Reject certificates with unhandled critical extensions.

author: Dr. Stephen Henson <steve@openssl.org> 2001-10-21 02:09:15 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2001-10-21 02:09:15 +0000
commit: f1558bb4243d83781793ed758367bd71d0983a35 (patch)
tree: e1971f6bf6360b9cd2e1fad6ad8f77ed4b916063 /crypto/x509/x509_txt.c
parent: 6ca487992bc63d45f9780c6b83eecf025830e34b (diff)
download: openssl-new-f1558bb4243d83781793ed758367bd71d0983a35.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/crypto/x509/x509_txt.c b/crypto/x509/x509_txt.c
index bcf38a6c91..4f83db8ba2 100644
--- a/crypto/x509/x509_txt.c
+++ b/crypto/x509/x509_txt.c
@@ -144,6 +144,9 @@ const char *X509_verify_cert_error_string(long n)
 	case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
 		return("unable to get CRL issuer certificate");
 
+	case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
+		return("unhandled critical extension");
+
 	default:
 		sprintf(buf,"error number %ld",n);
 		return(buf);
author	Dr. Stephen Henson <steve@openssl.org>	2001-10-21 02:09:15 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2001-10-21 02:09:15 +0000
commit	f1558bb4243d83781793ed758367bd71d0983a35 (patch)
tree	e1971f6bf6360b9cd2e1fad6ad8f77ed4b916063 /crypto/x509/x509_txt.c
parent	6ca487992bc63d45f9780c6b83eecf025830e34b (diff)
download	openssl-new-f1558bb4243d83781793ed758367bd71d0983a35.tar.gz