On 07/29/2012 07:53 AM, Kurt Roeckx wrote: > On Thu, Sep 22, 2011 at 10:15:50AM +0200, Loïc Minier wrote: >> Just thought of another minor issue with the new c_rehash handling >> multiple certs in the same file: when a piece of software follows the >> hashed symlink, the certificate it's looking for might not be the first >> one. Is this verified to work with gnutls and openssl implementations? >> I wonder whether this could confuse some software in Debian that might >> be using the ssl API in a way that only the first certificate is tried. > > So I would like to drop the patch, but cacert.org.pem still > contains 2 cert files. > > Michael, could you please consider splitting that file?
I'll take a look at this. I don't recall the reason for combining those off the top of my head, but I'll work on this as soon as I can. Were you targeting the patch removal from openssl for Wheezy? -- Kind regards, Michael -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
