git.ipfire.org Git - thirdparty/strongswan.git/commit

]> git.ipfire.org Git - thirdparty/strongswan.git/commit

projects / thirdparty / strongswan.git / commit

author	Tobias Brunner <tobias@strongswan.org>
	Wed, 29 Jul 2020 16:40:20 +0000 (18:40 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Mon, 5 Oct 2020 13:39:37 +0000 (15:39 +0200)
commit	7f170e4c9cb618c25ba7b85fa370db5265bbf15a
tree	f045921ce85645cb3f5f86b3391f11df3d6cc205	tree
parent	428c0b293d57faf9cb5173965bfccc5e3d4e8394	commit \| diff

openssl: Accept CRLs issued by non-CA certificates with cRLSign keyUsage flag

The x509 plugin accepted CRL signers since forever, to be precise, since
dffb176f2bc0 ("CRLSign keyUsage or CA basicConstraint are sufficient
for CRL validation")).

References #3529.

src/libstrongswan/plugins/openssl/openssl_crl.c

diff | blob | blame | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom