git.ipfire.org Git - thirdparty/openssl.git/commit

]> git.ipfire.org Git - thirdparty/openssl.git/commit

projects / thirdparty / openssl.git / commit

author	Dr. Stephen Henson <steve@openssl.org>
	Sun, 22 Mar 2015 17:34:56 +0000 (17:34 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Tue, 24 Mar 2015 12:12:49 +0000 (12:12 +0000)
commit	4ca5efc2874e094d6382b30416824eda6dde52fe
tree	4aaae06a4d179aa6d9328f801eacbdffd859caeb	tree \| snapshot
parent	86d20cb6fd3267a603a3e4ec549ef1113c13a374	commit \| diff

Make OCSP response verification more flexible.

If a set of certificates is supplied to OCSP_basic_verify use those in
addition to any present in the OCSP response as untrusted CAs when
verifying a certificate chain.

PR#3668

Reviewed-by: Matt Caswell <matt@openssl.org>

crypto/ocsp/ocsp_vfy.c

diff | blob | blame | history

A mirror of the official openssl repository

RSS Atom