> On Jan 8, 2018, at 5:46 PM, Misaki Miyashita <misaki.miyashita@xxxxxxxxxx> wrote: > > I would like to suggest the following fix so that a valid certificate at <hash>.x can be recognized during the cert validation even when <hash>.0 is linking to a bad/expired certificate. This may not be the most elegant solution, but it is a minimal change with low impact to the rest of the code. The patch looks wrong to me. It seems to have a memory leak. It is also not clear that with CApath all the certificates will already be loaded, so the iterator may not find the desired matching element. > Could I possibly get a review on the change? and possibly be considered to be integrated to the upstream? > (This is for the 1.0.1 branch) The 1.0.1 branch is no longer supported. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
