diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-12-06 18:43:40 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2013-01-18 15:38:13 +0000 |
commit | 57912ed329f870b237f2fd9f2de8dec3477d1729 (patch) | |
tree | 9f38f8edce44b775fc043c25d5fe9d96a5c53cb3 /apps/verify.c | |
parent | e998f8aeb83885275aefbba59c811e48308b2771 (diff) |
Add code to download CRLs based on CRLDP extension.
Just a sample, real world applications would have to be cleverer.
Diffstat (limited to 'apps/verify.c')
-rw-r--r-- | apps/verify.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/apps/verify.c b/apps/verify.c index 893670ff41..18fba46545 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -88,6 +88,7 @@ int MAIN(int argc, char **argv) X509_STORE *cert_ctx=NULL; X509_LOOKUP *lookup=NULL; X509_VERIFY_PARAM *vpm = NULL; + int crl_download = 0; #ifndef OPENSSL_NO_ENGINE char *engine=NULL; #endif @@ -145,6 +146,8 @@ int MAIN(int argc, char **argv) if (argc-- < 1) goto end; crlfile= *(++argv); } + else if (strcmp(*argv,"-crl_download") == 0) + crl_download = 1; #ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { @@ -223,6 +226,9 @@ int MAIN(int argc, char **argv) } ret = 0; + + if (crl_download) + store_setup_crl_download(cert_ctx); if (argc < 1) { if (1 != check(cert_ctx, NULL, untrusted, trusted, crls, e)) |