diff options
Diffstat (limited to 'openssl/trunk/crypto')
| -rw-r--r-- | openssl/trunk/crypto/x509/x509_vfy.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/openssl/trunk/crypto/x509/x509_vfy.c b/openssl/trunk/crypto/x509/x509_vfy.c index 79dae3d3..47b15455 100644 --- a/openssl/trunk/crypto/x509/x509_vfy.c +++ b/openssl/trunk/crypto/x509/x509_vfy.c @@ -289,6 +289,15 @@ int X509_verify_cert(X509_STORE_CTX *ctx) if (!ok) goto end; + /* Check RFC 3779 path validation */ + ok = v3_asid_validate_path(ctx); + + if (!ok) goto end; + + ok = v3_addr_validate_path(ctx); + + if (!ok) goto end; + /* The chain extensions are OK: check trust */ if (param->trust > 0) ok = check_trust(ctx); |