On Tue, Feb 19, 2013 at 3:05 PM, Nick Mathewson <ni...@freehaven.net> wrote: > On Tue, Feb 19, 2013 at 12:22 PM, Catalin Patulea <catal...@google.com> wrote: >> >> Signed-off-by: Catalin Patulea <catal...@google.com> >> --- >> .gitignore | 1 + >> sample/https-client.c | 207 >> ++++++++++++++++++++++++++++++++++++++++++++++++++ >> sample/include.am | 5 ++ >> 3 files changed, 213 insertions(+) >> create mode 100644 sample/https-client.c >> > > Looks like a good start! > > Patrick, do you have time to have a look at this? I'm hoping you'll > have some ideas of whether or not this is the right way to write this. > > > Some initial comments: > > * It could sure use comments! > > * This is dangerous code; it doesn't do any certificate validation > so far as I can see, and as such gets zero protection from > man-in-the-middle attacks. People who don't know how to use TLS will > be copying our examples here, so we need to make sure to get the > security right.
Oh dear. It looks like le-proxy.c has the same issue with not doing certificate validation. We should fix that too, before anybody decides that reading le-proxy.c is a substitute for learning the OpenSSL API and shoots themselves in the foot. :p -- Nick *********************************************************************** To unsubscribe, send an e-mail to majord...@freehaven.net with unsubscribe libevent-users in the body.
