diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2009-06-26 11:34:22 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2009-06-26 11:34:22 +0000 |
commit | 9aecc3e5ff3889fbe6f469d61e6f5935d870d4af (patch) | |
tree | ccfe23227378b0d97f770a230c97550c60433973 /apps | |
parent | b8a4a5bcba1545b5b22fed0ab7fcd5dc37598052 (diff) |
Update from 1.0.0-stable.
Diffstat (limited to 'apps')
-rw-r--r-- | apps/apps.c | 2 | ||||
-rw-r--r-- | apps/x509.c | 1 |
2 files changed, 3 insertions, 0 deletions
diff --git a/apps/apps.c b/apps/apps.c index 498722a5a2..35b62b8b09 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -2261,6 +2261,8 @@ int args_verify(char ***pargs, int *pargc, flags |= X509_V_FLAG_X509_STRICT; else if (!strcmp(arg, "-policy_print")) flags |= X509_V_FLAG_NOTIFY_POLICY; + else if (!strcmp(arg, "-check_ss_sig")) + flags |= X509_V_FLAG_CHECK_SS_SIGNATURE; else return 0; diff --git a/apps/x509.c b/apps/x509.c index 6debce4419..b25508aa8e 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -1151,6 +1151,7 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, /* NOTE: this certificate can/should be self signed, unless it was * a certificate request in which case it is not. */ X509_STORE_CTX_set_cert(&xsc,x); + X509_STORE_CTX_set_flags(&xsc, X509_V_FLAG_CHECK_SS_SIGNATURE); if (!reqfile && X509_verify_cert(&xsc) <= 0) goto end; |