Re: [Mutt] #3087: No server hostname validation in SSL certificate
#3087: No server hostname validation in SSL certificate processing
------------------------+---------------------------------------------------
Reporter: gkloepfer | Owner: mutt-dev
Type: defect | Status: reopened
Priority: major | Milestone:
Component: crypto | Version: 1.5.16
Resolution: | Keywords: certificate server validation patch
------------------------+---------------------------------------------------
Changes (by pdmef):
* keywords: certificate server validation => certificate server
validation patch
Comment:
Here we go: attached is a patch that ports the hostname check from msmtp
for OpenSSL to mutt. For the only IMAP server I have it works (certificate
is for *.domain.tld, server is mail.domain.tld).
I'm no OpenSSL expert, but the port is very straight forward, and
annotating the source at sourceforge suggest the code in question is
untouched for at least 3 years. So I think this is mature enough to
include into mutt.
Msmtp is GPLv3 so I think that won't be a problem, either.
--
Ticket URL: <http://dev.mutt.org/trac/ticket/3087#comment:5>
Mutt <http://www.mutt.org/>
The Mutt mail user agent