Recognize critical IssuingDistributionPoint CRL extension

2013-07-12 09:00:47 +02:00 · 2013-07-12 09:00:47 +02:00 · 126778679f
parent 0a013e1af5
commit 126778679f
3 changed files with 8 additions and 1 deletions
--- a/src/libstrongswan/asn1/oid.txt
+++ b/src/libstrongswan/asn1/oid.txt
@ -48,7 +48,7 @@
    0x17                     "holdInstructionCode"
    0x18                     "invalidityDate"
    0x1B                     "deltaCrlIndicator"		OID_DELTA_CRL_INDICATOR
-    0x1C                     "issuingDistributionPoint"
+    0x1C                     "issuingDistributionPoint"	OID_ISSUING_DIST_POINT
    0x1D                     "certificateIssuer"
    0x1E                     "nameConstraints"			OID_NAME_CONSTRAINTS
    0x1F                     "crlDistributionPoints"	OID_CRL_DISTRIBUTION_POINTS
--- a/src/libstrongswan/plugins/openssl/openssl_crl.c
+++ b/src/libstrongswan/plugins/openssl/openssl_crl.c
@ -464,6 +464,10 @@ static bool parse_extensions(private_openssl_crl_t *this)
 				case NID_crl_number:
 					ok = parse_crlNumber_ext(this, ext);
 					break;
+				case NID_issuing_distribution_point:
+					/* TODO support of IssuingDistributionPoints */
+					ok = TRUE;
+					break;
 				default:
 					ok = X509_EXTENSION_get_critical(ext) == 0 ||
 						 !lib->settings->get_bool(lib->settings,
--- a/src/libstrongswan/plugins/x509/x509_crl.c
+++ b/src/libstrongswan/plugins/x509/x509_crl.c
@ -320,6 +320,9 @@ static bool parse(private_x509_crl_t *this)
 						}
 						this->baseCrlNumber = object;
 						break;
+					case OID_ISSUING_DIST_POINT:
+						/* TODO support of IssuingDistributionPoints */
+						break;
 					default:
 						if (critical && lib->settings->get_bool(lib->settings,
 							"libstrongswan.x509.enforce_critical", TRUE))