summaryrefslogtreecommitdiff
path: root/modules/ssl/ssl_private.h
diff options
context:
space:
mode:
Diffstat (limited to 'modules/ssl/ssl_private.h')
-rw-r--r--modules/ssl/ssl_private.h14
1 files changed, 8 insertions, 6 deletions
diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h
index 70b3ac22..7f6f9fd9 100644
--- a/modules/ssl/ssl_private.h
+++ b/modules/ssl/ssl_private.h
@@ -343,13 +343,15 @@ typedef enum {
|| (errnum == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE))
/**
- * CRL checking modes
+ * CRL checking mask (mode | flags)
*/
typedef enum {
- SSL_CRLCHECK_UNSET = UNSET,
- SSL_CRLCHECK_NONE = 0,
- SSL_CRLCHECK_LEAF = 1,
- SSL_CRLCHECK_CHAIN = 2
+ SSL_CRLCHECK_NONE = (0),
+ SSL_CRLCHECK_LEAF = (1 << 0),
+ SSL_CRLCHECK_CHAIN = (1 << 1),
+
+#define SSL_CRLCHECK_FLAGS (~0x3)
+ SSL_CRLCHECK_NO_CRL_FOR_CERT_OK = (1 << 2)
} ssl_crlcheck_t;
/**
@@ -607,7 +609,7 @@ typedef struct {
/** certificate revocation list */
const char *crl_path;
const char *crl_file;
- ssl_crlcheck_t crl_check_mode;
+ int crl_check_mask;
#ifdef HAVE_OCSP_STAPLING
/** OCSP stapling options */
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-04 07:32:31 +0000