CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2015/01/22 02:06:39
Modified files:
lib/libssl/src/crypto/x509: x509_d2.c x509_vfy.h
lib/libcrypto/crypto: Makefile shlib_version
Added files:
lib/libssl/src/crypto/x509: by_mem.c
Log message:
Add X509_STORE_load_mem() to load certificates from a memory buffer
instead of disk. OpenSSL didn't provide a built-in API from loading
certificates in a chroot'ed process that doesn't have direct access to
the files. X509_STORE_load_mem() provides a new backend that will be
used by libssl and libtls to implement such privsep-friendly
functionality.
Adopted for LibreSSL based on older code from relayd (by pyr@ and myself)
With feedback and OK bluhm@
