Include TA in checks/callback with partial chains.

author Dr. Stephen Henson <steve@openssl.org>

Fri, 14 Feb 2014 15:07:01 +0000 (15:07 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Fri, 14 Feb 2014 15:12:53 +0000 (15:12 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Fri, 14 Feb 2014 15:07:01 +0000 (15:07 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Fri, 14 Feb 2014 15:12:53 +0000 (15:12 +0000)
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c

index 07cd09f69d30f605a1abbf4e62430984c53baab6..5f91b016661ba508d3554e042c6a6d485423a842 100644 (file)
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -1735,7 +1735,7 @@ static int internal_verify(X509_STORE_CTX *ctx)
                 xs=xi;
         else
                 {
-               if (ctx->param->flags & X509_V_FLAG_PARTIAL_CHAIN && n == 0)
+               if (ctx->param->flags & X509_V_FLAG_PARTIAL_CHAIN)
                         {
                         xs = xi;
                         goto check_cert;
author	Dr. Stephen Henson <steve@openssl.org>
	Fri, 14 Feb 2014 15:07:01 +0000 (15:07 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Fri, 14 Feb 2014 15:12:53 +0000 (15:12 +0000)