generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Deprecate the -issuer_checks debugging option

Browse Source 
This was a developer debugging feature and was never a useful public
interface.

Added all missing X509 error codes to the verify(1) manpage, but
many still need a description beyond the associated text string.

Sorted the errors in x509_txt.c by error number.

Reviewed-by: Stephen Henson <steve@openssl.org>
This commit is contained in:
Viktor Dukhovni
2016-02-09 14:17:13 -05:00
parent 056be06b4d
commit d33def6624
12 changed files with 198 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
apps/opt.c
View File

@@ -557,7 +557,7 @@ int opt_verify(int opt, X509_VERIFY_PARAM *vpm)
X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_IGNORE_CRITICAL);
break;
case OPT_V_ISSUER_CHECKS:
X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_CB_ISSUER_CHECK);
/* NOP, deprecated */
break;
case OPT_V_CRL_CHECK:
X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_CRL_CHECK);