CVSROOT: /cvs Module name: src Changes by: b...@cvs.openbsd.org 2023/04/28 10:50:16
Modified files:
lib/libcrypto/x509: x509_verify.c x509_vfy.c x509_vfy.h
x509_vpm.c
regress/lib/libcrypto/x509/policy: policy.c
Log message:
Enable policy checking by default now that we are DAG implementation based.
This ensures that we will no longer silently ignore a certificate with
a critical policy extention by default.
ok tb@
