Message281237
When I was stepping through, this callback avoided all of those lookups, so I don't understand how it's being called too late?
This approach basically takes the entire raw certificate and lets the OS do whatever it needs. OpenSSL doesn't ever have to crack it open at all (or at least when it does, it can assume the whole chain is trusted).
What am I missing here? I've got no doubt I'm missing something, as OpenSSL is possibly the most complicated code I've ever seen :) |
|
Date |
User |
Action |
Args |
2016-11-20 00:44:42 | steve.dower | set | recipients:
+ steve.dower, christian.heimes, ned.deily |
2016-11-20 00:44:42 | steve.dower | set | messageid: <1479602682.63.0.483594270933.issue28747@psf.upfronthosting.co.za> |
2016-11-20 00:44:42 | steve.dower | link | issue28747 messages |
2016-11-20 00:44:42 | steve.dower | create | |
|