security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

Add subjectAltName to the list of known critical extensions

This commit is contained in:
Werner Koch 2007-01-05 11:49:19 +00:00
parent e6ba1780cc
commit 05277262bc
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sm/ChangeLog
View File

@ -1,3 +1,7 @@
2007-01-05 Werner Koch <wk@g10code.com>
* certchain.c (unknown_criticals): Add subjectAltName.
2006-12-21 Werner Koch <wk@g10code.com>
* gpgsm.c: Comment mtrace feature.

6
sm/certchain.c
View File

@ -137,6 +137,12 @@ unknown_criticals (ksba_cert_t cert, int listmode, FILE *fp)
{
static const char *known[] = {
"2.5.29.15", /* keyUsage */
"2.5.29.17", /* subjectAltName
Japanese DoCoMo certs mark them as critical. PKIX
only requires them as critical if subjectName is
empty. I don't know whether our code gracefully
handles such empry subjectNames but that is
another story. */
"2.5.29.19", /* basic Constraints */
"2.5.29.32", /* certificatePolicies */
"2.5.29.37", /* extendedKeyUsage - handled by certlist.c */