projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e0584e9) | patch
Fix OCSP_basic_verify() cert chain construction in case bs->certs is NULL
authorDavid von Oheimb <David.von.Oheimb@siemens.com>
Wed, 16 Aug 2017 18:00:05 +0000 (14:00 -0400)
committerRich Salz <rsalz@openssl.org>
Wed, 16 Aug 2017 18:32:38 +0000 (14:32 -0400)
commit121738d1cbfffa704eef4073510f13b419e6f08d
tree20df0658cc657091fc6888e01872aaa5d0516b72tree | snapshot
parente0584e96c1b37edeec0222e28b9c37f97c6bbc02commit | diff
Fix OCSP_basic_verify() cert chain construction in case bs->certs is NULL

Now the certs arg is not any more neglected when building the signer cert chain.
Added case to test/recipes/80-test_ocsp.t proving fix for 3-level CA hierarchy.

See also http://rt.openssl.org/Ticket/Display.html?id=4620

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4124)
crypto/ocsp/ocsp_vfy.c diff | blob | history
test/ocsp-tests/ND1_Cross_Root.pem [new file with mode: 0644] blob
test/ocsp-tests/ND1_Issuer_ICA-Cross.pem [new file with mode: 0644] blob
test/recipes/80-test_ocsp.t diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.