danger_disable_hostname_verification - SSL routines:ssl3_read_bytes:tlsv1

[ernestas-poskus]

Hey just curious question on HttpsConnector struct there is mut method danger_disable_hostname_verification which trusts any valid certificate for any site.

Question is why on some sites this fails?

extern crate futures;
extern crate hyper;
extern crate hyper_tls;
extern crate tokio;

use futures::{future, Future, Stream};
use std::io::Write;

fn main() {
    tokio::run(future::lazy(|| {
        let mut https = hyper_tls::HttpsConnector::new(4).unwrap();
        https.danger_disable_hostname_verification(true);

        let client = hyper::Client::builder().build::<_, hyper::Body>(https);

        client
            .get("https://httpbin.org/".parse().unwrap())
            .and_then(|res| {
                println!("Status: {}", res.status());
                println!("Headers:\n{:#?}", res.headers());
                res.into_body().for_each(|chunk| {
                    ::std::io::stdout()
                        .write_all(&chunk)
                        .map_err(|e| panic!("example expects stdout to work: {}", e))
                })
            })
            .map_err(|e| println!("request error: {}", e))
    }));
}

$ cargo run --example client
   Compiling hyper-tls v0.2.0-a.0 (file:///home/ow/dev/rust/hyper-tls)
    Finished dev [unoptimized + debuginfo] target(s) in 3.90 secs
     Running `target/debug/examples/client`
request error: an error occurred trying to connect: The OpenSSL library reported an error: error:14094438:
SSL routines:ssl3_read_bytes:tlsv1 alert internal error:ssl/record/rec_layer_s3.c:1407:SSL alert number 80

[srenatus]

It looks like this method was removed recently: https://github.com/hyperium/hyper-tls/commit/912d5996ca330233aaccc270905e4f8e37b28cfb#diff-31bbf71c54bca98a0ae3d40a327af940L53

[ernestas-poskus]

yes, not relevant any more