diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2008-08-13 16:00:11 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2008-08-13 16:00:11 +0000 |
| commit | 9d84d4ed5e13713c060c5fd538e2c15242aa9b9f (patch) | |
| tree | 199a89086b9e4e6417161967781712bc55defcc9 /crypto/x509/x509_vfy.h | |
| parent | 2e0c7db95002686b8b2eb8da6ba40fab1e7b93b1 (diff) | |
| download | openssl-9d84d4ed5e13713c060c5fd538e2c15242aa9b9f.tar.gz | |
Initial support for CRL path validation. This supports distinct certificate
and CRL signing keys.
Diffstat (limited to 'crypto/x509/x509_vfy.h')
| -rw-r--r-- | crypto/x509/x509_vfy.h | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h index faf641f037..a5006c2d8b 100644 --- a/crypto/x509/x509_vfy.h +++ b/crypto/x509/x509_vfy.h @@ -269,6 +269,8 @@ struct x509_store_ctx_st /* X509_STORE_CTX */ X509 *current_issuer; /* cert currently being tested as valid issuer */ X509_CRL *current_crl; /* current CRL */ + X509_STORE_CTX *parent; /* For CRL path validation: parent context */ + CRYPTO_EX_DATA ex_data; } /* X509_STORE_CTX */; @@ -377,6 +379,8 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); #define X509_V_FLAG_INHIBIT_MAP 0x400 /* Notify callback that policy is OK */ #define X509_V_FLAG_NOTIFY_POLICY 0x800 +/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */ +#define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000 #define X509_VP_FLAG_DEFAULT 0x1 #define X509_VP_FLAG_OVERWRITE 0x2 |