Hi, Good point, I'll look into that. Also, thanks for the reminder, that HOWTO needs a rewrite, badly.
Cheers Richard On Fri Jul 22 15:51:16 2016, msa...@nikhef.nl wrote: > Hi, > > unless I didn't look careful enough I think we might still be missing > the current_cert (and current_issuer) from the X509_STORE_CTX, as > advertised in > https://github.com/openssl/openssl/blob/master/doc/HOWTO/proxy_certificates.txt#L204 > and used in e.g. > https://github.com/italiangrid/voms/blob/master/src/sslutils/sslutils.c > and many other places for verifying the proxy chain or is there a > better/other solution for that? > > Best wishes, > Mischa > > On Fri, Jul 22, 2016 at 03:26:26PM +0000, Richard Levitte via RT > wrote: > > In addition to github PR 1294, there's now also PR 1339 which adds > > the function to set the EXFLAG_PROXY flag on a given certificate. > > > > Also, PR 1295 has been updated. Instead of a function that returns a > > lock, there is now a lock and an unlock function. > > > > To me, it seems that that covers what's being asked for. Perhaps not > > exactly (the setters are for X509_STORE only), but should be > > workable. > > > > (writing this from my mobile, sorry for the lack of github links) > > > > -- > > Richard Levitte > > levi...@openssl.org > > -- > > Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4602 > > Please log in as guest with password guest if prompted > > > > -- > > To unsubscribe, send mail to 829272-unsubscr...@bugs.debian.org. -- Richard Levitte levi...@openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4602 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
