diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2009-06-29 16:09:37 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2009-06-29 16:09:37 +0000 |
| commit | 9a5faeaa428b164b2327314efe9c26a141a129fa (patch) | |
| tree | 55ccf906c360b75318d7e3a4309ddf5082c1a46c /apps/apps.c | |
| parent | d2f6d28298725bcf23effb8048e6676f32b5d6ba (diff) | |
| download | openssl-9a5faeaa428b164b2327314efe9c26a141a129fa.tar.gz | |
Allow setting of verify depth in verify parameters (as opposed to the depth
implemented using the verify callback).
Diffstat (limited to 'apps/apps.c')
| -rw-r--r-- | apps/apps.c | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/apps/apps.c b/apps/apps.c index 08ce00822e..88a479dfa4 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -2192,7 +2192,7 @@ int args_verify(char ***pargs, int *pargc, ASN1_OBJECT *otmp = NULL; unsigned long flags = 0; int i; - int purpose = 0; + int purpose = 0, depth = -1; char **oldargs = *pargs; char *arg = **pargs, *argn = (*pargs)[1]; if (!strcmp(arg, "-policy")) @@ -2232,6 +2232,21 @@ int args_verify(char ***pargs, int *pargc, } (*pargs)++; } + else if (strcmp(arg,"-verify_depth") == 0) + { + if (!argn) + *badarg = 1; + else + { + depth = atoi(argn); + if(depth < 0) + { + BIO_printf(err, "invalid depth\n"); + *badarg = 1; + } + } + (*pargs)++; + } else if (!strcmp(arg, "-ignore_critical")) flags |= X509_V_FLAG_IGNORE_CRITICAL; else if (!strcmp(arg, "-issuer_checks")) @@ -2283,6 +2298,9 @@ int args_verify(char ***pargs, int *pargc, if (purpose) X509_VERIFY_PARAM_set_purpose(*pm, purpose); + if (depth >= 0) + X509_VERIFY_PARAM_set_depth(*pm, depth); + end: (*pargs)++; |