Modify

Opened 4 years ago

Closed 3 years ago

#15822 closed enhancement (fixed)

ddns-scripts: allow https without certificates

Reported by: anonymous Owned by: developers
Priority: normal Milestone: Chaos Calmer 15.05
Component: packages Version: Trunk
Keywords: ddns script https certificate Cc:

Description

running ddns-scripts with https activated will fail if there is no cartificate or certificate path given.

as described at http://wiki.openwrt.org/doc/howto/ddns.client
there needs to be extensions to dynamic_dns_updater.sh script to run wget or curl if no certificate/path is given.

Attachments (1)

dynamic_dns_updater.sh.patch (655 bytes) - added by anonymous 4 years ago.

Download all attachments as: .zip

Change History (4)

Changed 4 years ago by anonymous

comment:1 Changed 4 years ago by Catalin Patulea <cronos586@…>

If you disable cert validation, anyone can MITM your connection and steal your DDNS token.

Why use SSL at all in that case?

Leaving dynamic_dns_updater.sh as-is makes it safer in case someone enables SSL and forgets to install a CA cert pack.

comment:2 Changed 3 years ago by chris5560

Implemented since ddns-scripts ver. 2.0.0-1.
set inside /etc/config/ddns

option cacert "IGNORE"

Use it carefully because server certificate is not verified (insecure)

please close the ticket. Thanks
Christian

comment:3 Changed 3 years ago by nbd

  • Resolution set to fixed
  • Status changed from new to closed

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.