diff options
Diffstat (limited to 'ssl/ssl_rsa.c')
-rw-r--r-- | ssl/ssl_rsa.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index b32a7b90bb..3a222e5571 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -14,6 +14,7 @@ #include <openssl/objects.h> #include <openssl/evp.h> #include <openssl/x509.h> +#include <openssl/x509v3.h> #include <openssl/pem.h> static int ssl_set_cert(CERT *c, X509 *x509); @@ -31,6 +32,10 @@ int SSL_use_certificate(SSL *ssl, X509 *x) SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER); return 0; } + if (!X509v3_cache_extensions(x, ssl->ctx->libctx, ssl->ctx->propq)) { + SSLerr(0, ERR_LIB_X509); + return 0; + } rv = ssl_security_cert(ssl, NULL, x, 0, 1); if (rv != 1) { SSLerr(SSL_F_SSL_USE_CERTIFICATE, rv); @@ -305,6 +310,10 @@ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER); return 0; } + if (!X509v3_cache_extensions(x, ctx->libctx, ctx->propq)) { + SSLerr(0, ERR_LIB_X509); + return 0; + } rv = ssl_security_cert(NULL, ctx, x, 0, 1); if (rv != 1) { SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, rv); |