diff options
Diffstat (limited to 'openssl/crypto/x509/x509_vfy.h')
| -rw-r--r-- | openssl/crypto/x509/x509_vfy.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/openssl/crypto/x509/x509_vfy.h b/openssl/crypto/x509/x509_vfy.h index 1f8c0eccb..aacdf55aa 100644 --- a/openssl/crypto/x509/x509_vfy.h +++ b/openssl/crypto/x509/x509_vfy.h @@ -405,6 +405,12 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); # define X509_V_FLAG_USE_DELTAS 0x2000 /* Check selfsigned CA signature */ # define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000 +/* + * If the initial chain is not trusted, do not attempt to build an alternative + * chain. Alternate chain checking was introduced in 1.0.1n/1.0.2b. Setting + * this flag will force the behaviour to match that of previous versions. + */ +# define X509_V_FLAG_NO_ALT_CHAINS 0x100000 # define X509_VP_FLAG_DEFAULT 0x1 # define X509_VP_FLAG_OVERWRITE 0x2 |