From 564d88a8bd190a21b362d6da535fccf74d33394d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 2 Dec 2019 10:55:33 +0100
Subject: openssl: CURLSSLOPT_NO_PARTIALCHAIN can disable partial cert chains

Closes #4655
---
 include/curl/curl.h | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'include')

diff --git a/include/curl/curl.h b/include/curl/curl.h
index a6d555819..bef8a0bca 100644
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -828,6 +828,10 @@ typedef enum {
    SSL backends where such behavior is present. */
 #define CURLSSLOPT_NO_REVOKE (1<<1)
 
+/* - NO_PARTIALCHAIN tells libcurl to *NOT* accept a partial certificate chain
+   if possible. The OpenSSL backend has this ability. */
+#define CURLSSLOPT_NO_PARTIALCHAIN (1<<2)
+
 /* The default connection attempt delay in milliseconds for happy eyeballs.
    CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.3 and happy-eyeballs-timeout-ms.d document
    this value, keep them in sync. */
-- 
cgit v1.2.3