The attached patch has been diff'd against the 0.9.7c branch of code, and adds an extra check in the function X509_check_issued(). The check is only performed if the supplied Subject Cert is a self-signed certificate, in which case it checks that the supplied Issuer Cert is exactly the same.
This allows the function to return correct results in a situation where someone has multiple self-signed certificates with the same Subject DN. It also copes if they have the same Serial Number as well. - DR ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
