> On Mar 24, 2016, at 4:21 AM, DEXTER <mydexterid at gmail.com> wrote: > > So this patch: > https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b3b1eb5735c5b3d566a9fc3bf745bf716a29afa0 > > magically made itself into ubuntu trusty's version of openssl in a > security update. > > My question is: > > What is the recommended way now to call X509_verify_cert twice or > unlimited times from SSL_CTX_set_cert_verify_callback callback. > (This is where the ctx is already initialized by openssl and not by the user) I'm afraid multiple calls are not supported. I'll consider updating the 1.1.0 code to make that possible, but that won't help you with 1.0.[12]... -- Viktor.