diff options
| author | Bob Beck <beck@cvs.openbsd.org> | 2020-09-14 07:09:07 +0000 |
|---|---|---|
| committer | Bob Beck <beck@cvs.openbsd.org> | 2020-09-14 07:09:07 +0000 |
| commit | 500a4441d4f1cd3d3aabdb565be76bc88cbd995f (patch) | |
| tree | ce010782fadfed6bf282b930d51b9f0a9e89a977 | |
| parent | 51662ba89b189aff835429fd87e856f27b9843f2 (diff) | |
Enable the use of the new x509 chain validator by default.
ok jsing@ tb@
| -rw-r--r-- | lib/libcrypto/x509/x509_vpm.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/lib/libcrypto/x509/x509_vpm.c b/lib/libcrypto/x509/x509_vpm.c index ca533e26d1e..2c02b7bb74c 100644 --- a/lib/libcrypto/x509/x509_vpm.c +++ b/lib/libcrypto/x509/x509_vpm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_vpm.c,v 1.19 2020/09/13 15:06:17 beck Exp $ */ +/* $OpenBSD: x509_vpm.c,v 1.20 2020/09/14 07:09:06 beck Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ @@ -178,8 +178,6 @@ x509_verify_param_zero(X509_VERIFY_PARAM *param) /*param->inh_flags = X509_VP_FLAG_DEFAULT;*/ param->inh_flags = 0; param->flags = 0; - /* XXX remove to enable new verifier by default */ - param->flags |= X509_V_FLAG_LEGACY_VERIFY; param->depth = -1; if (param->policies) { sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free); |