git.ipfire.org Git - thirdparty/openssl.git/commit

]> git.ipfire.org Git - thirdparty/openssl.git/commit - apps/cmp.c

projects / thirdparty / openssl.git / commit

author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>
	Fri, 28 Aug 2020 10:11:31 +0000 (12:11 +0200)
committer	Dr. David von Oheimb <David.von.Oheimb@siemens.com>
	Thu, 10 Sep 2020 05:07:55 +0000 (07:07 +0200)
commit	a0745e2be6635ffdf286ba5bc3bd867c8d4152a9
tree	00d93474fb208fba1ce021a5a82d1effb933535b	tree \| snapshot
parent	474853c39a2b631f9f401df32834043500081b7c	commit \| diff

Clean up CMP chain building for CMP signer, TLS client, and newly enrolled certs

* Use strenghtened cert chain building, verifying chain using optional trust store
while making sure that no certificate status (e.g., CRL) checks are done
* Use OSSL_CMP_certConf_cb() by default and move its doc to OSSL_CMP_CTX_new.pod
* Simplify certificate and cert store loading in apps/cmp.c

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12741)

apps/cmp.c		diff \| blob \| blame \| history
crypto/cmp/cmp_client.c		diff \| blob \| blame \| history
crypto/cmp/cmp_ctx.c		diff \| blob \| blame \| history
crypto/cmp/cmp_local.h		diff \| blob \| blame \| history
crypto/cmp/cmp_protect.c		diff \| blob \| blame \| history
doc/internal/man3/ossl_cmp_msg_protect.pod		diff \| blob \| blame \| history
doc/man1/openssl-cmp.pod.in		diff \| blob \| blame \| history
doc/man3/OSSL_CMP_CTX_new.pod		diff \| blob \| blame \| history
doc/man3/OSSL_CMP_exec_certreq.pod		diff \| blob \| blame \| history

A mirror of the official openssl repository

RSS Atom