On 05/01/2014 03:51 PM, Jeremy Lainé wrote: > One problem I am going to run into is that Apple's API doesn't seem to > provide error > details when a certificate check fails (SecTrustEvaluate), so I don't think > we'll get as > fine-grained QSslError's as when using OpenSSL. I have however managed to > implement the > pattern used in the OpenSSL implementation: > > - start handshake > - emit sslErrors if appropriate > - allow ignoring the errors using ignoreSslErrors > - complete handshake
OK it looks as though I was overly optimistic, I just realised I was relying on some functions only available on OS X, not iOS. >From what I can tell, we can't even do subject / alternative subject name >validation ourselves, as SecCertificateCopyValues is not exposed on OSX. So, it looks as though we can either: - let secure transport do all the checks (name, trust chain, ..) which will result in either success or a failure, with no ability to ignore SSL errors when they occur - disable checks altogether before starting the handshake => totally insecure Bottom line: connecting to hosts with valid certificates is OK, connecting to anything else (self-signed certs, name mismatches) basically nullifies the security promise as we can't check the errors. Is it worth continuing, to at least support the happy path? Cheers, Jeremy _______________________________________________ Development mailing list [email protected] http://lists.qt-project.org/mailman/listinfo/development
