projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fixes to host checking.
[openssl.git] / crypto / x509v3 / x509v3.h
diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h
index 272374e5a2a8626e0e0877262d0a70a0df9cad23..406300f29656c7322b5381442700b3ad29d39c31 100644 (file)
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -704,8 +704,12 @@ STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x);
 
 /* Always check subject name for host match even if subject alt names present */
 #define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT   0x1
-/* Disable wild-card matching for dnsName fields and common name. */
+/* Disable wildcard matching for dnsName fields and common name. */
 #define X509_CHECK_FLAG_NO_WILDCARDS   0x2
+/* Wildcards must not match a partial label. */
+#define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS 0x4
+/* Allow (non-partial) wildcards to match multiple labels. */
+#define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS 0x8
 
 int X509_check_host(X509 *x, const unsigned char *chk, size_t chklen,
                                        unsigned int flags);
Unnamed repository; edit this file 'description' to name the repository.