libpcap icon indicating copy to clipboard operation
libpcap copied to clipboard

Published 20 hours ago verified publisher icon the-tcpdump-group

TLS certificate not validated for rpcaps:// sources.

Open ryancdotorg opened this issue 2 years ago • 4 comments

Hi,

I was testing out rpcapd, and I noticed that there doesn't seem to be any validation of certificates for rpcaps:// sources, can we get this fixed? Some options will probably be needed to specify CAs. While it's being worked on, it'd be nice to be able to set the TLS cipher suites as well.

ryancdotorg avatar Dec 30 '21 22:12 ryancdotorg

I'll write a patch to address this issue. Does someone want to assign it to me?

ryancdotorg avatar Apr 03 '22 07:04 ryancdotorg

Does someone want to assign it to me?

Done.

guyharris avatar Apr 03 '22 07:04 guyharris

Has there been any progress on this?

daluu avatar Mar 23 '24 19:03 daluu

I have a WIP patch - there's some difficulty in that rpcap works sort of like FTP in that there are separate data and control channels. Some plumbing work is required to carry over details needed to do server name validation.

ryancdotorg avatar Apr 07 '24 16:04 ryancdotorg