Re: SSL_CTX ignores many X509_STORE fields and uses own fields

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


> On Aug 17, 2018, at 10:52 PM, Daurnimator <quae@xxxxxxxxxxxxxxx> wrote:
> 
> I understand the current design; but I'm left wondering why it has an
> additional store member when VERIFY_PARAMS has the field there
> already.
> The design would seem to be much cleaner if all criteria for
> verification are taken from a single object.

They are taken from a single object, the X509 store associated with
the SSL_CTX, which is used to verify the peer per SSL_CTX_set_verify().

-- 
	Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux