mirror of https://github.com/acidanthera/audk.git
68547181f3
Since OpenSSL 1.0.2 we can set this flag on the X509_STORE to instruct OpenSSL to accept non-self-signed certificates as trusted. So we don't need two entirely identical copies of a verify_cb() function which makes it ignore the resulting errors. We also *didn't* use that verify_cb() function for X509VerifyCert(), but probably should have done. So that can get X509_V_FLAG_PARTIAL_CHAIN for consistency, too. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Reviewed-by: Qin Long <qin.long@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18703 6f19259b-4bc3-4df7-8a09-765794883524 |
||
|---|---|---|
| .. | ||
| Application/Cryptest | ||
| CryptRuntimeDxe | ||
| Include | ||
| Library | ||
| .gitignore | ||
| Contributions.txt | ||
| CryptoPkg.dec | ||
| CryptoPkg.dsc | ||
| CryptoPkg.uni | ||
| CryptoPkgExtra.uni | ||
| License.txt | ||