summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorViktor Dukhovni <openssl-users@dukhovni.org>2015-12-29 14:12:36 -0500
committerViktor Dukhovni <openssl-users@dukhovni.org>2016-01-07 13:48:59 -0500
commit170b735820ac6a3857733fccf889cde9d723ddc8 (patch)
treea0d55c48d1117bd156bb9dbbba7629b221f3db91 /include
parenta8eba56ef62af2f9a5b46825c994665cd3789c2e (diff)
DANE support for X509_verify_cert()
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'include')
-rw-r--r--include/openssl/x509.h2
-rw-r--r--include/openssl/x509_vfy.h2
2 files changed, 4 insertions, 0 deletions
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 0b00abfc2a..0f66329544 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -1073,6 +1073,7 @@ void ERR_load_X509_strings(void);
# define X509_F_BUILD_CHAIN 106
# define X509_F_BY_FILE_CTRL 101
# define X509_F_CHECK_POLICY 145
+# define X509_F_DANE_I2D 107
# define X509_F_DIR_CTRL 102
# define X509_F_GET_CERT_BY_SUBJECT 103
# define X509_F_NETSCAPE_SPKI_B64_DECODE 129
@@ -1119,6 +1120,7 @@ void ERR_load_X509_strings(void);
/* Reason codes. */
# define X509_R_AKID_MISMATCH 110
+# define X509_R_BAD_SELECTOR 133
# define X509_R_BAD_X509_FILETYPE 100
# define X509_R_BASE64_DECODE_ERROR 118
# define X509_R_CANT_CHECK_DH_KEY 114
diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h
index c96ab6862b..7ea11ea392 100644
--- a/include/openssl/x509_vfy.h
+++ b/include/openssl/x509_vfy.h
@@ -264,6 +264,8 @@ struct x509_store_ctx_st { /* X509_STORE_CTX */
X509_STORE_CTX *parent;
CRYPTO_EX_DATA ex_data;
struct dane_st *dane;
+ /* signed via bare TA public key, rather than CA certificate */
+ int bare_ta_signed;
} /* X509_STORE_CTX */ ;
void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-13 04:22:58 +0000