Update to openssl-1.0.2crelease/external-1.17.0.0-x

author: marha <marha@users.sourceforge.net> 2015-06-15 20:18:50 +0200
committer: Mike DePaulo <mikedep333@gmail.com> 2015-06-22 01:16:46 -0400
commit: 36da4a2e0e43928a29ac2ee5c55bf681e90e2f42 (patch)
tree: 92633e1022d705c72d0f97315891e719648dd17e /openssl/crypto/x509/x509_vfy.h
parent: bec4be4c48239613ed1c704ae71bf08754eef711 (diff)
download: vcxsrv-36da4a2e0e43928a29ac2ee5c55bf681e90e2f42.tar.gz
vcxsrv-36da4a2e0e43928a29ac2ee5c55bf681e90e2f42.tar.bz2
vcxsrv-36da4a2e0e43928a29ac2ee5c55bf681e90e2f42.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/openssl/crypto/x509/x509_vfy.h b/openssl/crypto/x509/x509_vfy.h
index a6f0df54c..bd8613c62 100644
--- a/openssl/crypto/x509/x509_vfy.h
+++ b/openssl/crypto/x509/x509_vfy.h
@@ -432,6 +432,12 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
 
 /* Allow partial chains if at least one certificate is in trusted store */
 # define X509_V_FLAG_PARTIAL_CHAIN               0x80000
+/*
+ * If the initial chain is not trusted, do not attempt to build an alternative
+ * chain. Alternate chain checking was introduced in 1.0.2b. Setting this flag
+ * will force the behaviour to match that of previous versions.
+ */
+# define X509_V_FLAG_NO_ALT_CHAINS               0x100000
 
 # define X509_VP_FLAG_DEFAULT                    0x1
 # define X509_VP_FLAG_OVERWRITE                  0x2
author	marha <marha@users.sourceforge.net>	2015-06-15 20:18:50 +0200
committer	Mike DePaulo <mikedep333@gmail.com>	2015-06-22 01:16:46 -0400
commit	36da4a2e0e43928a29ac2ee5c55bf681e90e2f42 (patch)
tree	92633e1022d705c72d0f97315891e719648dd17e /openssl/crypto/x509/x509_vfy.h
parent	bec4be4c48239613ed1c704ae71bf08754eef711 (diff)
download	vcxsrv-36da4a2e0e43928a29ac2ee5c55bf681e90e2f42.tar.gz vcxsrv-36da4a2e0e43928a29ac2ee5c55bf681e90e2f42.tar.bz2 vcxsrv-36da4a2e0e43928a29ac2ee5c55bf681e90e2f42.zip