Loading crypto/x509/x509_vfy.c +7 −0 Original line number Diff line number Diff line Loading @@ -488,6 +488,13 @@ static int internal_verify(X509_STORE_CTX *ctx) if (!ok) goto end; } if (X509_verify(xs,pkey) <= 0) /* XXX For the final trusted self-signed cert, * this is a waste of time. That check should * optional so that e.g. 'openssl x509' can be * used to detect invalid self-signatures, but * we don't verify again and again in SSL * handshakes and the like once the cert has * been declared trusted. */ { ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE; ctx->current_cert=xs; Loading crypto/x509/x509_trs.c +4 −4 File changed.Contains only whitespace changes. Show changes Loading
crypto/x509/x509_vfy.c +7 −0 Original line number Diff line number Diff line Loading @@ -488,6 +488,13 @@ static int internal_verify(X509_STORE_CTX *ctx) if (!ok) goto end; } if (X509_verify(xs,pkey) <= 0) /* XXX For the final trusted self-signed cert, * this is a waste of time. That check should * optional so that e.g. 'openssl x509' can be * used to detect invalid self-signatures, but * we don't verify again and again in SSL * handshakes and the like once the cert has * been declared trusted. */ { ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE; ctx->current_cert=xs; Loading
