New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[httpc] Do not read OS cacerts if verify_none
#7303
Comments
maennchen
added a commit
to maennchen/otp
that referenced
this issue
May 25, 2023
Avoids crash when using verify_none and the OS does not have a CA cert bundle
maennchen
added a commit
to maennchen/otp
that referenced
this issue
May 26, 2023
Avoids crash when using verify_none and the OS does not have a CA cert bundle
maennchen
added a commit
to maennchen/otp
that referenced
this issue
May 26, 2023
Avoids crash when using verify_none and the OS does not have a CA cert bundle
fhunleth
added a commit
to nerves-project/nerves_system_rpi3a
that referenced
this issue
May 28, 2023
Erlang's httpc now looks for CA certifications in the normal system location even with `:verify_none`. It looks like the `:verify_none` issue will be fixed in [PR 7303](erlang/otp#7303), but it seems useful to have a good set of certs there for httpc users.
dgud
added a commit
that referenced
this issue
May 29, 2023
fhunleth
added a commit
to nerves-project/nerves_system_rpi3a
that referenced
this issue
Jun 6, 2023
Erlang's httpc now looks for CA certifications in the normal system location even with `:verify_none`. It looks like the `:verify_none` issue will be fixed in [PR 7303](erlang/otp#7303), but it seems useful to have a good set of certs there for httpc users.
fhunleth
added a commit
to nerves-project/nerves_system_rpi3a
that referenced
this issue
Jun 6, 2023
Erlang's httpc now looks for CA certifications in the normal system location even with `:verify_none`. It looks like the `:verify_none` issue will be fixed in [PR 7303](erlang/otp#7303), but it seems useful to have a good set of certs there for httpc users.
fhunleth
added a commit
to nerves-project/nerves_system_rpi0
that referenced
this issue
Jun 6, 2023
Erlang's httpc now looks for CA certifications in the normal system location even with `:verify_none`. It looks like the `:verify_none` issue will be fixed in [PR 7303](erlang/otp#7303), but it seems useful to have a good set of certs there for httpc users.
fhunleth
added a commit
to nerves-project/nerves_system_rpi
that referenced
this issue
Jun 6, 2023
Erlang's httpc now looks for CA certifications in the normal system location even with `:verify_none`. It looks like the `:verify_none` issue will be fixed in [PR 7303](erlang/otp#7303), but it seems useful to have a good set of certs there for httpc users.
fhunleth
added a commit
to nerves-project/nerves_system_bbb
that referenced
this issue
Jun 6, 2023
Erlang's httpc now looks for CA certifications in the normal system location even with `:verify_none`. It looks like the `:verify_none` issue will be fixed in [PR 7303](erlang/otp#7303), but it seems useful to have a good set of certs there for httpc users.
fhunleth
added a commit
to nerves-project/nerves_system_rpi2
that referenced
this issue
Jun 6, 2023
Erlang's httpc now looks for CA certifications in the normal system location even with `:verify_none`. It looks like the `:verify_none` issue will be fixed in [PR 7303](erlang/otp#7303), but it seems useful to have a good set of certs there for httpc users.
fhunleth
added a commit
to nerves-project/nerves_system_rpi3
that referenced
this issue
Jun 6, 2023
Erlang's httpc now looks for CA certifications in the normal system location even with `:verify_none`. It looks like the `:verify_none` issue will be fixed in [PR 7303](erlang/otp#7303), but it seems useful to have a good set of certs there for httpc users.
fhunleth
added a commit
to fhunleth/nerves_system_npi_imx6ull
that referenced
this issue
Jun 6, 2023
Erlang's httpc now looks for CA certifications in the normal system location even with `:verify_none`. It looks like the `:verify_none` issue will be fixed in [PR 7303](erlang/otp#7303), but it seems useful to have a good set of certs there for httpc users.
fhunleth
added a commit
to nerves-project/nerves_system_osd32mp1
that referenced
this issue
Jun 6, 2023
Erlang's httpc now looks for CA certifications in the normal system location even with `:verify_none`. It looks like the `:verify_none` issue will be fixed in [PR 7303](erlang/otp#7303), but it seems useful to have a good set of certs there for httpc users.
fhunleth
added a commit
to nerves-project/nerves_system_x86_64
that referenced
this issue
Jun 6, 2023
Erlang's httpc now looks for CA certifications in the normal system location even with `:verify_none`. It looks like the `:verify_none` issue will be fixed in [PR 7303](erlang/otp#7303), but it seems useful to have a good set of certs there for httpc users.
fhunleth
added a commit
to nerves-project/nerves_system_vultr
that referenced
this issue
Jun 6, 2023
Erlang's httpc now looks for CA certifications in the normal system location even with `:verify_none`. It looks like the `:verify_none` issue will be fixed in [PR 7303](erlang/otp#7303), but it seems useful to have a good set of certs there for httpc users.
fhunleth
added a commit
to nerves-project/nerves_system_mangopi_mq_pro
that referenced
this issue
Jun 6, 2023
Erlang's httpc now looks for CA certifications in the normal system location even with `:verify_none`. It looks like the `:verify_none` issue will be fixed in [PR 7303](erlang/otp#7303), but it seems useful to have a good set of certs there for httpc users.
fhunleth
added a commit
to smartrent/nerves_system_srhub
that referenced
this issue
Jun 6, 2023
Erlang's httpc now looks for CA certifications in the normal system location even with `:verify_none`. It looks like the `:verify_none` issue will be fixed in [PR 7303](erlang/otp#7303), but it seems useful to have a good set of certs there for httpc users.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
When suplying
{ssl, [{verify, verify_none}]}
tohttp
, it still callspublic_key:cacerts/0
internally. If there are no OS cacerts present on the machine, httpc will crash even though no certs were actually required.To Reproduce
Expected behavior
No Error
Affected versions
>= 26.0
Additional context
The text was updated successfully, but these errors were encountered: