aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlloyd <[email protected]>2006-06-25 06:06:03 +0000
committerlloyd <[email protected]>2006-06-25 06:06:03 +0000
commitc245cbdee2e3df68fa626c7e48e1a2f9e8b83e6b (patch)
tree3b6a9771f4ad4ce0d2bcecab91d6012ebe0eee76
parent10a5f69fba2b5e5b5a93343c3e3f7a1e79879894 (diff)
Respect configuration parameters for if an extension should be
marked critical in a new certificate.
-rw-r--r--src/x509_ext.cpp16
1 files changed, 14 insertions, 2 deletions
diff --git a/src/x509_ext.cpp b/src/x509_ext.cpp
index ddb99a8fb..4cb462d5e 100644
--- a/src/x509_ext.cpp
+++ b/src/x509_ext.cpp
@@ -35,9 +35,21 @@ void Extensions::encode_into(DER_Encoder& to_object) const
{
const Certificate_Extension* ext = extensions[j];
- bool is_critical = false;
+ std::string setting;
- bool should_encode = ext->should_encode();
+ if(ext->config_id() != "")
+ setting = Config::get_string("x509/exts/" + ext->config_id());
+
+ if(setting == "")
+ setting = "yes";
+
+ if(setting != "yes" && setting != "no" && setting != "critical")
+ throw Invalid_Argument("X509_CA:: Invalid value for option "
+ "x509/exts/" + ext->config_id() + " of " +
+ setting);
+
+ bool is_critical = (setting == "critical");
+ bool should_encode = ext->should_encode() && (setting != "no");
if(should_encode)
{