On Wed, Sep 25, 2019 at 07:05:59PM +, Michael Wojcik wrote:
> Simon may correct me on this, and it may not be useful anyway; but if
> memory serves, it's currently being used to set the issuer on one invocation
> of the callback, so that on subsequent invocations for the same certificate
> the
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
> Viktor Dukhovni
>
> On Wed, Sep 25, 2019 at 11:22:26AM +, Simon Edwards wrote:
>
> > void X509_STORE_CTX_set0_current_issuer(X509_STORE_CTX *ctx, X509 *cert)
> > {
> >ctx->current_issuer = cert;
> > }
On Wed, Sep 25, 2019 at 11:22:26AM +, Simon Edwards wrote:
> void X509_STORE_CTX_set0_current_issuer(X509_STORE_CTX *ctx, X509 *cert)
> {
>ctx->current_issuer = cert;
> }
Can you provide a motivating use-case for this accessor? In
verification callbacks this lets you peek not o
Okay.
Thanks Matt, I didn't see that one in x509_vfy.c, I must look harder.
I will modify our own copy of OpenSSL1.1.1c to provide the missing functions
and open a PR on the master.
Simon Edwards
On 25/09/2019 12:31, Matt Caswell wrote:
On 25/09/2019 12:22, Simon Edwards wrote:
> void X5
On 25/09/2019 12:22, Simon Edwards wrote:
> void X509_STORE_CTX_set0_error(X509_STORE_CTX *ctx, int error) {
>
> ctx->error = error;
>
> }
This one already exists:
void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
{
ctx->error = err;
}
Other missing accessors cou