[Pkg-openssl-devel] Bug#829272: Missing accessors
Mischa Salle
msalle at nikhef.nl
Fri Jul 22 15:45:25 UTC 2016
Hi,
unless I didn't look careful enough I think we might still be missing
the current_cert (and current_issuer) from the X509_STORE_CTX, as
advertised in
https://github.com/openssl/openssl/blob/master/doc/HOWTO/proxy_certificates.txt#L204
and used in e.g.
https://github.com/italiangrid/voms/blob/master/src/sslutils/sslutils.c
and many other places for verifying the proxy chain or is there a
better/other solution for that?
Best wishes,
Mischa
On Fri, Jul 22, 2016 at 03:26:26PM +0000, Richard Levitte via RT wrote:
> In addition to github PR 1294, there's now also PR 1339 which adds the function to set the EXFLAG_PROXY flag on a given certificate.
>
> Also, PR 1295 has been updated. Instead of a function that returns a lock, there is now a lock and an unlock function.
>
> To me, it seems that that covers what's being asked for. Perhaps not exactly (the setters are for X509_STORE only), but should be workable.
>
> (writing this from my mobile, sorry for the lack of github links)
>
> --
> Richard Levitte
> levitte at openssl.org
> --
> Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4602
> Please log in as guest with password guest if prompted
>
> --
> To unsubscribe, send mail to 829272-unsubscribe at bugs.debian.org.
--
Nikhef Room H155
Science Park 105 Tel. +31-20-592 5102
1098 XG Amsterdam Fax +31-20-592 5155
The Netherlands Email msalle at nikhef.nl
__ .. ... _._. .... ._ ... ._ ._.. ._.. .._..
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3382 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/attachments/20160722/82241b51/attachment.bin>
More information about the Pkg-openssl-devel
mailing list