On 12/08/2010 04:24 PM, Salvatore Bonaccorso wrote: > ----- Forwarded message from Steffen Ullrich via RT > <[email protected]> ----- > it's not that simple: > - usually SSL_verify_callback is used together with a valid CA file or > CA path, because one wants to let openssl pre-check the certificate > and only add additional checks (see SSL_set_verify openssl docs), > - if SSL_verifycn_scheme is set there will be an implicite > SSL_verify_callback which checks the name in the certificate > > Because the case, that somebody wants to check the certificate completly > by itself w/o having openssl check the certificate chain, is IMHO > uncommon, I don't change the code for now.
Hrm. i'm doing it with a tool i hope to release later this week,
actually [0], so while it might be uncommon, it does happen.
What do you suggest i do to make this work? maybe i should do something
like:
ca_path => '/'
?
That seems pretty weird to me. Can you recommend a better way that i
can fully disable these checks, or is this the best way?
> I think it is safer than risk to not doing certificate checks.
What do you think is the risk here? If no trusted root authorities are
supplied (by either ca_path or ca_file), but a verify callback is
present, that verify callback will simply never see a preverify_ok
argument set to 1, right? why is that dangerous?
--dkg
[0] https://labs.riseup.net/code/issues/2016
signature.asc
Description: OpenPGP digital signature
