diff options
author | Rich Salz <rsalz@akamai.com> | 2015-07-09 14:54:13 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2015-07-14 07:46:20 -0400 |
commit | 5b89036c41a009a76cd0e1595dde5001ae157972 (patch) | |
tree | adf1d29e8b504cc62a6cf17c9c28216ca7af9ea9 /apps/verify.c | |
parent | e5c0bc6cc49a23b50a272801c4bd53639c25fca4 (diff) | |
download | openssl-new-5b89036c41a009a76cd0e1595dde5001ae157972.tar.gz |
Can't use -trusted with -CA{path,file}
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Diffstat (limited to 'apps/verify.c')
-rw-r--r-- | apps/verify.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/apps/verify.c b/apps/verify.c index a823d58a75..7fcd32a404 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -88,7 +88,7 @@ OPTIONS verify_options[] = { {"CApath", OPT_CAPATH, '/', "A directory of trusted certificates"}, {"CAfile", OPT_CAFILE, '<', "A file of trusted certificates"}, {"untrusted", OPT_UNTRUSTED, '<', "A file of untrusted certificates"}, - {"trusted", OPT_TRUSTED, '<', "A file of additional trusted certificates"}, + {"trusted", OPT_TRUSTED, '<', "A file of trusted certificates"}, {"CRLfile", OPT_CRLFILE, '<', "File containing one or more CRL's (in PEM format) to load"}, {"crl_download", OPT_CRL_DOWNLOAD, '-', @@ -180,6 +180,12 @@ int verify_main(int argc, char **argv) } argc = opt_num_rest(); argv = opt_rest(); + if (trustfile && (CAfile || CApath)) { + BIO_printf(bio_err, + "%s: Cannot use -trusted with -CAfile or -CApath\n", + prog); + goto end; + } if (!app_load_modules(NULL)) goto end; |