diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-08-25 16:46:18 +0200 |
---|---|---|
committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-09-11 07:42:22 +0200 |
commit | da6c691d6d417ad413fdc1e7a7a183d005e7fefd (patch) | |
tree | f2aafc6b4b593e289ebf52719d8dd6ae427aeefe /crypto/x509/v3_purp.c | |
parent | 89f13ca4342be5b541b0885e3058617e5cce0de8 (diff) | |
download | openssl-new-da6c691d6d417ad413fdc1e7a7a183d005e7fefd.tar.gz |
check_chain_extensions(): Add check that on empty Subject the SAN must be marked critical
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12478)
Diffstat (limited to 'crypto/x509/v3_purp.c')
-rw-r--r-- | crypto/x509/v3_purp.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/crypto/x509/v3_purp.c b/crypto/x509/v3_purp.c index bced482df4..2d4098b629 100644 --- a/crypto/x509/v3_purp.c +++ b/crypto/x509/v3_purp.c @@ -608,6 +608,9 @@ int x509v3_cache_extensions(X509 *x) case NID_subject_key_identifier: x->ex_flags |= EXFLAG_SKID_CRITICAL; break; + case NID_subject_alt_name: + x->ex_flags |= EXFLAG_SAN_CRITICAL; + break; default: break; } |