From f525bc4ca5d1ba59eeee4beb070687c8a7d0c0bb Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Thu, 30 Sep 2021 18:26:16 +0000
Subject: Enable X509_V_FLAG_TRUSTED_FIRST by default in the legacy verifier.

In order to work around the expired DST Root CA X3 certficiate, enable
X509_V_FLAG_TRUSTED_FIRST in the legacy verifier. This means that the
default chain provided by Let's Encrypt will stop at the ISRG Root X1
intermediate, rather than following the DST Root CA X3 intermediate.

Note that the new verifier does not suffer from this issue, so only a
small number of things will hit this code path.

ok millert@ robert@ tb@

this is errata 6.8/032_cert.patch
---
 src/lib/libcrypto/x509/x509_vpm.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/lib/libcrypto/x509/x509_vpm.c b/src/lib/libcrypto/x509/x509_vpm.c
index d4715228dc..5306fb8a54 100644
--- a/src/lib/libcrypto/x509/x509_vpm.c
+++ b/src/lib/libcrypto/x509/x509_vpm.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vpm.c,v 1.22.4.1 2021/02/03 07:06:13 tb Exp $ */
+/* $OpenBSD: x509_vpm.c,v 1.22.4.2 2021/09/30 18:26:16 deraadt Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2004.
  */
@@ -596,6 +596,7 @@ static const X509_VERIFY_PARAM_ID _empty_id = { NULL };
 static const X509_VERIFY_PARAM default_table[] = {
 	{
 		.name = "default",
+		.flags = X509_V_FLAG_TRUSTED_FIRST,
 		.depth = 100,
 		.trust = 0,  /* XXX This is not the default trust value */
 		.id = vpm_empty_id
-- 
cgit v1.2.3-55-g6feb