Google Git
Sign in
pigweed / third_party / github / ARMmbed / mbedtls / 3cccddb2386cb87777f905c85157dffc572f57c8^! / . / library / x509parse.c
commit3cccddb2386cb87777f905c85157dffc572f57c8[log] [tgz]
authorPaul Bakker <p.j.bakker@polarssl.org>Sun Jan 16 21:46:31 2011 +0000
committerPaul Bakker <p.j.bakker@polarssl.org>Sun Jan 16 21:46:31 2011 +0000
tree9bcc23e47ac5e31cc6b1c992194843c9a968c86b
parentb619499eb3e01d9dc1647ee74c89dce56f7f87d7 [diff] [blame]
 - Fixed identification of non-critical CA certificates


diff --git a/library/x509parse.c b/library/x509parse.c
index 62c2947..7a5fdad 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c

@@ -724,7 +724,6 @@
 
 static int x509_get_basic_constraints( unsigned char **p,
                                        const unsigned char *end,
-                                       int is_critical,
                                        int *ca_istrue,
                                        int *max_pathlen )
 {
@@ -735,7 +734,7 @@
      *      cA                      BOOLEAN DEFAULT FALSE,
      *      pathLenConstraint       INTEGER (0..MAX) OPTIONAL }
      */
-    int is_cacert = 0; /* DEFAULT FALSE */
+    *ca_istrue = 0; /* DEFAULT FALSE */
     *max_pathlen = 0; /* endless */
 
     if( ( ret = asn1_get_tag( p, end, &len,
@@ -745,16 +744,16 @@
     if( *p == end )
         return 0;
 
-    if( ( ret = asn1_get_bool( p, end, &is_cacert ) ) != 0 )
+    if( ( ret = asn1_get_bool( p, end, ca_istrue ) ) != 0 )
     {
         if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
-            ret = asn1_get_int( p, end, &is_cacert );
+            ret = asn1_get_int( p, end, ca_istrue );
 
         if( ret != 0 )
             return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS | ret );
 
-        if( is_cacert != 0 )
-            is_cacert = 1;
+        if( *ca_istrue != 0 )
+            *ca_istrue = 1;
     }
 
     if( *p == end )
@@ -769,7 +768,6 @@
 
     (*max_pathlen)++;
 
-    *ca_istrue = is_critical & is_cacert;
     return 0;
 }
 
@@ -909,7 +907,7 @@
         {
             /* Parse basic constraints */
             if( ( ret = x509_get_basic_constraints( p, end_ext_octet,
-                    is_critical, &crt->ca_istrue, &crt->max_pathlen ) ) != 0 )
+                    &crt->ca_istrue, &crt->max_pathlen ) ) != 0 )
                 return ( ret );
             crt->ext_types |= EXT_BASIC_CONSTRAINTS;
         }