summaryrefslogtreecommitdiffstats
path: root/crypto/x509v3/v3_utl.c
diff options
context:
space:
mode:
authorViktor Dukhovni <openssl-users@dukhovni.org>2016-03-08 15:20:02 -0500
committerViktor Dukhovni <openssl-users@dukhovni.org>2016-03-09 20:41:28 -0500
commitdd60efea955e41a6f0926f93ec1503c6f83c4e58 (patch)
tree1068aa7ab94a6acca182698c0bfdca10ecf84286 /crypto/x509v3/v3_utl.c
parent29f082603a14bd8d6816a71a17f7c76adca7817d (diff)
Add X509_CHECK_FLAG_NEVER_CHECK_SUBJECT flag
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Diffstat (limited to 'crypto/x509v3/v3_utl.c')
-rw-r--r--crypto/x509v3/v3_utl.c6
1 files changed, 2 insertions, 4 deletions
diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
index 66b5711aff..a220b27ab9 100644
--- a/crypto/x509v3/v3_utl.c
+++ b/crypto/x509v3/v3_utl.c
@@ -978,14 +978,12 @@ static int do_x509_check(X509 *x, const char *chk, size_t chklen,
GENERAL_NAMES_free(gens);
if (rv != 0)
return rv;
- if (cnid == NID_undef
- || (san_present
- && !(flags & X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT)))
+ if (san_present && !(flags & X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT))
return 0;
}
/* We're done if CN-ID is not pertinent */
- if (cnid == NID_undef)
+ if (cnid == NID_undef || (flags & X509_CHECK_FLAG_NEVER_CHECK_SUBJECT))
return 0;
i = -1;
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-17 03:19:44 +0000