mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-07 01:50:47 +02:00
1cdf37f321
- ProcessUserChain: enforce MAX_CHAIN_DEPTH after a cert is parsed, so a full-depth chain followed by trailing data still loads instead of failing with MAX_CHAIN_ERROR. - SendCertificateStatus: error on an over-long OCSP chain instead of silently truncating the stapled response; keep the chainOcspRequest[] index bound. - wc_PKCS7_DecodeAuthEnvelopedData: bounds-check the authTag tag read under NO_PKCS7_STREAM. - Tests: chain-depth test now pins the boundary (exactly MAX_CHAIN_DEPTH loads, one more rejected).
Before creating any new configure files (.conf) read the CONF_FILES_README.md