mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-22 08:23:48 +08:00
Code Issues Packages Projects Releases Wiki Activity

Comment and indentation

Browse Source
This commit is contained in:
Bodo Möller 2001-01-28 14:38:11 +00:00
parent b847024026
commit 78f3a2aad7
2 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
crypto/x509/x509_trs.c
View File

@ -99,10 +99,10 @@ static int tr_cmp(const X509_TRUST * const *a,
int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int)
{
int (*oldtrust)(int , X509 *, int);
oldtrust = default_trust;
default_trust = trust;
return oldtrust;
int (*oldtrust)(int , X509 *, int);
oldtrust = default_trust;
default_trust = trust;
return oldtrust;
}

7
crypto/x509/x509_vfy.c
View File

@ -488,6 +488,13 @@ static int internal_verify(X509_STORE_CTX *ctx)
if (!ok) goto end;
}
if (X509_verify(xs,pkey) <= 0)
/* XXX For the final trusted self-signed cert,
* this is a waste of time. That check should
* optional so that e.g. 'openssl x509' can be
* used to detect invalid self-signatures, but
* we don't verify again and again in SSL
* handshakes and the like once the cert has
* been declared trusted. */
{
ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
ctx->current_cert=xs;