diff options
author | Jay Satiro <raysatiro@yahoo.com> | 2015-05-30 01:29:48 -0400 |
---|---|---|
committer | Jay Satiro <raysatiro@yahoo.com> | 2015-06-07 23:33:32 -0400 |
commit | b8673bb9f05013eef1ae413e15ac995e9d215641 (patch) | |
tree | c10e1bbccc7f637641cad560388a2072de20899b /CHANGES | |
parent | 8f4791440a940cbc7bd5a911ae5344b117669dcc (diff) |
openssl: Fix verification of server-sent legacy intermediates
- Try building a chain using issuers in the trusted store first to avoid
problems with server-sent legacy intermediates.
Prior to this change server-sent legacy intermediates with missing
legacy issuers would cause verification to fail even if the client's CA
bundle contained a valid replacement for the intermediate and an
alternate chain could be constructed that would verify successfully.
https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest
Diffstat (limited to 'CHANGES')
0 files changed, 0 insertions, 0 deletions