Stephen Hahn wrote: > * Darren J Moffat <[EMAIL PROTECTED]> [2008-04-09 13:48]: >> [EMAIL PROTECTED] wrote: >>> We need rudimentary SSL support in the pkg client for our upcoming >>> release. This set of changes adds basic SSL support to the client and fixes >>> a bunch of other bugs I created in my last few putbacks. >>> >>> Webrev is available here: >>> >>> http://cr.opensolaris.org/~johansen/pkg-sslcli/ >> In the man page diffs I saw: >> 294 + Although HTTPS servers may validate client SSL certificates, the >> 295 + client does not currently validate the server's. >> >> That pretty much defeats the main reason for doing SSL from the clients >> view. The whole point is you need to know that the server you are >> connecting to is who you expect to be and the way to do that with SSL is >> to verify the presented certificate against your local trust anchors >> (this is what your browser does). > > Yeah, we know.
Good. >> It turns out that this weakness isn't in your code but in the underlying >> Python module. I think sadly that this means in the longer term a more >> to a better HTTP library is going to be needed. > > Yep. > >> The client needs a set of trust anchors to verify against and the Python >> httplib API doesn't even provide a way to specify that. >> >> On the other hand it is really really nice to see support for client >> side certs being provided. Out of scope for this codereview but by the >> time this integrates into Solaris we ideally want to have the client key >> stored in a PKCS#11 accessible keystore (see encrypt(1), pktool(1) etc). >> I wouldn't TCR in an ARC review but I would consider a TCA. > > (I read pktool(1) fairly carefully last week, and ended up with a > bunch of questions, so went with just paths for now.) That is just and is what most people will use if they even bother to use client side certs at all (which in most cases you won't for public repositories - this is more interesting when submitting than retrieving). Given the issues are now documented here I see value in this being integrated as is (though I haven't done a code review I'll leave that to others) because it is still useful from a testing view point and establishing the new cli args. -- Darren J Moffat _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
