#3903: Rework OpenSSL certificate verification to support alternative chains
--------------------------+----------------------
Reporter: kempniu | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: crypto | Version:
Resolution: | Keywords:
--------------------------+----------------------
Comment (by kempniu):
> I had a little time to look at the patch (but not test it yet), so just
a few brief comments.
>
> First, it looks like you are not validating the hostname when pos==0 but
!preverify_ok. Shouldn't we move the check_host() block in between the
check_certificate_cache() and the if(!preverify_ok) block?
Right, I think I wanted to minimize the number of checks performed for a
certificate that fails preverification, but now that you brought this up,
yes, I think we should rather stick to the check order that the original
code used.
> The "log verification error" should probably go inside a #ifdef DEBUG,
just like it was in check_certificate_by_signer(). No sense in generating
the error message into buf if the dprint is a noop.
Good point.
> I think the name of the verify callback function should be renamed;
ssl_check_preauth is confusing. ssl_verify_callback() sounds as good as
anything...
Agreed, I was trying to emphasize that a lot of the current code can be
reused and perhaps went a step too far.
I will submit an updated patch next week, perhaps in the meantime more
people will have a chance to take a look and/or test. Thanks!
--
Ticket URL: <https://dev.mutt.org/trac/ticket/3903#comment:3>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
