OpenSSL Security Advisory - CVE-2015-1793

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

One further question. Can you please confirm that the alternative
certificate chain feature is enabled by default? It seems to be implied in
all emails regarding this matter, and I'm assuming the Advisory email would
have mentioned it otherwise.

I've searched the OpenSSL code and seen that X509_V_FLAG_NO_ALT_CHAINS
exists but is not set in the "flags" member by default when a new X509
context is initialised. And my code does not modify the context to include
this flag.

Please let me know if I'm missing something.

(I'm using OpenSSL 1.0.1o)

Many thanks,
RCD


>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150710/7c65b576/attachment.html>


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux