diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2006-09-21 12:42:15 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2006-09-21 12:42:15 +0000 |
commit | 010fa0b33169cfc9179bda29c34c05af80f78e27 (patch) | |
tree | caa4ce10ab61977cce2363a0fcdb32514caba7db /CHANGES | |
parent | 4ca7d975af7581473a587a59b9f8e39a69247dc0 (diff) |
Tidy up CRL handling by checking for critical extensions when it is
loaded. Add new function X509_CRL_get0_by_serial() to lookup a revoked
entry to avoid the need to access the structure directly.
Add new X509_CRL_METHOD to allow common CRL operations (verify, lookup) to be
redirected.
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -4,6 +4,12 @@ Changes between 0.9.8d and 0.9.9 [xx XXX xxxx] + *) Add an X509_CRL_METHOD structure to allow CRL processing to be redirected + to external functions. This can be used to increase CRL handling + efficiency especially when CRLs are very large by (for example) storing + the CRL revoked certificates in a database. + [Steve Henson] + *) Overhaul of by_dir code. Add support for dynamic loading of CRLs so new CRLs added to a directory can be used. New command line option -verify_return_error to s_client and s_server. This causes real errors |