Some dude named Tavis Ormandy reported a bug which has gone unfixed. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tedu <>	2014-04-18 15:03:20 +0000
committer	tedu <>	2014-04-18 15:03:20 +0000
commit	a5f0f1ea9ba11e04b25ddc912b591e1916a6610c (patch)
tree	72378c252e3573a08e5cdf77a046b709ae6a57b8 /src/lib/libcrypto/uid.c
parent	1c9078e645c831ab23c4e86eab52204af91e7461 (diff)
download	openbsd-a5f0f1ea9ba11e04b25ddc912b591e1916a6610c.tar.gz openbsd-a5f0f1ea9ba11e04b25ddc912b591e1916a6610c.tar.bz2 openbsd-a5f0f1ea9ba11e04b25ddc912b591e1916a6610c.zip

Some dude named Tavis Ormandy reported a bug which has gone unfixed.

http://marc.info/?l=openssl-users&m=138014120223264&w=2 Arguably a doc bug, but we argue not. If you parse a new cert into memory occupied by a previously verified cert, the new cert will inherit that state, bypassing future verification checks. To avoid this, we will always start fresh with a new object. grudging ok from guenther, after i threatened to make him read the code yet again. "that ok was way more painful and tiring then it should have been"

Diffstat (limited to 'src/lib/libcrypto/uid.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: