Tolerate critical AKID in CRLs.

author Dr. Stephen Henson <steve@openssl.org>

Fri, 27 Jun 2014 17:49:32 +0000 (18:49 +0100)

committer Dr. Stephen Henson <steve@openssl.org>

Fri, 27 Jun 2014 17:50:19 +0000 (18:50 +0100)
author Dr. Stephen Henson <steve@openssl.org>
Fri, 27 Jun 2014 17:49:32 +0000 (18:49 +0100)
committer Dr. Stephen Henson <steve@openssl.org>
Fri, 27 Jun 2014 17:50:19 +0000 (18:50 +0100)
diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c

index a4dfee8473880123c0c38b7b61b4386ae586fb63..dc0106365a7d75229048996a6f9a3dfffa81a86c 100644 (file)
--- a/crypto/asn1/x_crl.c
+++ b/crypto/asn1/x_crl.c
@@ -270,6 +270,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
                                 {
                                 /* We handle IDP and deltas */
                                 if ((nid == NID_issuing_distribution_point)
                                 {
                                 /* We handle IDP and deltas */
                                 if ((nid == NID_issuing_distribution_point)
+                                       || (nid == NID_authority_key_identifier)
                                         || (nid == NID_delta_crl))
                                         break;;
                                 crl->flags |= EXFLAG_CRITICAL;
                                         || (nid == NID_delta_crl))
                                         break;;
                                 crl->flags |= EXFLAG_CRITICAL;
author	Dr. Stephen Henson <steve@openssl.org>
	Fri, 27 Jun 2014 17:49:32 +0000 (18:49 +0100)
committer	Dr. Stephen Henson <steve@openssl.org>
	Fri, 27 Jun 2014 17:50:19 +0000 (18:50 +0100)