diff options
author | Richard Levitte <levitte@openssl.org> | 2016-06-19 10:55:16 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2016-06-30 01:00:19 +0200 |
commit | 26576cf9cea7841c9abb54e0609cdf09d3f4c663 (patch) | |
tree | c75ced97ee77e3af5e445d57b94040b667444915 /crypto/x509/x509.h | |
parent | 05200ee5c61ecd38cdcacf9c547b0c3877e8cfef (diff) |
Check that the subject name in a proxy cert complies to RFC 3820
The subject name MUST be the same as the issuer name, with a single CN
entry added.
RT#1852
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 338fb1688fbfb7efe0bdd475b01791a6de5ef94b)
Diffstat (limited to 'crypto/x509/x509.h')
-rw-r--r-- | crypto/x509/x509.h | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index bd600de431..dc326a7256 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -1216,6 +1216,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp); * The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. */ + void ERR_load_X509_strings(void); /* Error codes for the X509 functions. */ @@ -1223,6 +1224,7 @@ void ERR_load_X509_strings(void); /* Function codes. */ # define X509_F_ADD_CERT_DIR 100 # define X509_F_BY_FILE_CTRL 101 +# define X509_F_CHECK_NAME_CONSTRAINTS 106 # define X509_F_CHECK_POLICY 145 # define X509_F_DIR_CTRL 102 # define X509_F_GET_CERT_BY_SUBJECT 103 @@ -1296,7 +1298,7 @@ void ERR_load_X509_strings(void); # define X509_R_WRONG_LOOKUP_TYPE 112 # define X509_R_WRONG_TYPE 122 -#ifdef __cplusplus +# ifdef __cplusplus } -#endif +# endif #endif |