Tails

#1 Updated by intrigeri 2015-01-06 10:04:49

• Affected tool set to Security Check

#2 Updated by intrigeri 2015-02-10 19:02:03

• Subject changed from tails-security-check CA pinning doesn't work to tails-security-check fails open if passed an empty or otherwise useless CA file
• Status changed from Confirmed to In Progress
• % Done changed from 0 to 10
• Feature Branch set to bugfix/8536-security-check-CA-pinning

Actually, it does work, as long as the specified CA file exists and is not empty. Unfortunately, the underlying HTTPS stack fails open when passed a non-existing or empty CA file. So I’m adding checks to ensure we fail close in such cases, and also so that I’m not confused about this next time.

#3 Updated by intrigeri 2015-02-10 19:40:04

• Assignee changed from intrigeri to anonym
• % Done changed from 10 to 50
• QA Check set to Ready for QA

#4 Updated by Tails 2015-02-11 11:58:18

• Status changed from In Progress to Fix committed
• % Done changed from 50 to 100

Applied in changeset commit:eb510638089736a52335ef1f91ab18d7894e3fec.

#5 Updated by anonym 2015-02-11 12:00:12

• Assignee deleted (anonym)
• QA Check changed from Ready for QA to Pass

#6 Updated by BitingBird 2015-02-24 22:46:55

• Status changed from Fix committed to Resolved