Sorry, that's: x509_vfy.c:234. I added some debug statements and I can't type.
:)
Roughly, this loop:
/* We now lookup certs from the certificate store */
for (;;)
{
/* If we have enough, we break */
if (depth < num) break;
I have a set of cross certified CAs feeding a wireless Access Point and
supplicant. This structure will look a bit strange but that is by design
(testing). I have four CAs: CAa, CAb, CAc, and CAd.
My structure is:
CAd --> supplicant
|
|--> CAa -> CAb --> hostapd
> From: owner-openssl-...@openssl.org On Behalf Of sandeep kiran p
> Sent: Sunday, 05 December, 2010 06:01
Aside: this isn't a -dev question, -users would have been better.
> Did iis.cer get generated properly?
No, see below.
> On Fri, Dec 3, 2010 at 8:59 AM, Sudershan
On Mon, Dec 06, 2010, Jean-Marc Desperrier wrote:
> OpenSSL wrote:
>> OpenSSL Ciphersuite Downgrade Attack
>> =
>>
>> A flaw has been found in the OpenSSL SSL/TLS server code where an old bug
>> workaround allows malicous clients to modify the stored session cac
OpenSSL wrote:
OpenSSL Ciphersuite Downgrade Attack
=
A flaw has been found in the OpenSSL SSL/TLS server code where an old bug
workaround allows malicous clients to modify the stored session cache
ciphersuite. In some cases the ciphersuite can be downgraded t
