Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.
I looked at the patch and it's starting to become even more complicated. I really want to find the simplest solution for code maintainability purposes. This is especially import as 1.02 OpenSSL has very limited lifetime. So, I re-read the comments and one struck me that now does not make sense. The supposition here is that SSL_CTX_set1_cert_store() is used for all version of OpenSSL (i.e. the note was that it only exists for 1.1.1 and above) and that is true. But that is why that call is replaced by two equivalent calls SSL_CTX_set1_verify_cert_store() and SSL_CTX_set1_chain_cert_store() when dealing with older versions. So it should not matter if we are dealing with 1.0.1 or any version above it. Please see
https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_set1_verify_cert_store.html
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1