[xmlsec] Re: GOST support in xmlsec

Dmitry Belyavsky beldmit at cryptocom.ru
Wed Feb 15 00:05:08 PST 2006


On Tue, 14 Feb 2006, Aleksey Sanin wrote:

> > We've fixed x509vfy.c patch. The problem was in two typos in recursion
> > calls. New version is attached.
> >
> OK, the patch is checked in but I had to modify it slightly. In order to
> keep existing behavior, I added a new flag to the MS Crypto store data
> that enables/disables system trusted certs (default value is "enabled").
> The new function xmlSecMSCryptoX509StoreEnableSystemTrustedCerts()
> should be called to change this behavior and get the functionality
> provided in the Dmitry's patch.

So what is the behaviour you have checked in? Whether xmlsec checks the
signer cert with both system storage and manually passed certs by
deafult or by default the library checks using trusted certs only?

Thank you!

SY, Dmitry Belyavsky (ICQ UIN 11116575)

More information about the xmlsec mailing list