Author christian.heimes
Recipients asmodai, chet, christian.heimes, dsoprea, dstufft, jcea, joernheissler, maker, miki725, mmasztalerczuk, pitrou, underrun
Date 2017-09-06.21:42:30
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1504734150.25.0.969848477715.issue18233@psf.upfronthosting.co.za>
In-reply-to
Content
Yes, from an application perspective there is an import difference between X509_STORE_CTX_get1_chain() and SSL_get0_verified_chain(). X509_STORE_CTX is a temporary object. It is only available during the handshake and while the trust chain is built and verified. Once the chain is verified, it is no longer available.

SSL_get0_verified_chain() sounds like an actual good solution. Thanks for pointing it out.
History
Date User Action Args
2017-09-06 21:42:30christian.heimessetrecipients: + christian.heimes, jcea, pitrou, asmodai, maker, underrun, dstufft, dsoprea, miki725, mmasztalerczuk, chet, joernheissler
2017-09-06 21:42:30christian.heimessetmessageid: <1504734150.25.0.969848477715.issue18233@psf.upfronthosting.co.za>
2017-09-06 21:42:30christian.heimeslinkissue18233 messages
2017-09-06 21:42:30christian.heimescreate