specifically ask for them.
Fix typo in docs.
Changes between 0.9.5a and 0.9.6 [xx XXX 2000]
+ *) For compatibility reasons if the flag X509_V_FLAG_ISSUER_CHECK is
+ not set then we don't setup the error code for issuer check errors
+ to avoid possibly overwriting other errors which the callback does
+ handle. If an application does set the flag then we assume it knows
+ what it is doing and can handle the new informational codes
+ appropriately.
+ [Steve Henson]
+
*) Fix for a nasty bug in ASN1_TYPE handling. ASN1_TYPE is used for
a general "ANY" type, as such it should be able to decode anything
including tagged types. However it didn't check the class so it would
o MD4 now included.
o Bugfix for SSL rollback padding check.
o Support for external crypto device[1].
+ o Enhanced EVP interafce.
[1] The support for external crypto devices is currently a separate
distribution. See the file README.ENGINE.
ret = X509_check_issued(issuer, x);
if (ret == X509_V_OK)
return 1;
- else
- {
- ctx->error = ret;
- ctx->current_cert = x;
- ctx->current_issuer = issuer;
- if ((ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK) && ctx->verify_cb)
- return ctx->verify_cb(0, ctx);
- else
- return 0;
- }
+ /* If we haven't asked for issuer errors don't set ctx */
+ if (!(ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK))
+ return 0;
+
+ ctx->error = ret;
+ ctx->current_cert = x;
+ ctx->current_issuer = issuer;
+ if (ctx->verify_cb)
+ return ctx->verify_cb(0, ctx);
return 0;
}
Sign and encrypt mail:
openssl smime -sign -in ml.txt -signer my.pem -text \
- | openssl -encrypt -out mail.msg \
+ | openssl smime -encrypt -out mail.msg \
-from steve@openssl.org -to someone@somewhere \
-subject "Signed and Encrypted message" -des3 user.pem
projects / oweals / openssl.git / commitdiff