#3899: mutt_ssl's interactive_check_cert() has several issues
----------------------+----------------------
Reporter: kevin8t8 | Owner: mutt-dev
Type: defect | Status: new
Priority: major | Milestone:
Component: crypto | Version:
Keywords: |
----------------------+----------------------
It is calling X509_NAME_oneline() with a fixed sized buffer.
It is using strstr to tokenize the parts of the certificate name. The
problem with this approach is described in
https://langui.sh/2016/01/29/x509-name-oneline/
--
Ticket URL: <https://dev.mutt.org/trac/ticket/3899>
Mutt <http://www.mutt.org/>
The Mutt mail user agent