diff options
author | lloyd <[email protected]> | 2006-06-25 06:06:03 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2006-06-25 06:06:03 +0000 |
commit | c245cbdee2e3df68fa626c7e48e1a2f9e8b83e6b (patch) | |
tree | 3b6a9771f4ad4ce0d2bcecab91d6012ebe0eee76 | |
parent | 10a5f69fba2b5e5b5a93343c3e3f7a1e79879894 (diff) |
Respect configuration parameters for if an extension should be
marked critical in a new certificate.
-rw-r--r-- | src/x509_ext.cpp | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/src/x509_ext.cpp b/src/x509_ext.cpp index ddb99a8fb..4cb462d5e 100644 --- a/src/x509_ext.cpp +++ b/src/x509_ext.cpp @@ -35,9 +35,21 @@ void Extensions::encode_into(DER_Encoder& to_object) const { const Certificate_Extension* ext = extensions[j]; - bool is_critical = false; + std::string setting; - bool should_encode = ext->should_encode(); + if(ext->config_id() != "") + setting = Config::get_string("x509/exts/" + ext->config_id()); + + if(setting == "") + setting = "yes"; + + if(setting != "yes" && setting != "no" && setting != "critical") + throw Invalid_Argument("X509_CA:: Invalid value for option " + "x509/exts/" + ext->config_id() + " of " + + setting); + + bool is_critical = (setting == "critical"); + bool should_encode = ext->should_encode() && (setting != "no"); if(should_encode) { |