Generally the TLS verification should be automatic, as detailed in upstream's reply (i.e. performing proper CN validation via the known CA certs, check for NULL bytes, etc). In the case of a mismatch, then, yes, it should go to the UI.
I still don't think anything that claims to be TLS enabled should go into main if it does not securely handle TLS. We can't control where people connect to, so we can't claim TLS should only be used for "trusted networks". -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/673925 Title: [MIR] freerdp -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
