On Wed, May 06, 2015 at 08:33:37PM +0300, Dmitry Belyavsky wrote:
> > > I would like to suggest a small patch providing the necessary check for
> > > RSA_METHOD_FLAG_NO_CHECK here.
> >
> > I am not convinced this change is correct. The function would then
> > not do what it is supposed to do. Th
Hello Victor,
On Wed, May 6, 2015 at 7:10 PM, Viktor Dukhovni
wrote:
> On Wed, May 06, 2015 at 05:58:31PM +0200, Dmitry Belyavsky via RT wrote:
>
> > It seems to me there is a bug in the SSL_CTX_check_private_key function.
> >
> > The function ignores RSA_METHOD_FLAG_NO_CHECK flag and always tri
On Wed, May 06, 2015 at 05:58:31PM +0200, Dmitry Belyavsky via RT wrote:
> It seems to me there is a bug in the SSL_CTX_check_private_key function.
>
> The function ignores RSA_METHOD_FLAG_NO_CHECK flag and always tries to
> check public/private key match.
I think that's deliberate and correct.
Hello Openssl team,
It seems to me there is a bug in the SSL_CTX_check_private_key function.
The function ignores RSA_METHOD_FLAG_NO_CHECK flag and always tries to
check public/private key match.
The only place in real code where this function is used is in
the set_cert_key_stuff function, just