diff options
author | Reyk Floeter <reyk@cvs.openbsd.org> | 2015-01-22 09:12:58 +0000 |
---|---|---|
committer | Reyk Floeter <reyk@cvs.openbsd.org> | 2015-01-22 09:12:58 +0000 |
commit | f266595e8e39b262d34c368300f37fa3d65c2056 (patch) | |
tree | 2693293827513618b855f05d097654f5b18332a0 /distrib | |
parent | 95262274638215e40e3818f633d4cccb72b1c62a (diff) |
Support CA verification in chroot'ed processes without direct file
access to the certificates. SSL_CTX_load_verify_mem() is a frontend
to the new X509_STORE_load_mem() function that allows to load the CA
chain from a memory buffer that is holding the PEM-encoded files.
This function allows to handle the verification in privsep'ed code.
Adopted for LibreSSL based on older code from relayd (by pyr@ and myself)
With feedback and OK bluhm@
Diffstat (limited to 'distrib')
0 files changed, 0 insertions, 0 deletions