> Well in the short term some kind of evil hack will be needed by an > application. This would involve messing around with the internals of the > X509_STORE and normally you shouldn't go near those. However in this case you > haven't got any choice. > > In outline you'd create an X509_OBJECT for each cert and manually sk_push() > each onto the X509_STORE internal STACK. Then they will just be added and no > sorting will take place. The first lookup will sort them anyway. > > A better solution medium term would be to fix the X509_STORE_add_cert() so it > doesn't re-sort on each call. It should be possible to add a new stack > function that can efficiently add a new member to an already sorted STACK by > quickly finding where it should go. > > Longer term X509_STORE et al wants junking entirely and something nicer put in > its place: its horribly broken.
Well... do what you need to do. I'm going with the evil short-term hack cause the alternative is our user base sitting their twiddling their thumbs looking up the number of the sales guy that sold them crappy app that hangs for 10 minutes :-) cj ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
