mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-14 21:47:19 +02:00
Add subjectAltName to the list of known critical extensions
This commit is contained in:
Werner Koch
parent
e6ba1780cc
commit
05277262bc
2 changed files with 10 additions and 0 deletions
|
|
@ -1,3 +1,7 @@
|
||||||
|
2007-01-05 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* certchain.c (unknown_criticals): Add subjectAltName.
|
||||||
|
|
||||||
2006-12-21 Werner Koch <wk@g10code.com>
|
2006-12-21 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
* gpgsm.c: Comment mtrace feature.
|
* gpgsm.c: Comment mtrace feature.
|
||||||
|
|
|
||||||
|
|
@ -137,6 +137,12 @@ unknown_criticals (ksba_cert_t cert, int listmode, FILE *fp)
|
||||||
{
|
{
|
||||||
static const char *known[] = {
|
static const char *known[] = {
|
||||||
"2.5.29.15", /* keyUsage */
|
"2.5.29.15", /* keyUsage */
|
||||||
|
"2.5.29.17", /* subjectAltName
|
||||||
|
Japanese DoCoMo certs mark them as critical. PKIX
|
||||||
|
only requires them as critical if subjectName is
|
||||||
|
empty. I don't know whether our code gracefully
|
||||||
|
handles such empry subjectNames but that is
|
||||||
|
another story. */
|
||||||
"2.5.29.19", /* basic Constraints */
|
"2.5.29.19", /* basic Constraints */
|
||||||
"2.5.29.32", /* certificatePolicies */
|
"2.5.29.32", /* certificatePolicies */
|
||||||
"2.5.29.37", /* extendedKeyUsage - handled by certlist.c */
|
"2.5.29.37", /* extendedKeyUsage - handled by certlist.c */
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue