add -trusted_first option and verify flag

commit: db28aa86e00b9121bee94d1e65506bf22d5ca6e3 [log] [tgz]
author: Dr. Stephen Henson <steve@openssl.org> Thu Feb 25 12:21:48 2010 +0000
committer: Dr. Stephen Henson <steve@openssl.org> Thu Feb 25 12:21:48 2010 +0000
tree: ffda33fe5c02e8d50223ecc29229b0c7b189dc26
parent: 2da2ff50650c8e372f7a0e0bc8d0091bc230517d [diff] [blame]
diff --git a/CHANGES b/CHANGES
index 7aae336..1a7d4c3 100644
--- a/CHANGES
+++ b/CHANGES

@@ -4,6 +4,10 @@
 
  Changes between 1.0.0 and 1.1.0  [xx XXX xxxx]
 
+  *) Add -trusted_first option which attempts to find certificates in the
+     trusted store even if an untrusted chain is also supplied.
+     [Steve Henson]
+
   *) Initial experimental support for explicitly trusted non-root CAs. 
      OpenSSL still tries to build a complete chain to a root but if an
      intermediate CA has a trust setting included that is used. The first
commit	db28aa86e00b9121bee94d1e65506bf22d5ca6e3	[log] [tgz]
author	Dr. Stephen Henson <steve@openssl.org>	Thu Feb 25 12:21:48 2010 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	Thu Feb 25 12:21:48 2010 +0000
tree	ffda33fe5c02e8d50223ecc29229b0c7b189dc26
parent	2da2ff50650c8e372f7a0e0bc8d0091bc230517d [diff] [blame]