diff options
| author | beck <> | 2020-09-14 07:09:06 +0000 |
|---|---|---|
| committer | beck <> | 2020-09-14 07:09:06 +0000 |
| commit | a7684823670af05c7471e127a4e1e61ebf0ded64 (patch) | |
| tree | 916aa32eeedeb92eb444c5bd8bb33b908becc14f | |
| parent | de3c5baf1f0309bd56938c276ecea61df1e4b2b5 (diff) | |
| download | openbsd-a7684823670af05c7471e127a4e1e61ebf0ded64.tar.gz openbsd-a7684823670af05c7471e127a4e1e61ebf0ded64.tar.bz2 openbsd-a7684823670af05c7471e127a4e1e61ebf0ded64.zip | |
Enable the use of the new x509 chain validator by default.
ok jsing@ tb@
| -rw-r--r-- | src/lib/libcrypto/x509/x509_vpm.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/src/lib/libcrypto/x509/x509_vpm.c b/src/lib/libcrypto/x509/x509_vpm.c index ca533e26d1..2c02b7bb74 100644 --- a/src/lib/libcrypto/x509/x509_vpm.c +++ b/src/lib/libcrypto/x509/x509_vpm.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509_vpm.c,v 1.19 2020/09/13 15:06:17 beck Exp $ */ | 1 | /* $OpenBSD: x509_vpm.c,v 1.20 2020/09/14 07:09:06 beck Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2004. | 3 | * project 2004. |
| 4 | */ | 4 | */ |
| @@ -178,8 +178,6 @@ x509_verify_param_zero(X509_VERIFY_PARAM *param) | |||
| 178 | /*param->inh_flags = X509_VP_FLAG_DEFAULT;*/ | 178 | /*param->inh_flags = X509_VP_FLAG_DEFAULT;*/ |
| 179 | param->inh_flags = 0; | 179 | param->inh_flags = 0; |
| 180 | param->flags = 0; | 180 | param->flags = 0; |
| 181 | /* XXX remove to enable new verifier by default */ | ||
| 182 | param->flags |= X509_V_FLAG_LEGACY_VERIFY; | ||
| 183 | param->depth = -1; | 181 | param->depth = -1; |
| 184 | if (param->policies) { | 182 | if (param->policies) { |
| 185 | sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free); | 183 | sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free); |