Drop cached certificate signature validity flag

It seems risky in the context of cross-signed certificates when the same certificate might have multiple potential issuers. Also rarely used, since chains in OpenSSL typically only employ self-signed trust-anchors, whose self-signatures are not checked, while untrusted certificates are generally ephemeral. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
author: Viktor Dukhovni <openssl-users@dukhovni.org> 2016-01-17 02:33:14 -0500
committer: Viktor Dukhovni <openssl-users@dukhovni.org> 2016-01-18 13:20:48 -0500
commit: 0e76014e584ba78ef1d6ecb4572391ef61c4fb51 (patch)
tree: 7f12b477dda49ed717ab35a38e81f39f019f6a02 /crypto/include
parent: 86334b6a61b35a3f3d487cc0eb74ac1aff79d185 (diff)
download: openssl-0e76014e584ba78ef1d6ecb4572391ef61c4fb51.tar.gz
1 files changed, 0 insertions, 1 deletions
diff --git a/crypto/include/internal/x509_int.h b/crypto/include/internal/x509_int.h
index 5997a21c61..c11d3b372e 100644
--- a/crypto/include/internal/x509_int.h
+++ b/crypto/include/internal/x509_int.h
@@ -192,7 +192,6 @@ struct x509_st {
     X509_CINF cert_info;
     X509_ALGOR sig_alg;
     ASN1_BIT_STRING signature;
-    int valid;
     int references;
     char *name;
     CRYPTO_EX_DATA ex_data;
author	Viktor Dukhovni <openssl-users@dukhovni.org>	2016-01-17 02:33:14 -0500
committer	Viktor Dukhovni <openssl-users@dukhovni.org>	2016-01-18 13:20:48 -0500
commit	0e76014e584ba78ef1d6ecb4572391ef61c4fb51 (patch)
tree	7f12b477dda49ed717ab35a38e81f39f019f6a02 /crypto/include
parent	86334b6a61b35a3f3d487cc0eb74ac1aff79d185 (diff)
download	openssl-0e76014e584ba78ef1d6ecb4572391ef61c4fb51.tar.gz