OpenSSL 1.0.2d X509_verify_cert function does not work as used to with chain of certificates

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sun, Nov 15, 2015 at 07:00:06PM +0530, Jayalakshmi bhat wrote:

> In earlier version of OpenSSL  (i.e OpenSSL 1.0.1c)  X509_verify_cert had a
> check * if (params->trust >0)* before invoking check_trust function.

The OpenSSL source code is available via git:

    https://github.com/openssl/openssl.git

The branch containing 1.0.2c and 1.0.2d is "OpenSSL_1_0_2-stable".

Can you point to the commit that makes the change in question?

> This has been removed in OpenSSL 1.0.2d. Does it mean applications are
> expected to set the X509_VERIFY_PARAM properly?

I don't see any changes that match your description.

-- 
	Viktor.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux