Please do not reply to this email- if you want to comment on the bug, go to the URL shown below and enter your comments there.
Changed by [EMAIL PROTECTED] http://bugzilla.ximian.com/show_bug.cgi?id=80557 --- shadow/80557 2007-01-29 10:21:28.000000000 -0500 +++ shadow/80557.tmp.26258 2007-05-10 11:17:59.000000000 -0400 @@ -61,6 +61,19 @@ certificate store. ------- Additional Comments From [EMAIL PROTECTED] 2007-01-29 10:21 ------- Created an attachment (id=18570) new Server.TlsClientCertificate patch. The previous patch handled the length field incorrectly + +------- Additional Comments From [EMAIL PROTECTED] 2007-05-10 11:17 ------- +The server side patch isn't correct. X509Chain is initialized with a +potentially empty chain. In this case the engine will use the (empty) +supplied chain and fail - unless the leaf is signed with a trusted +root (no intermediates). + +The solution I made is to have a dual path: if a chain is available +use it, otherwise let the engine build its own chain (from the +stores). However this won't work if a partial chain is used. + +I'll test the updated patch on my side and if it's still works +(chain-less) I'll attach it so you can test it on your side (chain). _______________________________________________ mono-bugs maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-bugs
