#3916: Mutt 1.8: TOFU approach bails out on first fail or reject, not offering
higher links of the cert' chain
--------------------------+----------------------
Reporter: kratem32 | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone: 1.8
Component: crypto | Version:
Resolution: | Keywords: tofu
--------------------------+----------------------
Comment (by m-a):
I just figured that none of my patches is ready for 1:1 merge yet, in some
places, the "quadoption" has leaked in comments, and some places need a
guard for when the option isn't present, such as this:
{{{
/* The leaf/host certificate can't be skipped. */
if ((idx != 0) &&
(option (OPT_SSLVERIFYPARTIAL)))
allow_skip = 1;
}}}
I also wonder if we should move the "can we do partial verification" into
autoconfigure to not second-guess OpenSSL includes, but use a
HAVE_PARTIAL_VERIFICATION option instead, for later maintainbility.
--
Ticket URL: <https://dev.mutt.org/trac/ticket/3916#comment:55>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
