On 02/01/2016 02:32 PM, openssl-dev@openssl.org via RT wrote: > Please be more explicit about what errors you feel were not reported.
One specific error mentioned during the previous discussion was "expired certificate". This was ~four years ago, so my recollection may be faulty, but I believe that was _not_ the only hidden error. Back then, Stephen Henson semi-confirmed that some errors were hidden [because they were considered meaningless], so I hope we did not misdiagnose the issue. I do not know whether the code has changed since then. If you have not seen the previous discussion, you can see it at [1] but there is probably a better/RT-specific place for that (which I do not have access to). [1] http://openssl.6102.n7.nabble.com/openssl-org-2768-Bug-internal-verify-hides-errors-from-callbacks-after-X509-V-ERR-UNABLE-TO-VERIFY-LE-td34778.html HTH, Alex. _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev