I'll look at it in a few days. Right now, I feel unsure about all the implications of such a change.
[EMAIL PROTECTED] - Fri Jul 11 21:14:39 2003]: > > OPENSSL VERSION: 0.9.6j > PLATFORM: all > SEVERITY: minor > > In x509_vfy.c:X509_verify_cert, there are some cases where an error > occurs and ctx->error is set, but the error isn't added to the error > stack (with X509err). The only cases where this happens are when the > verify callback is called (so that it can potentially handle or ignore > the error), but if the callback fails (returns 0), the error still isn't > added to the openssl error stack. It would be nice to get the error > info (file, line number, etc.) from that error, by calling > X509err(X509_F_ERR_VERIFY_CERT, ctx->error) if the callback fails. > > > -- Richard Levitte [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]