Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssl/openssl-1.0.1/patches/33_cert_chain.patch
branchs11u2-sru12-backport
changeset 4641 9b43e26833bf
parent 4529 a1c54f9eb8de 
--- a/components/openssl/openssl-1.0.1/patches/33_cert_chain.patch	Tue Jun 30 10:45:07 2015 -0700
+++ b/components/openssl/openssl-1.0.1/patches/33_cert_chain.patch	Mon Jul 13 18:54:56 2015 -0700
@@ -61,10 +61,10 @@
 +
  int X509_verify_cert(X509_STORE_CTX *ctx)
  {
-     X509 *x, *xtmp, *chain_ss = NULL;
+     X509 *x, *xtmp, *xtmp2, *chain_ss = NULL;
 @@ -304,8 +331,17 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
- 
-     /* we now have our chain, lets check it... */
+         }
+     } while (retry);
  
 -    /* Is last certificate looked up self signed? */
 -    if (!ctx->check_issued(ctx, x, x)) {
@@ -185,8 +185,8 @@
 --- openssl/crypto/x509/x509_vfy.h    26 Sep 2012 13:50:42 -0000    1.67.2.3.4.1
 +++ openssl/crypto/x509/x509_vfy.h    14 Dec 2012 14:30:46 -0000    1.67.2.3.4.2
 @@ -406,6 +406,9 @@
- /* Check selfsigned CA signature */
- # define X509_V_FLAG_CHECK_SS_SIGNATURE          0x4000
+  */
+ # define X509_V_FLAG_NO_ALT_CHAINS               0x100000
  
 +/* Allow partial chains if at least one certificate is in trusted store */
 +# define X509_V_FLAG_PARTIAL_CHAIN               0x80000
upstream/oracle/userland-gate