Re: [PATCH] libressl/apps: load trusted ca certificates as specified on the command line

Hi, > Basically - a root of trust is something sacrosanct. If you said "use > this root of trust" and somehow that fails, trying to run more code > when you *know* the requested root of trust did not work is very very > wrong. Do not proceed further, do not pass go, do not try to validate > the

Re: [PATCH] libressl/apps: load trusted ca certificates as specified on the command line

Yes, I mean the program should exit with an error message if the requested CA file (either the default, or via -CAfile) can't be loaded. On Fri, Apr 1, 2016 at 8:44 AM, Florian Zumbiehl wrote: > Hi, > >> Florian I'm happy to look at this now with you >> >> But based on the old

Re: [PATCH] libressl/apps: load trusted ca certificates as specified on the command line

Basically - a root of trust is something sacrosanct. If you said "use this root of trust" and somehow that fails, trying to run more code when you *know* the requested root of trust did not work is very very wrong. Do not proceed further, do not pass go, do not try to validate the certificate

Re: [PATCH] libressl/apps: load trusted ca certificates as specified on the command line

Hi, > Florian I'm happy to look at this now with you > > But based on the old discussion I'm not certain I'm happy with the > final result. > > IMO - here's what we need in these: > > 1) If you specify nothing, you should get the default. > 2) If you specify a CAfile, and there is no failure

Re: [PATCH] libressl/apps: load trusted ca certificates as specified on the command line

Florian I'm happy to look at this now with you But based on the old discussion I'm not certain I'm happy with the final result. IMO - here's what we need in these: 1) If you specify nothing, you should get the default. 2) If you specify a CAfile, and there is no failure in loading it, you

Re: [PATCH] libressl/apps: load trusted ca certificates as specified on the command line

Hi, it occured to me that this patch that I submitted quite a while ago still hasn't been merged and discussion about it back then got stuck due to a release being prepared or something--so, here I submit it again, though you might want to read the discussion on the thread from 2014 that I am

Re: [PATCH] libressl/apps: load trusted ca certificates as specified on the command line

On Mon, Aug 4, 2014 at 1:33 PM, Florian Zumbiehl fl...@florz.de wrote: ping? We're basically in release lock right now, so this sort of behavioral change, particularly one diverging from OpenSSL, is a bit too risky for this moment. Ping again when we go back to -current and we can figure out

Re: [PATCH] libressl/apps: load trusted ca certificates as specified on the command line

ping?

Re: [PATCH] libressl/apps: load trusted ca certificates as specified on the command line

ping? This is a fix for OpenSSL tickets #977 and #3213, loosely based on patch from Reuben Thomas from #3213. --- src/apps/s_client.c |5 +++-- src/apps/s_server.c | 10 ++ src/apps/s_time.c |5 +++-- 3 files changed, 12 insertions(+), 8 deletions(-) diff --git

Re: [PATCH] libressl/apps: load trusted ca certificates as specified on the command line

On Sun, Jul 27, 2014 at 2:16 AM, Florian Zumbiehl fl...@florz.de wrote: ping? This is a fix for OpenSSL tickets #977 and #3213, loosely based on patch from Reuben Thomas from #3213. Hmm, what a mess. The smime and ocsp subcommands use an internal function setup_verify() to get the

Re: [PATCH] libressl/apps: load trusted ca certificates as specified on the command line

Hi, [...] Is this an area where the current behavior cannot be used safely? No. Indeed, using CAs in circumstances where OpenSSL doesn't may create security issues for existing scripts using the openssl command. *If* using the compiled in paths is correct, then I would think using the

Re: [PATCH] libressl/apps: load trusted ca certificates as specified on the command line

On Sun, Jul 27, 2014 at 3:49 AM, Florian Zumbiehl fl...@florz.de wrote: Is this an area where the current behavior cannot be used safely? No. Indeed, using CAs in circumstances where OpenSSL doesn't may create security issues for existing scripts using the openssl command. *If* using

Re: [PATCH] libressl/apps: load trusted ca certificates as specified on the command line

Hi, Ha! Ain't this code great! You're correct that I misread it. So right now: * If you don't specify either option, no CAs will be available * if you specify -CAfile and it can't be loaded, then no CAs will be available * if you specify -CApath and either it's the zero-length path ()