git.ipfire.org Git - thirdparty/freeradius-server.git/commit

]> git.ipfire.org Git - thirdparty/freeradius-server.git/commit

projects / thirdparty / freeradius-server.git / commit

author	Nick Porter <nick@portercomputing.co.uk>
	Thu, 5 Dec 2024 13:06:51 +0000 (13:06 +0000)
committer	Nick Porter <nick@portercomputing.co.uk>
	Thu, 5 Dec 2024 13:19:08 +0000 (13:19 +0000)
commit	1eb61bce49ddc4e8fc02adc7a5aa5bbd466718c1
tree	18f3b1ad3b4198c90954e0713f2aa32ac15eb479	tree \| snapshot
parent	59b54a07caee6d506220764a0de0b7d41ab2b5bc	commit \| diff

Correct handling of "untrusted" certs

OpenSSL calls all certificates presented by a client that aren't in the
local trust store "untrusted".

Therefore when verifying a client certificate, that will always be
untrusted - so we only have untrusted CAs in the chain if there is more
than one untrusted certificate.

src/main/tls.c

diff | blob | blame | history

Mirror of https://github.com/FreeRADIUS/freeradius-server.git

RSS Atom