equal
deleted
inserted
replaced
59 + } |
59 + } |
60 + |
60 + |
61 + |
61 + |
62 int X509_verify_cert(X509_STORE_CTX *ctx) |
62 int X509_verify_cert(X509_STORE_CTX *ctx) |
63 { |
63 { |
64 X509 *x, *xtmp, *chain_ss = NULL; |
64 X509 *x, *xtmp, *xtmp2, *chain_ss = NULL; |
65 @@ -304,8 +331,17 @@ int X509_verify_cert(X509_STORE_CTX *ctx) |
65 @@ -304,8 +331,17 @@ int X509_verify_cert(X509_STORE_CTX *ctx) |
66 |
66 } |
67 /* we now have our chain, lets check it... */ |
67 } while (retry); |
68 |
68 |
69 - /* Is last certificate looked up self signed? */ |
69 - /* Is last certificate looked up self signed? */ |
70 - if (!ctx->check_issued(ctx, x, x)) { |
70 - if (!ctx->check_issued(ctx, x, x)) { |
71 + i = check_trust(ctx); |
71 + i = check_trust(ctx); |
72 + |
72 + |
182 Index: openssl/crypto/x509/x509_vfy.h |
182 Index: openssl/crypto/x509/x509_vfy.h |
183 ============================================================================ |
183 ============================================================================ |
184 $ cvs diff -u -r1.67.2.3.4.1 -r1.67.2.3.4.2 x509_vfy.h |
184 $ cvs diff -u -r1.67.2.3.4.1 -r1.67.2.3.4.2 x509_vfy.h |
185 --- openssl/crypto/x509/x509_vfy.h 26 Sep 2012 13:50:42 -0000 1.67.2.3.4.1 |
185 --- openssl/crypto/x509/x509_vfy.h 26 Sep 2012 13:50:42 -0000 1.67.2.3.4.1 |
186 +++ openssl/crypto/x509/x509_vfy.h 14 Dec 2012 14:30:46 -0000 1.67.2.3.4.2 |
186 +++ openssl/crypto/x509/x509_vfy.h 14 Dec 2012 14:30:46 -0000 1.67.2.3.4.2 |
187 @@ -406,6 +406,9 @@ |
187 @@ -412,6 +412,9 @@ |
188 /* Check selfsigned CA signature */ |
188 */ |
189 # define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000 |
189 # define X509_V_FLAG_NO_ALT_CHAINS 0x100000 |
190 |
190 |
191 +/* Allow partial chains if at least one certificate is in trusted store */ |
191 +/* Allow partial chains if at least one certificate is in trusted store */ |
192 +# define X509_V_FLAG_PARTIAL_CHAIN 0x80000 |
192 +# define X509_V_FLAG_PARTIAL_CHAIN 0x80000 |
193 + |
193 + |
194 # define X509_VP_FLAG_DEFAULT 0x1 |
194 # define X509_VP_FLAG_DEFAULT 0x1 |