[openssl-users] OpenSSL Security Advisory - CVE-2015-1793
matt at openssl.org
Fri Jul 10 21:10:37 UTC 2015
On 10/07/15 19:34, R C Delgado wrote:
> One further question. Can you please confirm that the alternative
> certificate chain feature is enabled by default? It seems to be implied
> in all emails regarding this matter, and I'm assuming the Advisory email
> would have mentioned it otherwise.
Yes, it is enabled by default.
> I've searched the OpenSSL code and seen that X509_V_FLAG_NO_ALT_CHAINS
> exists but is not set in the "flags" member by default when a new X509
> context is initialised. And my code does not modify the context to
> include this flag.
> Please let me know if I'm missing something.
> (I'm using OpenSSL 1.0.1o)
> Many thanks,
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
More information about the openssl-users