projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Code cleanup mostly in crypto/x509/v3_purp.c
[openssl.git] / crypto / x509 / x509_trs.c
diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c
index dd83dbc52f40b44ad9f06b2f01abde2140fb0409..88f2f057d55f4c950dd92c4ff1ccf371945a4825 100644 (file)
--- a/crypto/x509/x509_trs.c
+++ b/crypto/x509/x509_trs.c
@@ -220,7 +220,7 @@ static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags)
      * Declare the chain verified if the desired trust OID is not rejected in
      * any auxiliary trust info for this certificate, and the OID is either
      * expressly trusted, or else either "anyEKU" is trusted, or the
-     * certificate is self-signed.
+     * certificate is self-signed and X509_TRUST_NO_SS_COMPAT is not set.
      */
     flags |= X509_TRUST_DO_SS_COMPAT | X509_TRUST_OK_ANY_EKU;
     return obj_trust(trust->arg1, x, flags);
Unnamed repository; edit this file 'description' to name the repository.