cURL / Mailing Lists / curl-library / Single Mail


Re: [PATCHES] CRL support and Issuer Check support patches

From: Arnaud Ebalard <>
Date: Mon, 09 Jun 2008 14:20:08 +0200


"Tor Arntsen" <> writes:

> On Fri, Jun 6, 2008 at 10:52 PM, Daniel Stenberg <> wrote:
>> On Mon, 2 Jun 2008, Arnaud Ebalard wrote:
>>> If everything is ok, next round will be against 7.18.2.
>> I've now applied your patches, modified for current CVS.
> It looks like this will only work for newer versions of OpenSSL, I'm
> not certain when the necessary functionality appeared in OpenSSL but
> at least it's not there in 0.9.6. It looks like
> 'X509_V_FLAG_CRL_CHECK' is the #define to look for to determine if the
> support is there. Possibly it would be enough to (to start with)
> #ifdef the patch in

You are correct. I just took a look at openssl CVSweb interface and the
flag was added to crypto/x509/x509_vfy.h 7 years ago ("2001-May-08
00:52"). This seems to require >= 0.9.7 (I downloaded 0.9.6h and 0.9.7,
it's in the second, not in the first).



  • application/pgp-signature attachment: stored
Received on 2008-06-09