From e0b445c6976155525b005e3f2559763d82a0d9e6 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Fri, 11 Aug 2006 23:28:44 +0000
Subject: Add NID_certificate_policies to the list of supported extensions so
 that our certificates will stop throwing critical exception errors. This
 should be ok since "openssl verify" at least claims to be checking policies
 if given the (undocumented) -policy etc switches. (needs further testing).

svn path=/openssl/trunk/crypto/x509v3/v3_purp.c; revision=149
---
 openssl/trunk/crypto/x509v3/v3_purp.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'openssl/trunk/crypto/x509v3/v3_purp.c')

diff --git a/openssl/trunk/crypto/x509v3/v3_purp.c b/openssl/trunk/crypto/x509v3/v3_purp.c
index d5f2166a..ae05b39b 100644
--- a/openssl/trunk/crypto/x509v3/v3_purp.c
+++ b/openssl/trunk/crypto/x509v3/v3_purp.c
@@ -285,6 +285,7 @@ int X509_supported_extension(X509_EXTENSION *ex)
         	NID_key_usage,		/* 83 */
 		NID_subject_alt_name,	/* 85 */
 		NID_basic_constraints,	/* 87 */
+		NID_certificate_policies, /* 89 */
         	NID_ext_key_usage,	/* 126 */
 		NID_sbgp_ipAddrBlock,	/* 290 */
 		NID_sbgp_autonomousSysNum, /* 291 */
-- 
cgit v1.2.3