diff options
author | Viktor Dukhovni <openssl-users@dukhovni.org> | 2016-01-17 02:33:14 -0500 |
---|---|---|
committer | Viktor Dukhovni <openssl-users@dukhovni.org> | 2016-01-18 13:20:48 -0500 |
commit | 0e76014e584ba78ef1d6ecb4572391ef61c4fb51 (patch) | |
tree | 7f12b477dda49ed717ab35a38e81f39f019f6a02 /crypto/include | |
parent | 86334b6a61b35a3f3d487cc0eb74ac1aff79d185 (diff) | |
download | openssl-0e76014e584ba78ef1d6ecb4572391ef61c4fb51.tar.gz |
Drop cached certificate signature validity flag
It seems risky in the context of cross-signed certificates when the
same certificate might have multiple potential issuers. Also rarely
used, since chains in OpenSSL typically only employ self-signed
trust-anchors, whose self-signatures are not checked, while untrusted
certificates are generally ephemeral.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Diffstat (limited to 'crypto/include')
-rw-r--r-- | crypto/include/internal/x509_int.h | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/crypto/include/internal/x509_int.h b/crypto/include/internal/x509_int.h index 5997a21c61..c11d3b372e 100644 --- a/crypto/include/internal/x509_int.h +++ b/crypto/include/internal/x509_int.h @@ -192,7 +192,6 @@ struct x509_st { X509_CINF cert_info; X509_ALGOR sig_alg; ASN1_BIT_STRING signature; - int valid; int references; char *name; CRYPTO_EX_DATA ex_data; |