Ben Kaduk:
Do we know the values that are being passed to SSL_CTX_set_Verify_depth() match
the -verify_depth argument, or do they differ?
If they differ, do identical arguments to the function behave the same in 1.1.0
and 1.0.2?
Viktor:
What we’re getting at here, is that this appears to be a
> On Apr 3, 2017, at 4:26 PM, Benjamin Kaduk wrote:
>
> There was a fair amount of churn in x509_vfy.c with the inclusion
> of the DANE stuff and whatnot, so it's not immediately clear to me
> when this change actually happened. I think there are good
> arguments for the
Hi all,
We noticed that the depth limit check seems to behave differently
between 1.0.2 and 1.1.0.
In particular, with a (1.1.0)
openssl/test$ ../util/shlib_wrap.sh ../apps/openssl s_server -port 8080
-cert certs/ee-cert.pem -certform PEM -key certs/ee-key.pem -keyform PEM
-no-CApath -CAfile