oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

BasicConstraints vs criticality bit is complicated and not really

Browse Source 
possible to evaluate on its own, silly RFC3280.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19820 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2007-01-10 22:11:34 +00:00
parent 72a7e4b1cb
commit e797c5a42c
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/hx509/print.c
View File

@@ -450,8 +450,12 @@ check_basicConstraints(hx509_validate_ctx ctx,
"\tpathLenConstraint: %d\n", *b.pathLenConstraint);
if (b.cA) {
if (*b.cA)
if (*b.cA) {
if (!e->critical)
validate_print(ctx, HX509_VALIDATE_F_VALIDATE,
"Is a CA and not BasicConstraints CRITICAL\n");
status->isca = 1;
}
else
validate_print(ctx, HX509_VALIDATE_F_VALIDATE,
"cA is FALSE, not allowed to be\n");
@@ -487,7 +491,7 @@ struct {
{ ext(keyUsage, Null), S_C },
{ ext(subjectAltName, subjectAltName), M_N_C },
{ ext(issuerAltName, issuerAltName), S_N_C },
{ ext(basicConstraints, basicConstraints), M_C },
{ ext(basicConstraints, basicConstraints), D_C },
{ ext(cRLNumber, Null), M_N_C },
{ ext(cRLReason, Null), M_N_C },
{ ext(holdInstructionCode, Null), M_N_C },