SSL support does not validate server certificate

Treferwynd / transmission-remote-gtk

Automatically exported from code.google.com/p/transmission-remote-gtk

GNU General Public License v2.0

0 stars 0 forks source link

SSL support does not validate server certificate #235

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

When connecting to a remote server using SSL there is no verification of the 
remote servers certificate. This would improve connection security for those 
using SSL.

Original issue reported on code.google.com by jmelt...@vt.edu on 29 Jul 2013 at 5:55

GoogleCodeExporter commented 9 years ago

True, this should probably be configurable.

Original comment by a...@eth0.org.uk on 29 Jul 2013 at 6:53

Changed state: Accepted
Added labels: Type-Enhancement
Removed labels: Type-Defect

GoogleCodeExporter commented 9 years ago

There's an option for this now.

Original comment by a...@eth0.org.uk on 20 Dec 2013 at 9:17

GoogleCodeExporter commented 9 years ago

Original comment by a...@eth0.org.uk on 20 Dec 2013 at 9:17

Changed state: Fixed

GoogleCodeExporter commented 9 years ago

Hmm, why get rid of VERIFYHOST?  It's still useful to check that self-signed 
cert matches IP address.  Spoofable but at least usable.

Original comment by reardo...@gmail.com on 4 Jan 2014 at 8:59