[Pkg-openssl-devel] Bug#829272: [openssl-dev] [openssl.org #4602] Missing accessors
Jan Just Keijser
janjust at nikhef.nl
Wed Jul 20 16:57:48 UTC 2016
Hi Richard,
On 20/07/16 17:14, Richard Levitte via RT wrote:
> On Mon Jul 11 11:34:35 2016, mattias.ellert at physics.uu.se wrote:
>> I guess having a more restrictive accessor that only sets the
>> EXFLAG_PROXY bit could work. I suggested the more general solution of
>> having set/clear accessors for arbitrary flags since it was - well
>> more
>> general.
> So let me ask this in a different manner, does OpenSSL 1.1 still not set the
> EXFLAG_PROXY flag correctly? In what situations does that happen? That may be
> worth a bug report of its own.
>
this ties into my earlier question and example of verifying proxy
certificates. What if I want to explicitly *set* the EXFLAG_PROXY for a
stack of certificates? how would I do that? how can I ensure that
OpenSSL 1.1 will automagically trigger this flag for me? Is there a
'get_*' function to determine which flags were set during certificate
verification?
thanks for any pointers or advice,
JJK / Jan Just Keijser
More information about the Pkg-openssl-devel
mailing list