Open Fethbita opened 5 months ago
If you dont mind me asking, how would you use the X509_STORE_CTX_set_verify_cb
in a potential solution to this problem?
@tzippy84 As I explained in the https://github.com/sfackler/rust-openssl/issues/2220 issue, with this callback function we can check the error that is passed, and if it is X509_V_ERR_EC_KEY_EXPLICIT_PARAMS
then we can return false. That would make the x509_vfy.c#172 check invalid (it would not return) and the code would continue running.
Master List verification fails during master list parsing with the following error:
This error is caused by openssl and there are issues for this created in
openssl
GitHub: https://github.com/openssl/openssl/issues/9286 https://github.com/openssl/openssl/issues/20117 https://github.com/openssl/openssl/issues/20119 however it seems that there won't be an solution implemented anytime soon. The solution that can be currently implemented is to use theX509_STORE_CTX_set_verify_cb
function, however that one is not exposed by rust-openssl. An issue for exposing this function is created inrust-openssl
GitHub: https://github.com/sfackler/rust-openssl/issues/2220.