subject:"\[Openvpn\-devel\] \[PATCH\] Disable certificate notBefore\/notAfter sanity check on OpenSSL

Re: [Openvpn-devel] [PATCH] Disable certificate notBefore/notAfter sanity check on OpenSSL < 1.0.2

2015-12-15 Thread Steffan Karger

Hi, On Tue, Dec 15, 2015 at 6:24 PM, Jan Just Keijser wrote: > ah well, in that case I would simply write out get0_certificate again: the > code for that function actually is: > > 3011 X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx) > 3012 { > 3013 if (ctx->cert !=

Re: [Openvpn-devel] [PATCH] Disable certificate notBefore/notAfter sanity check on OpenSSL < 1.0.2

2015-12-15 Thread Jan Just Keijser

Hi, On 15/12/15 13:21, Steffan Karger wrote: The SSL_CTX_get0_certificate() function I used in 091edd8e is available in OpenSSL 1.0.2+ only. Older versions seem to not have a useful alternative. The remaining option would then be to create a cache for our parsed certificate, but that would

Re: [Openvpn-devel] [PATCH] Disable certificate notBefore/notAfter sanity check on OpenSSL < 1.0.2

2015-12-15 Thread Jan Just Keijser

Hi, On 15/12/15 10:12, Steffan Karger wrote: Hi, On Tue, Dec 15, 2015 at 9:42 AM, Jan Just Keijser wrote: On 14/12/15 23:14, Steffan Karger wrote: The SSL_CTX_get0_certificate() function I used in 091edd8e is available in OpenSSL 1.0.2+ only. Older versions seem to not

Re: [Openvpn-devel] [PATCH] Disable certificate notBefore/notAfter sanity check on OpenSSL < 1.0.2

2015-12-15 Thread Steffan Karger

Hi, On Tue, Dec 15, 2015 at 9:42 AM, Jan Just Keijser wrote: > On 14/12/15 23:14, Steffan Karger wrote: >> The SSL_CTX_get0_certificate() function I used in 091edd8e is available in >> OpenSSL 1.0.2+ only. Older versions seem to not have a useful >> alternative. >> The

Re: [Openvpn-devel] [PATCH] Disable certificate notBefore/notAfter sanity check on OpenSSL < 1.0.2

2015-12-15 Thread Jan Just Keijser

Hi, On 14/12/15 23:14, Steffan Karger wrote: The SSL_CTX_get0_certificate() function I used in 091edd8e is available in OpenSSL 1.0.2+ only. Older versions seem to not have a useful alternative. The remaining option would then be to create a cache for our parsed certificate, but that would

[Openvpn-devel] [PATCH] Disable certificate notBefore/notAfter sanity check on OpenSSL < 1.0.2

2015-12-14 Thread Steffan Karger

The SSL_CTX_get0_certificate() function I used in 091edd8e is available in OpenSSL 1.0.2+ only. Older versions seem to not have a useful alternative. The remaining option would then be to create a cache for our parsed certificate, but that would mean adding more struct members and code for the

Re: [Openvpn-devel] [PATCH] Disable certificate notBefore/notAfter sanity check on OpenSSL < 1.0.2

Re: [Openvpn-devel] [PATCH] Disable certificate notBefore/notAfter sanity check on OpenSSL < 1.0.2

Re: [Openvpn-devel] [PATCH] Disable certificate notBefore/notAfter sanity check on OpenSSL < 1.0.2

Re: [Openvpn-devel] [PATCH] Disable certificate notBefore/notAfter sanity check on OpenSSL < 1.0.2

Re: [Openvpn-devel] [PATCH] Disable certificate notBefore/notAfter sanity check on OpenSSL < 1.0.2

[Openvpn-devel] [PATCH] Disable certificate notBefore/notAfter sanity check on OpenSSL < 1.0.2

6 matches

Site Navigation

Mail list logo

Footer information