curl / Mailing Lists / curl-library / Single Mail


Re: OCSP and intermediate certs, libressl workaround no longer needed

From: Daniel Stenberg <>
Date: Tue, 13 Jun 2017 12:11:28 +0200 (CEST)

On Tue, 13 Jun 2017, Stuart Henderson via curl-library wrote:

> lib/vtls/openssl.c has a workaround for a bug with OCSP responses
> signed by intermediate certs, this was fixed in LibreSSL in
> Would it be appropriate to adjust the #ifdef to avoid the workaround?

It looks fine to me. I take it you've tested this code with a new enough
libressl version and seen it working too?

Received on 2017-06-13