add -trusted_first option and verify flag
[openssl.git] / apps / apps.c
index 4688224..3edb76c 100644 (file)
@@ -2333,6 +2333,8 @@ int args_verify(char ***pargs, int *pargc,
                flags |= X509_V_FLAG_NOTIFY_POLICY;
        else if (!strcmp(arg, "-check_ss_sig"))
                flags |= X509_V_FLAG_CHECK_SS_SIGNATURE;
+       else if (!strcmp(arg, "-trusted_first"))
+               flags |= X509_V_FLAG_TRUSTED_FIRST;
        else
                return 0;