diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-12-06 18:43:40 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-12-06 18:43:40 +0000 |
commit | 0090a686c0620e5f7d72aef2e74f4a0e01c53e3e (patch) | |
tree | 9005122bc807212e4ab9ca0956aebc4a74cf3a7a /apps/verify.c | |
parent | f5a7d5b164aba946ae144fb73fa2e226c26c700d (diff) |
Add code to download CRLs based on CRLDP extension.
Just a sample, real world applications would have to be cleverer.
Diffstat (limited to 'apps/verify.c')
-rw-r--r-- | apps/verify.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/apps/verify.c b/apps/verify.c index 8f897cf485..bcca114efe 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -88,6 +88,7 @@ int MAIN(int argc, char **argv) X509_STORE *cert_ctx=NULL; X509_LOOKUP *lookup=NULL; X509_VERIFY_PARAM *vpm = NULL; + int crl_download = 0; #ifndef OPENSSL_NO_ENGINE char *engine=NULL; #endif @@ -145,6 +146,8 @@ int MAIN(int argc, char **argv) if (argc-- < 1) goto end; crlfile= *(++argv); } + else if (strcmp(*argv,"-crl_download") == 0) + crl_download = 1; #ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { @@ -222,6 +225,9 @@ int MAIN(int argc, char **argv) goto end; } + if (crl_download) + store_setup_crl_download(cert_ctx); + if (argc < 1) check(cert_ctx, NULL, untrusted, trusted, crls, e); else for (i=0; i<argc; i++) |