted root authorities are
supplied (by either ca_path or ca_file), but a verify callback is
present, that verify callback will simply never see a preverify_ok
argument set to 1, right? why is that dangerous?
--dkg
[0] https://labs.riseup.net/code/issues/2016
signature.asc
Description: OpenPGP digital signature