Support faulty X509 v1 certificates with extensions (POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)

commit: c27c4e2efb0656e27103a7f59c819a2cdbdc5588 [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Mon Sep 23 15:01:36 2013 +0200
committer: Paul Bakker <p.j.bakker@polarssl.org> Mon Sep 23 15:01:36 2013 +0200
tree: cbab868288704d563999ebc16e8d07877123047d
parent: 15b9b3a7e074421ff2e1febba0dbb8a340e74c4f [diff] [blame]
diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index aa35af2..737e5b4 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h

@@ -661,6 +661,17 @@
 #define POLARSSL_SSL_TRUNCATED_HMAC
 
 /**
+ * \def POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3
+ *
+ * If set, the X509 parser will not break-off when parsing an X509 certificate
+ * and encountering an extension in a v1 or v2 certificate.
+ *
+ * Uncomment to prevent an error.
+ *
+#define POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3
+ */
+
+/**
  * \def POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
  *
  * If set, the X509 parser will not break-off when parsing an X509 certificate
commit	c27c4e2efb0656e27103a7f59c819a2cdbdc5588	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Mon Sep 23 15:01:36 2013 +0200
committer	Paul Bakker <p.j.bakker@polarssl.org>	Mon Sep 23 15:01:36 2013 +0200
tree	cbab868288704d563999ebc16e8d07877123047d
parent	15b9b3a7e074421ff2e1febba0dbb8a340e74c4f [diff] [blame]