We've fixed x509vfy.c patch. The problem was in two typos in recursion
calls. New version is attached.
Great! Now all the tests pass. Last thing I would like to understand is
what this patch is doing :) It seems like it changes the trusted
certificates processing a little bit:
- now xmlsec always looks at both trusted certs in the manager and in
the system;
- with this patch, xmlsec will not look at the system trusted certs
if there are trusted certs in manager.
Is this correct? Am I missing something else?
Yes, it seems to be correct.
Hm... Any particular reason for this? It seems to me that if you have
trusted certs then you need to use *all* of them. Plus I am a little
bit afraid that this might screw existing applications.
Aleksey
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
