diff options
| author | beck <> | 2020-09-14 08:10:04 +0000 |
|---|---|---|
| committer | beck <> | 2020-09-14 08:10:04 +0000 |
| commit | b2df50a3d7682fa5e94277c6dc12050205ba854c (patch) | |
| tree | cb50870e21fec5177d4d8312ec4a67f47d40c3c7 | |
| parent | 768b16b50556fec6a7dc1b87ea26cd72846a4e44 (diff) | |
| download | openbsd-b2df50a3d7682fa5e94277c6dc12050205ba854c.tar.gz openbsd-b2df50a3d7682fa5e94277c6dc12050205ba854c.tar.bz2 openbsd-b2df50a3d7682fa5e94277c6dc12050205ba854c.zip | |
re-enable new x509 chain verifier as the default
ok tb@
| -rw-r--r-- | src/lib/libcrypto/x509/x509_vpm.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/src/lib/libcrypto/x509/x509_vpm.c b/src/lib/libcrypto/x509/x509_vpm.c index e637528705..448ee20984 100644 --- a/src/lib/libcrypto/x509/x509_vpm.c +++ b/src/lib/libcrypto/x509/x509_vpm.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509_vpm.c,v 1.21 2020/09/14 07:32:05 beck Exp $ */ | 1 | /* $OpenBSD: x509_vpm.c,v 1.22 2020/09/14 08:10:04 beck Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2004. | 3 | * project 2004. |
| 4 | */ | 4 | */ |
| @@ -178,8 +178,6 @@ x509_verify_param_zero(X509_VERIFY_PARAM *param) | |||
| 178 | /*param->inh_flags = X509_VP_FLAG_DEFAULT;*/ | 178 | /*param->inh_flags = X509_VP_FLAG_DEFAULT;*/ |
| 179 | param->inh_flags = 0; | 179 | param->inh_flags = 0; |
| 180 | param->flags = 0; | 180 | param->flags = 0; |
| 181 | /* XXX remove to enable new verifier by default */ | ||
| 182 | param->flags |= X509_V_FLAG_LEGACY_VERIFY; | ||
| 183 | param->depth = -1; | 181 | param->depth = -1; |
| 184 | if (param->policies) { | 182 | if (param->policies) { |
| 185 | sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free); | 183 | sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free); |