#3916: Mutt 1.8: TOFU approach bails out on first fail or reject, not offering
higher links of the cert' chain
--------------------------+----------------------
  Reporter:  kratem32     |      Owner:  mutt-dev
      Type:  enhancement  |     Status:  new
  Priority:  minor        |  Milestone:  1.8
 Component:  crypto       |    Version:
Resolution:               |   Keywords:  tofu
--------------------------+----------------------

Comment (by m-a):

 Replying to [comment:57 kevin8t8]:

 > I glanced quickly, and as you mentioned in comment:56 there is one extra
 test that needs to be removed from ssl_verify_callback(), just before the
 second call to interactive_check_cert():
 >
 > {{{
 >    if ((pos != 0) && (quadoption (OPT_SSLVERIFYPARTIAL) == MUTT_YES))
 >    {
 >      SSL_set_ex_data (ssl, SkipModeExDataIndex, &SkipModeExDataIndex);
 >      return 1;
 >    }
 > }}}
 >
 > That was for the previous "auto-skip" functionality of the quadoption.

 Killed from my revised patch.

 > The other small issue is generating documentation.  We'll need to add
 whatever #ifdef test we use into doc/makedoc-defs.h so the option is
 always generated in the documentation.

 Done. Please find attachment:ticket-3916-verify-partial-v2-boolopt.patch​
 that appears to work for me and addresses your concerns about
 documentation. It goes directly on top of the default branch as of r6957
 aka d15de76f7123.

 > Finally, it sounds like we agree on attachment:ticket-3916-clear-
 errs-v2.patch.  So I will just go ahead and push that version up shortly.

 Thanks. That helps.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3916#comment:59>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

Reply via email to