sync
This commit is contained in:
parent
451579e149
commit
a2dd1eda92
GPG key ID:
F42C07F07E2E35B7
89 changed files with 1343 additions and 775 deletions
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: x509_purp.c,v 1.25 2023/04/23 21:49:15 job Exp $ */
|
||||
/* $OpenBSD: x509_purp.c,v 1.26 2023/06/20 14:21:19 tb Exp $ */
|
||||
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project 2001.
|
||||
*/
|
||||
|
|
@ -449,6 +449,7 @@ x509v3_cache_extensions_internal(X509 *x)
|
|||
ASN1_BIT_STRING *ns;
|
||||
EXTENDED_KEY_USAGE *extusage;
|
||||
X509_EXTENSION *ex;
|
||||
long version;
|
||||
int i;
|
||||
|
||||
if (x->ex_flags & EXFLAG_SET)
|
||||
|
|
@ -456,12 +457,18 @@ x509v3_cache_extensions_internal(X509 *x)
|
|||
|
||||
X509_digest(x, X509_CERT_HASH_EVP, x->hash, NULL);
|
||||
|
||||
/* V1 should mean no extensions ... */
|
||||
if (X509_get_version(x) == 0) {
|
||||
version = X509_get_version(x);
|
||||
if (version < 0 || version > 2)
|
||||
x->ex_flags |= EXFLAG_INVALID;
|
||||
if (version == 0) {
|
||||
x->ex_flags |= EXFLAG_V1;
|
||||
if (X509_get_ext_count(x) != 0)
|
||||
/* UIDs may only appear in v2 or v3 certs */
|
||||
if (x->cert_info->issuerUID != NULL ||
|
||||
x->cert_info->subjectUID != NULL)
|
||||
x->ex_flags |= EXFLAG_INVALID;
|
||||
}
|
||||
if (version != 2 && X509_get_ext_count(x) != 0)
|
||||
x->ex_flags |= EXFLAG_INVALID;
|
||||
|
||||
/* Handle basic constraints */
|
||||
if ((bs = X509_get_ext_d2i(x, NID_basic_constraints, &i, NULL))) {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue