feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Implement support for verify flag X509_V_FLAG_PARTIAL_CHAIN

Browse Source
This commit is contained in:
Colton Willey
2024-10-17 22:07:52 -07:00
committed by Daniel Pouzzner
parent 12f4f69fb4
commit f7bfa71d9f
2 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/x509_str.c
View File

@ -403,6 +403,11 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx)
* a trusted CA in the CM */ * a trusted CA in the CM */
ret = wolfSSL_X509_verify_cert_ex(ctx); ret = wolfSSL_X509_verify_cert_ex(ctx);
if (ret != WOLFSSL_SUCCESS) { if (ret != WOLFSSL_SUCCESS) {
if ((ctx->store->param->flags & X509_V_FLAG_PARTIAL_CHAIN) &&
(added == 1)) {
wolfSSL_sk_X509_push(ctx->chain, ctx->current_cert);
ret = WOLFSSL_SUCCESS;
}
goto exit; goto exit;
} }

2
wolfssl/openssl/ssl.h
View File

@ -643,7 +643,7 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#define X509_V_FLAG_CRL_CHECK WOLFSSL_CRL_CHECK #define X509_V_FLAG_CRL_CHECK WOLFSSL_CRL_CHECK
#define X509_V_FLAG_CRL_CHECK_ALL WOLFSSL_CRL_CHECKALL #define X509_V_FLAG_CRL_CHECK_ALL WOLFSSL_CRL_CHECKALL
#define X509_V_FLAG_PARTIAL_CHAIN 0 #define X509_V_FLAG_PARTIAL_CHAIN 0x80000
#define X509_V_FLAG_TRUSTED_FIRST 0 #define X509_V_FLAG_TRUSTED_FIRST 0
#define X509_V_FLAG_USE_CHECK_TIME WOLFSSL_USE_CHECK_TIME #define X509_V_FLAG_USE_CHECK_TIME WOLFSSL_USE_CHECK_TIME