>When the porting-patch doesn't clutter too much original source code, it's
>always interested to incorporate it, of course. Post the patch and let us
>look at it.
This being the first open source project I've ever been interested in, I'm
not sure what format you the patch in, or if I just gzip the whole thing to
an FTP server, etc.. Maybe someone could send me private email to point me
in the right direction.
>> 4) Are there any plans to support chained certificates? This is an area
>> that I'm willing to contribute some time to, if there is interest (an
>> nobody has already done it).
>
>Sorry, I don't know what exactly you mean with "chained certificates".
>SSLeay/OpenSSL always supported certificate chains because that's how the
>X.509 certificate systems works.
I'm thinking about Netscape certificates or PKCS#7 certificates, which
contain not only the subject cert but also the signer cert and possibly
intermediate signer cert(s). In SSLeay 0.9.0, calling
SSL_CTX_use_certificate_ASN1() with a PKCS#7/NS cert chain results in an
error.
Maybe there's another way to do it by using the x509.h calls directly, but
certain aspects of the library are, shall we day, "lightly" documented.
cjh
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
CJ Holmes It is completely configurable -
StarNine you just can't change the settings.
Senior Software Engineer
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
