diff options
Diffstat (limited to 'openssl/crypto/x509/x509_vfy.h')
| -rw-r--r-- | openssl/crypto/x509/x509_vfy.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/openssl/crypto/x509/x509_vfy.h b/openssl/crypto/x509/x509_vfy.h index a6f0df54c..bd8613c62 100644 --- a/openssl/crypto/x509/x509_vfy.h +++ b/openssl/crypto/x509/x509_vfy.h @@ -432,6 +432,12 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); /* Allow partial chains if at least one certificate is in trusted store */ # define X509_V_FLAG_PARTIAL_CHAIN 0x80000 +/* + * If the initial chain is not trusted, do not attempt to build an alternative + * chain. Alternate chain checking was introduced in 1.0.2b. Setting this flag + * will force the behaviour to match that of previous versions. + */ +# define X509_V_FLAG_NO_ALT_CHAINS 0x100000 # define X509_VP_FLAG_DEFAULT 0x1 # define X509_VP_FLAG_OVERWRITE 0x2 |