On tis, 2012-01-24 at 22:05 +0200, Peter Eisentraut wrote:
> > > One thing that is perhaps worth thinking about: Currently, we just
> > > ignore missing root.crt and root.crl files. With this patch, we still
> > > do this, even if the user has given a specific nondefault location.
> > > That seems a bit odd, but I can't think of a simple way to do it better.
> >
> > There's a review in the CF app for this finding only minor issues, so
> > I'm marking this patch therein as "Ready for Committer".
>
> OK, no one had any concerns about the missing file behavior I
> described above? If not, then I'll commit it soon.
I'm still worried about this. If we ignore a missing root.crt, then the
effect is that authentication and certificate verification might fail,
which would be annoying, but you'd notice it soon enough. But if we
ignore a missing root.crl, we are creating a security hole.
My best idea at the moment is that we should set these parameters to
empty by default, and make users point them to existing files if they
want to use that functionality. Comments?
