#3903: Rework OpenSSL certificate verification to support alternative chains
--------------------------+----------------------
Reporter: kempniu | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: crypto | Version:
Resolution: | Keywords:
--------------------------+----------------------
Comment (by kevin8t8):
Note that for OpenSSL 1.1, the X509_STORE_CTX is opaque. I grabbed the
length of the cert chain using
{{{
chain_len = sk_X509_num (X509_STORE_CTX_get0_chain (ctx));
}}}
and passed that to interactive_cert_check() instead.
A few simple tests worked fine for me. Overall, I like the patch and
appreciate the simplification.
--
Ticket URL: <https://dev.mutt.org/trac/ticket/3903#comment:4>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
