From c245cbdee2e3df68fa626c7e48e1a2f9e8b83e6b Mon Sep 17 00:00:00 2001 From: lloyd Date: Sun, 25 Jun 2006 06:06:03 +0000 Subject: Respect configuration parameters for if an extension should be marked critical in a new certificate. --- src/x509_ext.cpp | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/x509_ext.cpp b/src/x509_ext.cpp index ddb99a8fb..4cb462d5e 100644 --- a/src/x509_ext.cpp +++ b/src/x509_ext.cpp @@ -35,9 +35,21 @@ void Extensions::encode_into(DER_Encoder& to_object) const { const Certificate_Extension* ext = extensions[j]; - bool is_critical = false; + std::string setting; - bool should_encode = ext->should_encode(); + if(ext->config_id() != "") + setting = Config::get_string("x509/exts/" + ext->config_id()); + + if(setting == "") + setting = "yes"; + + if(setting != "yes" && setting != "no" && setting != "critical") + throw Invalid_Argument("X509_CA:: Invalid value for option " + "x509/exts/" + ext->config_id() + " of " + + setting); + + bool is_critical = (setting == "critical"); + bool should_encode = ext->should_encode() && (setting != "no"); if(should_encode) { -- cgit v1.2.3