Apple OpenSSL Verification Surprises
Read OriginalThis technical article details how Apple's patched version of OpenSSL in macOS intercepts and overrides standard certificate verification failures, using system trust settings instead. This breaks the expected behavior of the `SSL_CTX_set_verify` callback, making it unsuitable for custom security checks like hostname verification and potentially exposing software to man-in-the-middle attacks. The post includes C code to demonstrate the issue and discusses the CVE and Apple's response.
Comments
No comments yet
Be the first to share your thoughts!
Browser Extension
Get instant access to AllDevBlogs from your browser