comparison finch/libgnt/test/parse.c @ 31401:27c56e6b5fa6

Our certificate code is generally designed around no two CA certificates having the same DN. Unfortunately this breaks when have multiple distinct intermediate certificates with the same DN, such as when we want to validate against MSN intermediate CAs. This change allows us to verify against any one of multiple CA certificates with the same DN, instead of relying on a) luck from reading from disk in the "right" order or b) black magic from NSS reconstructing a valid chain on connection attempts after CA pool initialization is complete.
author Stu Tomlinson <stu@nosnilmot.com>
date Tue, 23 Nov 2010 01:56:12 +0000
parents 5f204f55af09
children
comparison
equal deleted inserted replaced
31400:43af903bd816 31401:27c56e6b5fa6