diff options
author | Viktor Dukhovni <openssl-users@dukhovni.org> | 2016-01-28 03:01:45 -0500 |
---|---|---|
committer | Viktor Dukhovni <openssl-users@dukhovni.org> | 2016-01-31 21:23:23 -0500 |
commit | 0daccd4dc1f1ac62181738a91714f35472e50f3c (patch) | |
tree | 5b7c2b6c5db0c2caf223ea978db03559b5eb90f8 /include | |
parent | 1b4cf96f9b82ec3b06e7902bb21620a09cadd94e (diff) | |
download | openssl-0daccd4dc1f1ac62181738a91714f35472e50f3c.zip openssl-0daccd4dc1f1ac62181738a91714f35472e50f3c.tar.gz openssl-0daccd4dc1f1ac62181738a91714f35472e50f3c.tar.bz2 |
Check chain extensions also for trusted certificates
This includes basic constraints, key usages, issuer EKUs and auxiliary
trust OIDs (given a trust suitably related to the intended purpose).
Added tests and updated documentation.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/x509.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/openssl/x509.h b/include/openssl/x509.h index 31f784d..3a1c5e2 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -183,7 +183,7 @@ DEFINE_STACK_OF(X509_TRUST) /* standard trust ids */ -# define X509_TRUST_DEFAULT -1/* Only valid in purpose settings */ +# define X509_TRUST_DEFAULT 0 /* Only valid in purpose settings */ # define X509_TRUST_COMPAT 1 # define X509_TRUST_SSL_CLIENT 2 |