Recognize critical IssuingDistributionPoint CRL extension
This commit is contained in:
parent
0a013e1af5
commit
126778679f
|
@ -48,7 +48,7 @@
|
|||
0x17 "holdInstructionCode"
|
||||
0x18 "invalidityDate"
|
||||
0x1B "deltaCrlIndicator" OID_DELTA_CRL_INDICATOR
|
||||
0x1C "issuingDistributionPoint"
|
||||
0x1C "issuingDistributionPoint" OID_ISSUING_DIST_POINT
|
||||
0x1D "certificateIssuer"
|
||||
0x1E "nameConstraints" OID_NAME_CONSTRAINTS
|
||||
0x1F "crlDistributionPoints" OID_CRL_DISTRIBUTION_POINTS
|
||||
|
|
|
@ -464,6 +464,10 @@ static bool parse_extensions(private_openssl_crl_t *this)
|
|||
case NID_crl_number:
|
||||
ok = parse_crlNumber_ext(this, ext);
|
||||
break;
|
||||
case NID_issuing_distribution_point:
|
||||
/* TODO support of IssuingDistributionPoints */
|
||||
ok = TRUE;
|
||||
break;
|
||||
default:
|
||||
ok = X509_EXTENSION_get_critical(ext) == 0 ||
|
||||
!lib->settings->get_bool(lib->settings,
|
||||
|
|
|
@ -320,6 +320,9 @@ static bool parse(private_x509_crl_t *this)
|
|||
}
|
||||
this->baseCrlNumber = object;
|
||||
break;
|
||||
case OID_ISSUING_DIST_POINT:
|
||||
/* TODO support of IssuingDistributionPoints */
|
||||
break;
|
||||
default:
|
||||
if (critical && lib->settings->get_bool(lib->settings,
|
||||
"libstrongswan.x509.enforce_critical", TRUE))
|
||||
|
|
Loading…
Reference in New Issue