Hi Stephen, > > [EMAIL PROTECTED] - Thu Nov 06 09:19:52 2008]: > > > > Why not increase the default, say, to 100 instead, as Globus did? > > > > > > What did they actually change? > > Changing the line: > > 9, /* depth */ > > in x509_vpm.c should do the trick. Can you confirm this works?
Globus calls SSL_CTX_set_verify_depth() with a value of 100: http://viewcvs.globus.org/viewcvs.cgi/gsi/callback/source/library/globus_gsi_callback_constants.h?r1=1.7&r2=1.8 So, if that call exactly overrides the value 9 in x509_vpm.c, then setting it to 100 would be equivalent to the Globus fix. I hope the hardcoded depth does not appear in more places? Thanks, Maarten ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]