diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2000-03-07 14:04:29 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2000-03-07 14:04:29 +0000 |
| commit | 068fdce877a956e86c2281dd3e0643faca362c5e (patch) | |
| tree | cd3988eb02a6d2ff36a44b489b97e9814f283dc6 /crypto/x509v3 | |
| parent | fa0ca35b957d7cbcc5421d98e2cb8385f5b9a1c3 (diff) | |
New compatability trust and purpose settings.
Diffstat (limited to 'crypto/x509v3')
| -rw-r--r-- | crypto/x509v3/v3_purp.c | 9 | ||||
| -rw-r--r-- | crypto/x509v3/x509v3.h | 3 |
2 files changed, 10 insertions, 2 deletions
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c index b7494ebcd5..5594a1d64f 100644 --- a/crypto/x509v3/v3_purp.c +++ b/crypto/x509v3/v3_purp.c @@ -71,6 +71,7 @@ static int purpose_smime(X509 *x, int ca); static int check_purpose_smime_sign(X509_PURPOSE *xp, X509 *x, int ca); static int check_purpose_smime_encrypt(X509_PURPOSE *xp, X509 *x, int ca); static int check_purpose_crl_sign(X509_PURPOSE *xp, X509 *x, int ca); +static int no_check(X509_PURPOSE *xp, X509 *x, int ca); static int xp_cmp(X509_PURPOSE **a, X509_PURPOSE **b); static void xptable_free(X509_PURPOSE *p); @@ -81,7 +82,8 @@ static X509_PURPOSE xstandard[] = { {X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ns_ssl_server, "Netscape SSL server", "nssslserver", NULL}, {X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign, "S/MIME signing", "smimesign", NULL}, {X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0, check_purpose_smime_encrypt, "S/MIME encryption", "smimeencrypt", NULL}, - {X509_PURPOSE_CRL_SIGN, X509_TRUST_ANY, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL}, + {X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL}, + {X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, "Any Purpose", "any", NULL}, }; #define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE)) @@ -454,3 +456,8 @@ static int check_purpose_crl_sign(X509_PURPOSE *xp, X509 *x, int ca) if(ku_reject(x, KU_CRL_SIGN)) return 0; return 1; } + +static int no_check(X509_PURPOSE *xp, X509 *x, int ca) +{ + return 1; +} diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h index fe01755797..ce715dfa73 100644 --- a/crypto/x509v3/x509v3.h +++ b/crypto/x509v3/x509v3.h @@ -344,9 +344,10 @@ typedef struct x509_purpose_st { #define X509_PURPOSE_SMIME_SIGN 4 #define X509_PURPOSE_SMIME_ENCRYPT 5 #define X509_PURPOSE_CRL_SIGN 6 +#define X509_PURPOSE_ANY 7 #define X509_PURPOSE_MIN 1 -#define X509_PURPOSE_MAX 6 +#define X509_PURPOSE_MAX 7 DECLARE_STACK_OF(X509_PURPOSE) |