summaryrefslogtreecommitdiff
path: root/src/libstrongswan/plugins/openssl/openssl_crl.c
diff options
context:
space:
mode:
authorRené Mayrhofer <rene@mayrhofer.eu.org>2011-03-05 09:20:09 +0100
committerRené Mayrhofer <rene@mayrhofer.eu.org>2011-03-05 09:20:09 +0100
commit568905f488e63e28778f87ac0e38d845f45bae79 (patch)
treed9969a147e36413583ff4bc75542d34c955f8823 /src/libstrongswan/plugins/openssl/openssl_crl.c
parentf73fba54dc8b30c6482e1e8abf15bbf455592fcd (diff)
downloadvyos-strongswan-568905f488e63e28778f87ac0e38d845f45bae79.tar.gz
vyos-strongswan-568905f488e63e28778f87ac0e38d845f45bae79.zip
Imported Upstream version 4.5.1
Diffstat (limited to 'src/libstrongswan/plugins/openssl/openssl_crl.c')
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_crl.c11
1 files changed, 10 insertions, 1 deletions
diff --git a/src/libstrongswan/plugins/openssl/openssl_crl.c b/src/libstrongswan/plugins/openssl/openssl_crl.c
index b9d97a901..58401faa5 100644
--- a/src/libstrongswan/plugins/openssl/openssl_crl.c
+++ b/src/libstrongswan/plugins/openssl/openssl_crl.c
@@ -382,6 +382,8 @@ static private_openssl_crl_t *create_empty()
},
.get_serial = _get_serial,
.get_authKeyIdentifier = _get_authKeyIdentifier,
+ .is_delta_crl = (void*)return_false,
+ .create_delta_crl_uri_enumerator = (void*)enumerator_create_empty,
.create_enumerator = _create_enumerator,
},
},
@@ -458,7 +460,14 @@ static bool parse_extensions(private_openssl_crl_t *this)
ok = parse_crlNumber_ext(this, ext);
break;
default:
- ok = TRUE;
+ ok = X509_EXTENSION_get_critical(ext) == 0 ||
+ !lib->settings->get_bool(lib->settings,
+ "libstrongswan.x509.enforce_critical", TRUE);
+ if (!ok)
+ {
+ DBG1(DBG_LIB, "found unsupported critical X.509 "
+ "CRL extension");
+ }
break;
}
if (!ok)
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 06:50:47 +0000