Recognize critical IssuingDistributionPoint CRL extension
authorAndreas Steffen <andreas.steffen@strongswan.org>
Fri, 12 Jul 2013 07:00:47 +0000 (09:00 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Fri, 12 Jul 2013 07:00:47 +0000 (09:00 +0200)
src/libstrongswan/asn1/oid.txt
src/libstrongswan/plugins/openssl/openssl_crl.c
src/libstrongswan/plugins/x509/x509_crl.c

index 6030aa1..740dc50 100644 (file)
@@ -48,7 +48,7 @@
     0x17                     "holdInstructionCode"
     0x18                     "invalidityDate"
     0x1B                     "deltaCrlIndicator"               OID_DELTA_CRL_INDICATOR
-    0x1C                     "issuingDistributionPoint"
+    0x1C                     "issuingDistributionPoint"        OID_ISSUING_DIST_POINT
     0x1D                     "certificateIssuer"
     0x1E                     "nameConstraints"                 OID_NAME_CONSTRAINTS
     0x1F                     "crlDistributionPoints"   OID_CRL_DISTRIBUTION_POINTS
index d4f36f5..18aa5ce 100644 (file)
@@ -464,6 +464,10 @@ static bool parse_extensions(private_openssl_crl_t *this)
                                case NID_crl_number:
                                        ok = parse_crlNumber_ext(this, ext);
                                        break;
+                               case NID_issuing_distribution_point:
+                                       /* TODO support of IssuingDistributionPoints */
+                                       ok = TRUE;
+                                       break;
                                default:
                                        ok = X509_EXTENSION_get_critical(ext) == 0 ||
                                                 !lib->settings->get_bool(lib->settings,
index 5350d4a..efb70c9 100644 (file)
@@ -320,6 +320,9 @@ static bool parse(private_x509_crl_t *this)
                                                }
                                                this->baseCrlNumber = object;
                                                break;
+                                       case OID_ISSUING_DIST_POINT:
+                                               /* TODO support of IssuingDistributionPoints */
+                                               break;
                                        default:
                                                if (critical && lib->settings->get_bool(lib->settings,
                                                        "libstrongswan.x509.enforce_critical", TRUE))