Dr. Stephen Henson d635f4bb36 Make OCSP response verification more flexible.
If a set of certificates is supplied to OCSP_basic_verify use those in
addition to any present in the OCSP response as untrusted CAs when
verifying a certificate chain.

PR#3668

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 4ca5efc2874e094d6382b30416824eda6dde52fe)
2015-03-24 12:14:32 +00:00
..
2014-01-06 13:33:27 +00:00
2015-01-22 09:38:39 +00:00