projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fcc3a52) | patch
Add OCSP_PARTIAL_CHAIN to OCSP_basic_verify()
authorRich Salz <rsalz@akamai.com>
Mon, 17 Aug 2020 19:31:42 +0000 (15:31 -0400)
committerDr. David von Oheimb <David.von.Oheimb@siemens.com>
Thu, 27 Aug 2020 18:03:39 +0000 (20:03 +0200)
commit0495a3ec4ab463d5c08f4a4e85d0e3925e4602e7
tree1c3d88d88b9a4d71e98f70d1e01b5f3738086edbtree | snapshot
parentfcc3a5204c6daa0f0bbc1679ce1ce82fb767190dcommit | diff
Add OCSP_PARTIAL_CHAIN to OCSP_basic_verify()

This adds a flag, OCSP_PARTIAL_CHAIN, to the OCSP_basic_verify()
function.  This is equivlent to X509_V_FLAG_PARTIAL_CHAIN, in that
if any certificate in the OCSP response is in the trust store, then
trust it.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12666)
crypto/ocsp/ocsp_vfy.c diff | blob | history
doc/man3/OCSP_resp_find_status.pod diff | blob | history
doc/man3/X509_VERIFY_PARAM_set_flags.pod diff | blob | history
include/openssl/ocsp.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.