New verify flag to return success if we have any certificate in the trusted

store instead of the default which is to return an error if we can't build the complete chain. [backport from HEAD]
2012-12-14 14:30:46 +00:00
parent 4e72220fd6
commit 9a1f59cd31
3 changed files with 13 additions and 0 deletions
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -2363,6 +2363,8 @@ int args_verify(char ***pargs, int *pargc,
 		flags |= X509_V_FLAG_CHECK_SS_SIGNATURE;
 	else if (!strcmp(arg, "-trusted_first"))
 		flags |= X509_V_FLAG_TRUSTED_FIRST;
+	else if (!strcmp(arg, "-partial_chain"))
+		flags |= X509_V_FLAG_PARTIAL_CHAIN;
 	else
 		return 0;