github/OpenVPNAdapter
4
0
Fork 0
mirror of https://github.com/deneraraujo/OpenVPNAdapter.git synced 2026-04-24 00:00:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

Apply patches to openvpn3 dependencies

Browse Source
This commit is contained in:
Sergey Abramchuk
2020-03-04 11:57:35 +03:00
parent 1e77a600a4
commit 6b782a9309
15 changed files with 212 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Sources/mbedTLS/library/x509_crt.c
+8 -2
View File
@@ -539,6 +539,7 @@ static int x509_get_crt_ext( unsigned char **p,
int ret;
size_t len;
unsigned char *end_ext_data, *end_ext_octet;
int is_supported;
if( *p == end )
return( 0 );
@@ -593,9 +594,9 @@ static int x509_get_crt_ext( unsigned char **p,
/*
* Detect supported extensions
*/
ret = mbedtls_oid_get_x509_ext_type( &extn_oid, &ext_type );
ret = mbedtls_oid_get_x509_ext_type_supported( &extn_oid, &ext_type, &is_supported );
if( ret != 0 )
if( ( ret != 0 ) || ( is_supported == 0 ) )
{
/* No parser found, skip extension */
*p = end_ext_octet;
@@ -603,6 +604,10 @@ static int x509_get_crt_ext( unsigned char **p,
#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
if( is_critical )
{
/* Do not fail if extension is found, but unsupported and allowed in runtime */
if( ( ret == 0 ) && ( ext_type & crt->allowed_unsupported_critical_exts ) )
continue;
/* Data is marked as critical: fail */
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
@@ -956,6 +961,7 @@ int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, const unsigned char *bu
prev = crt;
mbedtls_x509_crt_init( crt->next );
crt->next->allowed_unsupported_critical_exts = crt->allowed_unsupported_critical_exts;
crt = crt->next;
}