Gregory Szorc <gregory.szorc@gmail.com> [Wed, 01 Jun 2016 19:57:20 -0700] rev 29288
sslutil: add devel.disableloaddefaultcerts to disable CA loading
There are various tests for behavior when CA certs aren't loaded.
Previously, we would pass --insecure to disable loading of CA
certs. This has worked up to this point because the error message
for --insecure and no CAs loaded is the same. Upcoming commits will
change the error message for --insecure and will change behavior
when CAs aren't loaded.
This commit introduces the ability to disable loading of CA certs
by setting devel.disableloaddefaultcerts. This allows a testing
backdoor to disable loading of CA certs even if system/default
CA certs are available. The flag is purposefully not exposed to
end-users because there should not be a need for this in the wild:
certificate pinning and --insecure provide workarounds to disable
cert loading/validation.
Tests have been updated to use the new method. The variable used
to disable CA certs has been renamed because the method is not
OS X specific.
Gregory Szorc <gregory.szorc@gmail.com> [Mon, 30 May 2016 11:20:31 -0700] rev 29287
sslutil: store flag for whether cert verification is disabled
This patch effectively moves the ui.insecureconnections check to
_hostsettings(). After this patch, validatesocket() no longer uses the
ui instance for anything except writing messages.
This patch also enables us to introduce a per-host config option
for disabling certificate verification.
Gregory Szorc <gregory.szorc@gmail.com> [Mon, 30 May 2016 11:19:43 -0700] rev 29286
sslutil: remove "strict" argument from validatesocket()
It was only used by mail.py as part of processing smtp.verifycert,
which was just removed.