diff options
| author | tb <> | 2021-10-21 13:51:52 +0000 |
|---|---|---|
| committer | tb <> | 2021-10-21 13:51:52 +0000 |
| commit | b88b3d86e88503bc42f456f4a11d85ff1ab66633 (patch) | |
| tree | 1b908443e17f69b17a6f874828e03aab24b9d450 | |
| parent | 8c7aab3491f9d8d5936ec5ee93e3ddc0efb458cb (diff) | |
| download | openbsd-b88b3d86e88503bc42f456f4a11d85ff1ab66633.tar.gz openbsd-b88b3d86e88503bc42f456f4a11d85ff1ab66633.tar.bz2 openbsd-b88b3d86e88503bc42f456f4a11d85ff1ab66633.zip | |
Add XKU_ANYEKU #define and use it to cache the anyExtendedKeyUsage
extension. This is part of OpenSSL commit df4c395c which didn't make
it into our tree for some reason.
ok jsing
| -rw-r--r-- | src/lib/libcrypto/x509/x509_purp.c | 6 | ||||
| -rw-r--r-- | src/lib/libcrypto/x509/x509v3.h | 5 |
2 files changed, 8 insertions, 3 deletions
diff --git a/src/lib/libcrypto/x509/x509_purp.c b/src/lib/libcrypto/x509/x509_purp.c index 86ee27407e..3c05cc31b2 100644 --- a/src/lib/libcrypto/x509/x509_purp.c +++ b/src/lib/libcrypto/x509/x509_purp.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509_purp.c,v 1.7 2021/09/13 15:26:53 claudio Exp $ */ | 1 | /* $OpenBSD: x509_purp.c,v 1.8 2021/10/21 13:51:52 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| @@ -549,6 +549,10 @@ x509v3_cache_extensions(X509 *x) | |||
| 549 | case NID_dvcs: | 549 | case NID_dvcs: |
| 550 | x->ex_xkusage |= XKU_DVCS; | 550 | x->ex_xkusage |= XKU_DVCS; |
| 551 | break; | 551 | break; |
| 552 | |||
| 553 | case NID_anyExtendedKeyUsage: | ||
| 554 | x->ex_xkusage |= XKU_ANYEKU; | ||
| 555 | break; | ||
| 552 | } | 556 | } |
| 553 | } | 557 | } |
| 554 | sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free); | 558 | sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free); |
diff --git a/src/lib/libcrypto/x509/x509v3.h b/src/lib/libcrypto/x509/x509v3.h index abe93077a6..9467a666c5 100644 --- a/src/lib/libcrypto/x509/x509v3.h +++ b/src/lib/libcrypto/x509/x509v3.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509v3.h,v 1.5 2021/09/02 13:48:39 job Exp $ */ | 1 | /* $OpenBSD: x509v3.h,v 1.6 2021/10/21 13:51:52 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| @@ -446,7 +446,7 @@ struct ISSUING_DIST_POINT_st | |||
| 446 | #define NS_OBJSIGN_CA 0x01 | 446 | #define NS_OBJSIGN_CA 0x01 |
| 447 | #define NS_ANY_CA (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA) | 447 | #define NS_ANY_CA (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA) |
| 448 | 448 | ||
| 449 | #define XKU_SSL_SERVER 0x1 | 449 | #define XKU_SSL_SERVER 0x1 |
| 450 | #define XKU_SSL_CLIENT 0x2 | 450 | #define XKU_SSL_CLIENT 0x2 |
| 451 | #define XKU_SMIME 0x4 | 451 | #define XKU_SMIME 0x4 |
| 452 | #define XKU_CODE_SIGN 0x8 | 452 | #define XKU_CODE_SIGN 0x8 |
| @@ -454,6 +454,7 @@ struct ISSUING_DIST_POINT_st | |||
| 454 | #define XKU_OCSP_SIGN 0x20 | 454 | #define XKU_OCSP_SIGN 0x20 |
| 455 | #define XKU_TIMESTAMP 0x40 | 455 | #define XKU_TIMESTAMP 0x40 |
| 456 | #define XKU_DVCS 0x80 | 456 | #define XKU_DVCS 0x80 |
| 457 | #define XKU_ANYEKU 0x100 | ||
| 457 | 458 | ||
| 458 | #define X509_PURPOSE_DYNAMIC 0x1 | 459 | #define X509_PURPOSE_DYNAMIC 0x1 |
| 459 | #define X509_PURPOSE_DYNAMIC_NAME 0x2 | 460 | #define X509_PURPOSE_DYNAMIC_NAME 0x2 |