In article <> you wrote:
>[...]
> And the depth check is done via
> | if (depth >= SSLVerifyDepth) error...
>[...]
> My opinion is that the depth counting is ok startinbg from 0 and intuitive.
> But the check should be
> | if (depth > SSLVerifyDepth) error...
>[...]
> Votes for the ">=" to ">" change and to document the depth calculation this
> way?
Still no votes from the hacker community?
Seems like no one uses SSLVerifyDepth... ;-)
Please say "this is a bad change, because..." now or
I'll change it this way for 2.1b9/2.1.0.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]