On 06/10/2013 03:16 PM, Amos Jeffries wrote: > On 8/06/2013 4:20 a.m., Tsantilas Christos wrote: >> This patch modify squid cert validation subsystem to sent to cert >> validator helper the complete certificates chain, not only the >> certificates sent by web server. This is may not be possible in all >> cases, for example in cases where the root certificate is not stored >> locally. >> >> This is a Measurement Factory project >> > > in globals.h: > * please do not add any new entries in globals.h - we are trying to > remove things from there.
I am suggesting to leave it here for this patch, and then with a separate patch remove all similar entries from global.h to ssl/support.h file (or the opposite, move from global.h similar entries and then apply this patch) > > * can you please also use the wrapper types provided in > src/ssl/gadgets.h. ie X509_STACK_Pointer for things like STACK_OF(X509) > and avoiding use of raw pointers to OpenSSL internal types? Amos, it will not help anywhere, and also my sense is that it will make the code worst ... > > Amos >
