tech-userlevel archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[Christos Zoulas] CVS commit: src/usr.bin/ftp
Did I miss discussion on this? I am getting the impression that we now
have defaults:
no trust anchors installed
require verification
which really doesn't make sense. If I am following correctly this is a
major behavior change in a controversial area, which isn't ok without
discussion/consensus.
Plus, this is a negative option, usually frowned upon.
So (absent confusion on my part, as always), it sounds like one of the
following should happen:
1) just revert this until we have discussion
2) change the environment variable to CERTIFICATE_VALIDATION to use the term
from the RFC
https://www.rfc-editor.org/rfc/rfc5280#section-6
and default to FALSE, enabling if set and TRUE.
If at some point the system installs trust anchors by default, the
default can change.
Plus, I think it's reasonable to have some config file in /etc/openssl
that signals "user has configured trust anchors and wishes to routinely
validate certificates". The existence of /etc/openssl/VALIDATE might be
a good trigger for validation, or some other color file. That would
mean that the code, running on a system with old config, would not be
surprising. Using this file now in option 2 instead of an environment
variable seems fine.
--- Begin Message ---
Module Name: src
Committed By: christos
Date: Tue Aug 30 08:51:28 UTC 2022
Modified Files:
src/usr.bin/ftp: ftp.1 ssl.c
Log Message:
Add cert verification, together with an environment variable "NO_CERT_VERIFY",
to turn it off.
To generate a diff of this commit:
cvs rdiff -u -r1.146 -r1.147 src/usr.bin/ftp/ftp.1
cvs rdiff -u -r1.10 -r1.11 src/usr.bin/ftp/ssl.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
--- End Message ---
Home |
Main Index |
Thread Index |
Old Index