projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 00a0da2) | patch
Set X509_V_ERR_INVALID_EXTENSION error for invalid basic constraints
authorTomas Mraz <tmraz@fedoraproject.org>
Thu, 2 Apr 2020 15:31:21 +0000 (17:31 +0200)
committerTomas Mraz <tmraz@fedoraproject.org>
Mon, 6 Apr 2020 08:28:48 +0000 (10:28 +0200)
commit29e94f285f7f05b1aec6fa275e320bc5fa37ab1e
tree9e6f455bba33a22a6520754bf3d36cd62e5d915atree | snapshot
parent00a0da2f021e6a0bc9519a6a9e5be66d45e6fc91commit | diff
Set X509_V_ERR_INVALID_EXTENSION error for invalid basic constraints

If we encounter certificate with basic constraints CA:false,
pathlen present and X509_V_FLAG_X509_STRICT is set we set
X509_V_ERR_INVALID_EXTENSION error.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11463)

(cherry picked from commit fa86e2ee3533bb7fa9f3c62c38920cf960e9fec0)
crypto/x509/x509_vfy.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.