projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 117476b) | patch
Make OCSP response verification more flexible.
authorDr. Stephen Henson <steve@openssl.org>
Sun, 22 Mar 2015 17:34:56 +0000 (17:34 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 24 Mar 2015 12:14:32 +0000 (12:14 +0000)
commitd635f4bb36ed65340f288822738f65e3c8d16af8
treee7e2e9586179106b3ae56d56b265a3d407f40685tree | snapshot
parent117476ba30f6afa3a634c2e2c4860d59fbe06572commit | diff
Make OCSP response verification more flexible.

If a set of certificates is supplied to OCSP_basic_verify use those in
addition to any present in the OCSP response as untrusted CAs when
verifying a certificate chain.

PR#3668

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 4ca5efc2874e094d6382b30416824eda6dde52fe)
crypto/ocsp/ocsp_vfy.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.