git.librecmc.org Git - oweals/openssl.git/commit

author	David von Oheimb <David.von.Oheimb@siemens.com>
	Wed, 16 Aug 2017 18:00:05 +0000 (14:00 -0400)
committer	Rich Salz <rsalz@openssl.org>
	Wed, 16 Aug 2017 18:36:48 +0000 (14:36 -0400)
commit	bfb10f970f792bf4a13fc6244b8752e70589b9c6
tree	1b9ef7757bd0d51b72c0070a1fdf65a3570661f3	tree \| snapshot
parent	e7f235768d0c218657d06db625478dbdf4e1290f	commit \| diff

Fix OCSP_basic_verify() cert chain construction in case bs->certs is NULL

Now the certs arg is not any more neglected when building the signer cert chain.
Added case to test/recipes/80-test_ocsp.t proving fix for 3-level CA hierarchy.

See also http://rt.openssl.org/Ticket/Display.html?id=4620

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4124)

(cherry picked from commit 121738d1cbfffa704eef4073510f13b419e6f08d)

crypto/ocsp/ocsp_vfy.c		diff \| blob \| history
test/ocsp-tests/ND1_Cross_Root.pem	[new file with mode: 0644]	blob
test/ocsp-tests/ND1_Issuer_ICA-Cross.pem	[new file with mode: 0644]	blob
test/recipes/80-test_ocsp.t		diff \| blob \| history