mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-01-29 18:22:11 +01:00
9733076fe0
* Fix with `WOLFSSL_ALT_CERT_CHAINS` to resolve issue with using a trusted intermediate to validate a partial chain. With the alt cert chain enabled a CA may fail with only `ASN_NO_SIGNER_E` and the connection is allowed if the peer's certificate validates to a trusted CA. Eliminates overly complex 1 deep error alternate chain detection logic. Resolves ZD 4525. * Refactor and cleanup of ProcessPeerPerts to combine duplicate code and improve code commenting. * Fix for CA path len check in `ParseCertRelative` to always check for self-signed case (was previously only in NO_SKID case). * Improvement to include self-signed flag in the DecodedCert struct.