提交 dbba890c 编写于 作者: D Dr. Stephen Henson

Only use the new informational verify codes if we
specifically ask for them.

Fix typo in docs.
上级 3f8b90c3
......@@ -4,6 +4,14 @@
Changes between 0.9.5a and 0.9.6 [xx XXX 2000]
*) For compatibility reasons if the flag X509_V_FLAG_ISSUER_CHECK is
not set then we don't setup the error code for issuer check errors
to avoid possibly overwriting other errors which the callback does
handle. If an application does set the flag then we assume it knows
what it is doing and can handle the new informational codes
appropriately.
[Steve Henson]
*) Fix for a nasty bug in ASN1_TYPE handling. ASN1_TYPE is used for
a general "ANY" type, as such it should be able to decode anything
including tagged types. However it didn't check the class so it would
......
......@@ -15,6 +15,7 @@
o MD4 now included.
o Bugfix for SSL rollback padding check.
o Support for external crypto device[1].
o Enhanced EVP interafce.
[1] The support for external crypto devices is currently a separate
distribution. See the file README.ENGINE.
......
......@@ -339,16 +339,15 @@ static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
ret = X509_check_issued(issuer, x);
if (ret == X509_V_OK)
return 1;
else
{
ctx->error = ret;
ctx->current_cert = x;
ctx->current_issuer = issuer;
if ((ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK) && ctx->verify_cb)
return ctx->verify_cb(0, ctx);
else
return 0;
}
/* If we haven't asked for issuer errors don't set ctx */
if (!(ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK))
return 0;
ctx->error = ret;
ctx->current_cert = x;
ctx->current_issuer = issuer;
if (ctx->verify_cb)
return ctx->verify_cb(0, ctx);
return 0;
}
......
......@@ -325,7 +325,7 @@ Send encrypted mail using triple DES:
Sign and encrypt mail:
openssl smime -sign -in ml.txt -signer my.pem -text \
| openssl -encrypt -out mail.msg \
| openssl smime -encrypt -out mail.msg \
-from steve@openssl.org -to someone@somewhere \
-subject "Signed and Encrypted message" -des3 user.pem
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册