summaryrefslogtreecommitdiffstats
path: root/crypto/x509v3
diff options
context:
space:
mode:
authorBen Laurie <ben@openssl.org>2012-12-14 12:53:53 +0000
committerBen Laurie <ben@openssl.org>2012-12-14 12:53:53 +0000
commitd65b8b2162f33ac0d53dace588a0847ed827626c (patch)
tree7fc5f91d14728ccb6934605677bd537b847e6998 /crypto/x509v3
parent5dca1e338c068931a1cdcb76d8db303a3d3dce25 (diff)
Backport OCSP fixes.
Diffstat (limited to 'crypto/x509v3')
-rw-r--r--crypto/x509v3/v3_purp.c6
-rw-r--r--crypto/x509v3/x509v3.h1
2 files changed, 6 insertions, 1 deletions
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index 2cc75eecaa..b1eeaf9cf1 100644
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -87,7 +87,7 @@ static X509_PURPOSE xstandard[] = {
{X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0, check_purpose_smime_encrypt, "S/MIME encryption", "smimeencrypt", NULL},
{X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL},
{X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, "Any Purpose", "any", NULL},
- {X509_PURPOSE_OCSP_HELPER, X509_TRUST_COMPAT, 0, ocsp_helper, "OCSP helper", "ocsphelper", NULL},
+ {X509_PURPOSE_OCSP_HELPER, X509_TRUST_OCSP_SIGN, 0, ocsp_helper, "OCSP helper", "ocsphelper", NULL},
{X509_PURPOSE_TIMESTAMP_SIGN, X509_TRUST_TSA, 0, check_purpose_timestamp_sign, "Time Stamp signing", "timestampsign", NULL},
};
@@ -447,6 +447,10 @@ static void x509v3_cache_extensions(X509 *x)
case NID_dvcs:
x->ex_xkusage |= XKU_DVCS;
break;
+
+ case NID_anyExtendedKeyUsage:
+ x->ex_xkusage |= XKU_ANYEKU;
+ break;
}
}
sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free);
diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h
index b308abe7cd..34909475ae 100644
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -451,6 +451,7 @@ struct ISSUING_DIST_POINT_st
#define XKU_OCSP_SIGN 0x20
#define XKU_TIMESTAMP 0x40
#define XKU_DVCS 0x80
+#define XKU_ANYEKU 0x100
#define X509_PURPOSE_DYNAMIC 0x1
#define X509_PURPOSE_DYNAMIC_NAME 0x2