Cypherpunks.ru repositories - gostls13.git/commit

author	Adam Langley <agl@golang.org>
	Fri, 6 Oct 2017 19:46:22 +0000 (12:46 -0700)
committer	Russ Cox <rsc@golang.org>
	Wed, 25 Oct 2017 20:23:24 +0000 (20:23 +0000)
commit	bfc22319aa349f014a34d73cff074bf3cce0df9c
tree	48274935a6879282827cde422df120ec76d88d48	tree
parent	a1e34abfb388237c46eaa133e2737a72f5693e24	commit \| diff

[release-branch.go1.9] crypto/x509: reject intermediates with unknown critical extensions.

In https://golang.org/cl/9390 I messed up and put the critical extension
test in the wrong function. Thus it only triggered for leaf certificates
and not for intermediates or roots.

In practice, this is not expected to have a security impact in the web
PKI.

Change-Id: I4f2464ef2fb71b5865389901f293062ba1327702
Reviewed-on: https://go-review.googlesource.com/69294
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
Reviewed-on: https://go-review.googlesource.com/70983
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>

src/crypto/x509/verify.go		diff \| blob \| history
src/crypto/x509/verify_test.go		diff \| blob \| history
src/crypto/x509/x509_test.go		diff \| blob \| history