On 06/10/2013 03:16 PM, Amos Jeffries wrote:
> On 8/06/2013 4:20 a.m., Tsantilas Christos wrote:
>> This patch modify squid cert validation subsystem to sent to cert
>> validator helper the complete certificates chain, not only the
>> certificates sent by web server. This is may not be possible in all
>> cases, for example in cases where the root certificate is not stored
>> locally.
>>
>> This is a Measurement Factory project
>>
>
> in globals.h:
> * please do not add any new entries in globals.h - we are trying to
> remove things from there.
I am suggesting to leave it here for this patch, and then with a
separate patch remove all similar entries from global.h to ssl/support.h
file (or the opposite, move from global.h similar entries and then apply
this patch)
>
> * can you please also use the wrapper types provided in
> src/ssl/gadgets.h. ie X509_STACK_Pointer for things like STACK_OF(X509)
> and avoiding use of raw pointers to OpenSSL internal types?
Amos, it will not help anywhere, and also my sense is that it will make
the code worst ...
>
> Amos
>
Received on Mon Jun 10 2013 - 16:31:43 MDT
This archive was generated by hypermail 2.2.0 : Tue Jun 18 2013 - 12:00:08 MDT