x509: Add flag that marks compliance with RFC 4945
authorTobias Brunner <tobias@strongswan.org>
Wed, 25 Apr 2018 08:48:21 +0000 (10:48 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 22 May 2018 07:50:47 +0000 (09:50 +0200)
commit9fcf4fdda1acafbdebb099564e25633677877e55
treed8807909026fc3bc1da8f12328aacdd14d5b6fb6
parent598096e7a2332b974e0cd75f568dc0d38f8f7467
x509: Add flag that marks compliance with RFC 4945

According to RFC 4945, section 5.1.3.2, a certificate for IKE must
either not contain the keyUsage extension, or, if it does, have at least
one of the digitalSignature or nonReputiation bits set.
src/libstrongswan/credentials/certificates/x509.h