From a52c9be0b2368168c53460d9ce0c67017b7e1352 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Fri, 3 Aug 2007 00:19:51 +0000
Subject: [PATCH] provide slightly helpful text for unknown CRL extensions.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21798 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/hx509/revoke.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/lib/hx509/revoke.c b/lib/hx509/revoke.c
index 588ff6281..997fa9307 100644
--- a/lib/hx509/revoke.c
+++ b/lib/hx509/revoke.c
@@ -673,10 +673,16 @@ hx509_revoke_verify(hx509_context context,
 	    crl->verified = 1;
 	}
 
-	if (crl->crl.tbsCertList.crlExtensions)
-	    for (j = 0; j < crl->crl.tbsCertList.crlExtensions->len; j++)
-		if (crl->crl.tbsCertList.crlExtensions->val[j].critical)
+	if (crl->crl.tbsCertList.crlExtensions) {
+	    for (j = 0; j < crl->crl.tbsCertList.crlExtensions->len; j++) {
+		if (crl->crl.tbsCertList.crlExtensions->val[j].critical) {
+		    hx509_set_error_string(context, 0, 
+					   HX509_CRL_UNKNOWN_EXTENSION,
+					   "Unknown CRL extension");
 		    return HX509_CRL_UNKNOWN_EXTENSION;
+		}
+	    }
+	}
 
 	if (crl->crl.tbsCertList.revokedCertificates == NULL)
 	    return 0;