mirror of
https://github.com/openssl/openssl.git
synced 2024-12-18 22:43:41 +08:00
f75b34c8c8
Since with SSL_VERIFY_NONE, the connection may continue and the session may even be cached, we should save some evidence that the chain was not sufficiently verified and would have been rejected with SSL_VERIFY_PEER. To that end when a CT callback returs failure we set the verify result to X509_V_ERR_NO_VALID_SCTS. Note: We only run the CT callback in the first place if the verify result is still X509_V_OK prior to start of the callback. RT #4502 Reviewed-by: Tim Hudson <tjh@openssl.org> |
||
---|---|---|
.. | ||
apps | ||
crypto | ||
HOWTO | ||
ssl | ||
dir-locals.example.el | ||
fingerprints.txt | ||
openssl-c-indent.el | ||
README |
README This file fingerprints.txt PGP fingerprints of authoried release signers standards.txt Moved to the web, https://www.openssl.org/docs/standards.html HOWTO/ A few how-to documents; not necessarily up-to-date apps/ The openssl command-line tools; start with openssl.pod ssl/ The SSL library; start with ssl.pod crypto/ The cryptographic library; start with crypto.pod Formatted versions of the manpages (apps,ssl,crypto) can be found at https://www.openssl.org/docs/manpages.html