Add support for CRLs partitioned by reason code.

Tidy CRL scoring system. Add new CRL path validation error.
author: Dr. Stephen Henson <steve@openssl.org> 2008-08-29 11:37:21 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2008-08-29 11:37:21 +0000
commit: 4b96839f069a2c9fef3d1feffca2880361181544 (patch)
tree: 629a9c6b65416dce84e31731bcc9a24f77dae7db /crypto/x509v3/v3_purp.c
parent: 249a77f5fb6407185e0a6ad44cd88eda2b6f8946 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index bdf72227e5..2234bf147a 100644
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -318,6 +318,16 @@ static void setup_dp(X509 *x, DIST_POINT *dp)
 	{
 	X509_NAME *iname = NULL;
 	int i;
+	if (dp->reasons)
+		{
+		if (dp->reasons->length > 0)
+			dp->dp_reasons = dp->reasons->data[0];
+		if (dp->reasons->length > 1)
+			dp->dp_reasons |= (dp->reasons->data[1] << 8);
+		dp->dp_reasons &= CRLDP_ALL_REASONS;
+		}
+	else
+		dp->dp_reasons = CRLDP_ALL_REASONS;
 	if (!dp->distpoint || (dp->distpoint->type != 1))
 		return;
 	for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++)
author	Dr. Stephen Henson <steve@openssl.org>	2008-08-29 11:37:21 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2008-08-29 11:37:21 +0000
commit	4b96839f069a2c9fef3d1feffca2880361181544 (patch)
tree	629a9c6b65416dce84e31731bcc9a24f77dae7db /crypto/x509v3/v3_purp.c
parent	249a77f5fb6407185e0a6ad44cd88eda2b6f8946 (diff)