search

openwrt / packages

Community maintained packages for OpenWrt. Documentation for submitting pull requests is in CONTRIBUTING.md
GNU General Public License v2.0
4.01k stars 3.49k forks source link

sstp-client: unconditionally disables certificate validation #25212

Open patrakov opened 2 weeks ago

patrakov commented 2 weeks ago

Maintainer: @vgaetera @fededim Environment: Any, for example, TP-Link Archer C7 v2 on OpenWrt 23.05.5

Description:

The sstp.sh protocol handler disables SSL certificate validation unconditionally by passing the --cert-warn option to sstpc. This is a security problem.

patrakov commented 2 weeks ago

Updated!