[haiku-bugs] Re: [Haiku] #9086: Check SSL lib for vulnerability

• From: "pulkomandy" <trac@xxxxxxxxxxxx>
• Date: Fri, 07 Nov 2014 07:07:26 -0000

#9086: Check SSL lib for vulnerability
---------------------------+-------------------------------
   Reporter:  andrewz      |      Owner:  nobody
       Type:  enhancement  |     Status:  closed
   Priority:  normal       |  Milestone:  R1
  Component:  - General    |    Version:  R1/alpha3
 Resolution:  fixed        |   Keywords:  SSL vulnerability
 Blocked By:               |   Blocking:
Has a Patch:  0            |   Platform:  All
---------------------------+-------------------------------

Comment (by pulkomandy):

 http://web.archive.org/web/20121127051829/http://threatpost.com/en_us/blogs
 /ssl-vulnerabilities-found-critical-non-browser-software-packages-102512

 This is a well-known problem with OpenSSL, if nothing special is done it
 will accept any certificate without checking. BSecureSocket enables
 certificate checking, and cals a callback when the certificate can't be
 validated. The default implementation of the callback is to continue
 anyway. Applications which need a secure connection must override the
 callback and act as appropriate.

--
Ticket URL: <https://dev.haiku-os.org/ticket/9086#comment:5>
Haiku <https://dev.haiku-os.org>
Haiku - the operating system.

Other related posts:

• » [haiku-bugs] [Haiku] #9086: Check SSL lib for vulnerability- andrewz
• » [haiku-bugs] Re: [Haiku] #9086: Check SSL lib for vulnerability- anevilyak
• » [haiku-bugs] Re: [Haiku] #9086: Check SSL lib for vulnerability- diver
• » [haiku-bugs] Re: [Haiku] #9086: Check SSL lib for vulnerability- waddlesplash
• » [haiku-bugs] Re: [Haiku] #9086: Check SSL lib for vulnerability- diver
• » [haiku-bugs] Re: [Haiku] #9086: Check SSL lib for vulnerability - pulkomandy

1. Home
2. haiku-bugs
3. Archive
4. 11-2014

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---