Skip to content

💥 Don't set verify_callback to VerifyCallbackProc#534

Merged
nevans merged 1 commit intomasterfrom
drop-automatic-VerifyCallbackProc
Oct 16, 2025
Merged

💥 Don't set verify_callback to VerifyCallbackProc#534
nevans merged 1 commit intomasterfrom
drop-automatic-VerifyCallbackProc

Conversation

@nevans
Copy link
Collaborator

@nevans nevans commented Oct 16, 2025
edited
Loading

The VerifyCallbackProc constant will no longer be automatically assigned to context.verify_callback.

The callback can still be set explicitly:

# for implicit TLS
imap = Net::IMAP.new(host, ssl: {verify_callback: VerifyCallbackProc})

# for STARTTLS
imap = Net::IMAP.new(host)
imap.starttls(verify_callback: VerifyCallbackProc)

Prior to this commit, if VerifyCallbackProc were set (it could be any of Net::IMAP::VerifyCallbackProc, OpenSSL::SSL::VerifyCallbackProc, OpenSSL::VerifyCallbackProc, Net::VerifyCallbackProc, or ::VerifyCallbackProc), it would automatically be assigned to context.verify_callback. I can't find any evidence that this constant has ever been set for net-imap, openssl, or ruby. But it is also used by net-ftp.

This functionality existed from the beginning of net-imap's TLS support, but was never documented. I don't know the original motivation for this. (Perhaps it's still useful for inserting a debug logger?) But I'm guessing that past motivations for this code are less significant now. Earlier versions of ruby's openssl did not have very secure defaults, but the modern openssl gem already handles the verify callback just fine.

@nevans
💥 Don't set verify_callback to VerifyCallbackProc
6d5c233 
The `VerifyCallbackProc` constant will no longer be automatically
assigned to `context.verify_callback`.

The callback can still be set explicitly:
```
imap = Net::IMAP.new(host, ssl: {verify_callback: VerifyCallbackProc})
imap.starttls(verify_callback: VerifyCallbackProc)
```

Prior to this commit, if `VerifyCallbackProc` were set (it could be any
of `Net::IMAP::VerifyCallbackProc`, `OpenSSL::SSL::VerifyCallbackProc`,
`OpenSSL::VerifyCallbackProc`, `Net::VerifyCallbackProc`, or
`::VerifyCallbackProc`), it would automatically be assigned to
`context.verify_callback`.  I can't find any evidence that this constant
has ever been set for `net-imap`, `openssl`, or ruby.  But it _is_ also
used by `net-ftp`.

This functionality existed from the beginning of `net-imap`'s TLS
support, but was never documented.  I don't know the original motivation
for this.  (Perhaps it's still useful for inserting a debug logger?)  But
I'm guessing that past motivations for this code are less significant
now.  Earlier versions of ruby's `openssl` did not have very secure
defaults, but the modern `openssl` gem already handles the verify
callback just fine.
@nevans nevans added the breaking-change Breaking change to publicly documented API label Oct 16, 2025
Base automatically changed from do-not-mixin-openssl-module to master October 16, 2025 15:20
@nevans nevans requested a review from shugo October 16, 2025 15:20
@nevans
Copy link
Collaborator Author

nevans commented Oct 16, 2025

@shugo Any objections to this?

@nevans nevans merged commit 2ca79f6 into master Oct 16, 2025
39 checks passed
@nevans nevans deleted the drop-automatic-VerifyCallbackProc branch October 16, 2025 15:21
@nevans nevans added this to the v0.6 milestone Oct 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shugo shugo Awaiting requested review from shugo

Assignees

No one assigned

Labels

breaking-change Breaking change to publicly documented API

Projects

None yet

Milestone

v0.6

Development

Successfully merging this pull request may close these issues.

1 participant

@nevans