aboutsummaryrefslogtreecommitdiff
path: root/openssl/trunk/crypto/x509v3/v3_asid.c
diff options
context:
space:
mode:
authorRob Austein <sra@hactrn.net>2006-08-16 07:40:43 +0000
committerRob Austein <sra@hactrn.net>2006-08-16 07:40:43 +0000
commit7eaa6a02cc58ae4cd47bdfc746bb3d256fe0693c (patch)
tree4df5b7a5e37b7e1e34e7ad248f8e283f270b43c2 /openssl/trunk/crypto/x509v3/v3_asid.c
parente8f93a484d9640c8c439e46a42cb878d7c2ea1de (diff)
Tweaks to get null inheritance working
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=160
Diffstat (limited to 'openssl/trunk/crypto/x509v3/v3_asid.c')
-rw-r--r--openssl/trunk/crypto/x509v3/v3_asid.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/openssl/trunk/crypto/x509v3/v3_asid.c b/openssl/trunk/crypto/x509v3/v3_asid.c
index 0ecafb0c..bcc00200 100644
--- a/openssl/trunk/crypto/x509v3/v3_asid.c
+++ b/openssl/trunk/crypto/x509v3/v3_asid.c
@@ -693,10 +693,11 @@ int v3_asid_validate_path(X509_STORE_CTX *ctx)
x = sk_X509_value(ctx->chain, i);
assert(x != NULL);
if (x->rfc3779_asid == NULL) {
- validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+ if (child_as != NULL || child_rdi != NULL)
+ validation_err(X509_V_ERR_UNNESTED_RESOURCE);
continue;
}
- if (x->rfc3779_asid->asnum == NULL && (child_as != NULL || inherit_as)) {
+ if (x->rfc3779_asid->asnum == NULL && child_as != NULL) {
validation_err(X509_V_ERR_UNNESTED_RESOURCE);
child_as = NULL;
inherit_as = 0;
@@ -711,7 +712,7 @@ int v3_asid_validate_path(X509_STORE_CTX *ctx)
validation_err(X509_V_ERR_UNNESTED_RESOURCE);
}
}
- if (x->rfc3779_asid->rdi == NULL && (child_rdi != NULL || inherit_rdi)) {
+ if (x->rfc3779_asid->rdi == NULL && child_rdi != NULL) {
validation_err(X509_V_ERR_UNNESTED_RESOURCE);
child_rdi = NULL;
inherit_rdi = 0;
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-12 09:41:00 +0000