New function PKCS7_signatureVerify to allow the signing certificate to be explicitly stated with PKCS#7 verify. Also fix for util/mkerr.pl: if the -nostatic option is being used this will be for an external library so the autogenerated C file should include the header file as: #include "any/path/to/header.h" rather than the internal library form: #include <openssl/header.h>
diff --git a/util/libeay.num b/util/libeay.num index 36c0cd4..4c49be6 100755 --- a/util/libeay.num +++ b/util/libeay.num
@@ -1817,3 +1817,4 @@ sk_ASN1_OBJECT_insert 1842 sk_ASN1_OBJECT_push 1843 d2i_ASN1_SET_OF_ASN1_OBJECT 1844 +PKCS7_signatureVerify 1845
diff --git a/util/mkerr.pl b/util/mkerr.pl index 60a3028..4b3bccb 100644 --- a/util/mkerr.pl +++ b/util/mkerr.pl
@@ -284,8 +284,14 @@ # Rewrite the C source file containing the error details. - $hfile =~ /([^\/]+)$/; - my $hincf = $1; + my $hincf; + if($static) { + $hfile =~ /([^\/]+)$/; + $hincf = "<openssl/$1>"; + } else { + $hincf = "\"$hfile\""; + } + open (OUT,">$cfile") || die "Can't open $cfile for writing"; @@ -351,7 +357,7 @@ #include <stdio.h> #include <openssl/err.h> -#include <openssl/$hincf> +#include $hincf /* BEGIN ERROR CODES */ #ifndef NO_ERR