git.ipfire.org Git - thirdparty/openssl.git/commit

author	Christian Heimes <christian@python.org>
	Tue, 30 Mar 2021 10:02:42 +0000 (12:02 +0200)
committer	Pauli <pauli@openssl.org>
	Thu, 8 Apr 2021 22:32:38 +0000 (08:32 +1000)
commit	dfccfde06562ac87fe5e5f9401ba86cad050d9a2
tree	3290e4012045649bc3b4d26b745d8ff7e42fcc92	tree \| snapshot
parent	6d9e045ef724df0ddc8c8f66dcfdff4f8ba0bc03	commit \| diff

Inherit hostflags verify params even without hosts

X509_VERIFY_PARAM_inherit() now copies hostflags independently of hosts.

Previously hostflags were only copied when at least one host was set.
Typically applications don't configure hosts on SSL_CTX. The change
enables applications to configure hostflags on SSL_CTX and have OpenSSL
copy the flags from SSL_CTX to SSL.

Fixes: https://github.com/openssl/openssl/issues/14579
Signed-off-by: Christian Heimes <christian@python.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14743)

crypto/x509/x509_vpm.c		diff \| blob \| blame \| history
test/sslapitest.c		diff \| blob \| blame \| history