Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
We don't need the decoded X.509 Full(0) certificate for the EE usages 1 and 3, because the leaf certificate is always part of the presented chain, so the certificate is only validated as well-formed, and then discarded, but the TLSA record is of course still used after the validation step. Added DANE test cases for: 3 0 0, 3 1 0, 1 0 0, and 1 1 0 Reported by Claus Assmann. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from #22821) (cherry picked from commit f636e7e)
- Loading branch information