How so? The test results https://testing.libreswan.org/ from the commit https://testing.libreswan.org/v3.27-603-g9bc2e4e7f-master/ and test run https://testing.libreswan.org/v3.27-603-g9bc2e4e7f-master/x509-pluto-05/OUTPUT/ show the test passing.
On Sat, 9 Nov 2019 at 16:43, Paul Wouters <[email protected]> wrote: > > > This commit: > > commit 9bc2e4e7f61ec5e4bfd303614974559ce389fbf4 > Author: Andrew Cagney <[email protected]> > Date: Sun Jan 13 16:17:09 2019 -0500 > > x509: eliminate VERIFY_RET* replacing verify_and_cache_chain() with > find_and_verify_certs() > > > > introduced this code: > > if (!pexpect(root_certs != NULL) || CERT_LIST_EMPTY(root_certs)) { > libreswan_log("No Certificate Authority in NSS Certificate > DB! Certificate payloads discarded."); > return NULL; > } > > This broke x509-pluto-05 that uses two selfsigned certs without CA. > > Paul > > _______________________________________________ > Swan-dev mailing list > [email protected] > https://lists.libreswan.org/mailman/listinfo/swan-dev _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
