diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-03-03 16:02:19 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-03-03 16:02:19 +0000 |
commit | 12f135e099a570991ace460a83a291a136604c71 (patch) | |
tree | 85c5692f7f936b22fa9718a94dfe1eed4d5e90b8 /includes | |
parent | 4b8dd2d4c4098cfde70a70326ae5035eb53214b3 (diff) | |
download | gnutls-12f135e099a570991ace460a83a291a136604c71.tar.gz |
Added a flag to allow signing by v1 X.509 certificates. Also added a function to allow setting the verification flags in the credentials structure.
Diffstat (limited to 'includes')
-rw-r--r-- | includes/gnutls/x509.h | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/includes/gnutls/x509.h b/includes/gnutls/x509.h index 16b4fefd27..ecc2cc6254 100644 --- a/includes/gnutls/x509.h +++ b/includes/gnutls/x509.h @@ -157,9 +157,13 @@ int gnutls_pkcs7_get_certificate(gnutls_pkcs7 pkcs7, int indx, */ typedef enum gnutls_certificate_verify_flags { - GNUTLS_VERIFY_DISABLE_CA_SIGN=1 /* if set a signer does not have to be + GNUTLS_VERIFY_DISABLE_CA_SIGN=1, /* if set a signer does not have to be * a certificate authority. */ + GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT=2 /* Allow CA certificates that have version 1. + * This might be dangerous since those haven't + * the basicConstraints extension. + */ } gnutls_certificate_verify_flags; int gnutls_x509_crt_check_issuer( gnutls_x509_crt cert, |