Correct SSL_get_peer_cert_chain() when used with the TLSv1.3 stack. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2021-12-26 14:59:52 +0000
committer	jsing <>	2021-12-26 14:59:52 +0000
commit	4d9688185fced2e3bb90ecfac76d461ac4ba4f87 (patch)
tree	847bedf50fa08fd5c412462be452878d1906bb4e /src/lib/libcrypto/rsa/rsa_gen.c
parent	f3991a23718fe2fc0de808e49e6ccb3bb5c65a9c (diff)
download	openbsd-4d9688185fced2e3bb90ecfac76d461ac4ba4f87.tar.gz openbsd-4d9688185fced2e3bb90ecfac76d461ac4ba4f87.tar.bz2 openbsd-4d9688185fced2e3bb90ecfac76d461ac4ba4f87.zip

Correct SSL_get_peer_cert_chain() when used with the TLSv1.3 stack.

Due to a wonderful API inconsistency, a client includes the peer's leaf certificate in the stored certificate chain, while a server does not. Found due to a haproxy test failure reported by Ilya Shipitsin. ok tb@

Diffstat (limited to 'src/lib/libcrypto/rsa/rsa_gen.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: