Re: [Mutt] #3426: certificate validation fails with openssl

To: julm+mutt@xxxxxxxxxxxxxxxxxxxxxxx, Mutt <fleas@xxxxxxxx>
Subject: Re: [Mutt] #3426: certificate validation fails with openssl
From: "Matthias Andree" <matthias.andree@xxxxxx>
Date: Fri, 06 Aug 2010 10:00:53 +0200
Cc: mutt-dev@xxxxxxxx
In-reply-to: <046.a1b73c21d49ca5bc4216e84e05cb5cb2@xxxxxxxx>
List-post: <mailto:mutt-dev@mutt.org>
List-unsubscribe: send mail to majordomo@mutt.org, body only "unsubscribe mutt-dev"
Organization:
References: <037.99fbd8b7c7e8710124fbb6052f9b8cbf@xxxxxxxx> <046.a1b73c21d49ca5bc4216e84e05cb5cb2@xxxxxxxx>
Sender: owner-mutt-dev@xxxxxxxx
User-agent: Opera Mail/10.60 (Linux)

Am 29.06.2010, 20:10 Uhr, schrieb Mutt:

#3426: certificate validation fails with openssl
--------------------------+-------------------------------------------------
 Reporter:  ph030         |       Owner:  mutt-dev
     Type:  defect        |      Status:  new
 Priority:  major         |   Milestone:
Component:  mutt          |     Version:  1.5.20
 Keywords:  openssl cert  |
--------------------------+-------------------------------------------------

Comment(by ph030):

 Thank you, julm, I'll see if I can apply it.

The patch appears to be in reverse, but is required to unbreak subjectalternative name matching. Mutt, with Thomas Hoger's patch, mistakenlycompares the strlen of the SSL structure (which is ill-defined and bogus)against the payload ->length.


I've just sent a new hg patch to mutt-dev@

--
Matthias Andree

References:
- [Mutt] #3426: certificate validation fails with openssl
  - From: Mutt
- Re: [Mutt] #3426: certificate validation fails with openssl
  - From: Mutt

Prev by Date: [PATCH 2 of 2] Unbreak X.509 SubjAltName checks,
Next by Date: [PATCH 0 of 2] Assorted minor mutt configure and SSL/TLS fixes
Previous by thread: Re: [Mutt] #3426: certificate validation fails with openssl
Next by thread: Re: [Mutt] #3426: certificate validation fails with openssl
Index(es):
- Date
- Thread