Context : we have a unit test that is using libCurl built with OpenSSL. We recently changed the SSL backend to WinSSL (SChannel), and one of our unit tests broke. The following is what the unit test is essentially doing, and what is wrong.
I expected that the order of the certificates would be the same when changing the backend. I suggest using the OpenSSL order, i.e. the peer certificate first as it is detailed in an RFC and this order has been in the code base for longer than SChannel.
File : lib/vtls/schannel.c
the method add_cert_to_certinfo should be modified. We could add to Adder_args the total number of certificates, and inside add_cert_to_certinfo instead of passing (args->idx)++, then pass total_certs -1 - (args->idx)++. Ok I admit this last one is hard to read, but the idea is "total - currentIndex".
[curl -V output]
Windows 10, version 1903.
The text was updated successfully, but these errors were encountered: