[openssl-dev] [openssl.org #4602] Missing accessors
Richard Levitte
levitte at openssl.org
Wed Aug 3 14:10:16 UTC 2016
In message <20160803.154155.2198714958292922881.levitte at openssl.org> on Wed, 03 Aug 2016 15:41:55 +0200 (CEST), Richard Levitte <levitte at openssl.org> said:
levitte> In message <20160803131344.GB2380 at nikhef.nl> on Wed, 3 Aug 2016 15:13:44 +0200, Mischa Salle <msalle at nikhef.nl> said:
levitte>
levitte> msalle> By the way, even for RFC proxies I still have the problem that setting
levitte> msalle> the flag X509_V_FLAG_CRL_CHECK (and X509_V_FLAG_CRL_CHECK_ALL) to do CRL
levitte> msalle> checking results in a failure. I haven't looked yet what causes it, but
levitte> msalle> that flag should be ignored for proxy certificates in my opinion.
levitte> msalle> Perhaps I'm doing something wrong...?
levitte>
levitte> I believe you've found a bug! Thanks.
I'm attaching the fix I came up with. Please try it out and see if
things work better.
Cheers,
Richard
--
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: x509_vfy.c.patch
Type: text/x-patch
Size: 842 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160803/2bf6ce58/attachment.bin>
More information about the openssl-dev
mailing list