[Pkg-openssl-devel] Bug#829272: [openssl-dev] [openssl.org #4602] Missing accessors

Jan Just Keijser janjust at nikhef.nl
Wed Jul 20 16:57:48 UTC 2016


Hi Richard,

On 20/07/16 17:14, Richard Levitte via RT wrote:
> On Mon Jul 11 11:34:35 2016, mattias.ellert at physics.uu.se wrote:
>> I guess having a more restrictive accessor that only sets the
>> EXFLAG_PROXY bit could work. I suggested the more general solution of
>> having set/clear accessors for arbitrary flags since it was - well
>> more
>> general.
> So let me ask this in a different manner, does OpenSSL 1.1 still not set the
> EXFLAG_PROXY flag correctly? In what situations does that happen? That may be
> worth a bug report of its own.
>
this ties into my earlier question and example of verifying proxy 
certificates. What if I want to explicitly *set* the EXFLAG_PROXY for a 
stack of certificates? how would I do that? how can I ensure that 
OpenSSL 1.1 will automagically trigger this flag for me? Is there a 
'get_*' function to determine which flags were set during certificate 
verification?

thanks for any pointers or advice,

JJK / Jan Just Keijser



More information about the Pkg-openssl-devel mailing list