diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2017-06-08 13:35:47 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2017-06-14 10:03:13 +0200 |
| commit | e793d65acdcf37ac84cab0b9cfe9459a1793d7df (patch) | |
| tree | b57f00974646fe05577ec7dddec3c54896174204 /src/libstrongswan/plugins/openssl | |
| parent | dad4f6a178af841ecc5b01d830c3610027f8b84e (diff) | |
| download | strongswan-e793d65acdcf37ac84cab0b9cfe9459a1793d7df.tar.bz2 strongswan-e793d65acdcf37ac84cab0b9cfe9459a1793d7df.tar.xz | |
openssl: Properly handle flags in key usage extension
Diffstat (limited to 'src/libstrongswan/plugins/openssl')
| -rw-r--r-- | src/libstrongswan/plugins/openssl/openssl_x509.c | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/src/libstrongswan/plugins/openssl/openssl_x509.c b/src/libstrongswan/plugins/openssl/openssl_x509.c index e95eb729b..e03a4255d 100644 --- a/src/libstrongswan/plugins/openssl/openssl_x509.c +++ b/src/libstrongswan/plugins/openssl/openssl_x509.c @@ -686,15 +686,13 @@ static bool parse_keyUsage_ext(private_openssl_x509_t *this, { flags |= usage->data[1] << 8; } - switch (flags) + if (flags & X509v3_KU_CRL_SIGN) { - case X509v3_KU_CRL_SIGN: - this->flags |= X509_CRL_SIGN; - break; - case X509v3_KU_KEY_CERT_SIGN: - /* we use the caBasicContraint, MUST be set */ - default: - break; + this->flags |= X509_CRL_SIGN; + } + if (flags & X509v3_KU_KEY_CERT_SIGN) + { + /* we use the caBasicContraint, MUST be set */ } } ASN1_BIT_STRING_free(usage); |