summaryrefslogtreecommitdiff
path: root/app/openssl/crypto/x509v3
diff options
context:
space:
mode:
authorParménides GV <parmegv@sdf.org>2014-10-02 18:07:56 +0200
committerParménides GV <parmegv@sdf.org>2014-10-02 18:07:56 +0200
commit914c5156b014970dde717b9a27c0c69f11cc7d98 (patch)
treecb15666fb01b0f0410327ae7aaa23df444ac3b4c /app/openssl/crypto/x509v3
parent22b7ee4614a2f47d55496de8a9b55040c0f4ba85 (diff)
Binaries from r885 of ics-openvpn, ndk10b 32 bits.
We don't support 64 bits targets because of https://code.google.com/p/android/issues/detail?id=77004&thanks=77004&ts=1412248443.
Diffstat (limited to 'app/openssl/crypto/x509v3')
-rw-r--r--app/openssl/crypto/x509v3/v3_purp.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/app/openssl/crypto/x509v3/v3_purp.c b/app/openssl/crypto/x509v3/v3_purp.c
index ad688657..f59bfc18 100644
--- a/app/openssl/crypto/x509v3/v3_purp.c
+++ b/app/openssl/crypto/x509v3/v3_purp.c
@@ -389,8 +389,8 @@ static void x509v3_cache_extensions(X509 *x)
/* Handle proxy certificates */
if((pci=X509_get_ext_d2i(x, NID_proxyCertInfo, NULL, NULL))) {
if (x->ex_flags & EXFLAG_CA
- || X509_get_ext_by_NID(x, NID_subject_alt_name, 0) >= 0
- || X509_get_ext_by_NID(x, NID_issuer_alt_name, 0) >= 0) {
+ || X509_get_ext_by_NID(x, NID_subject_alt_name, -1) >= 0
+ || X509_get_ext_by_NID(x, NID_issuer_alt_name, -1) >= 0) {
x->ex_flags |= EXFLAG_INVALID;
}
if (pci->pcPathLengthConstraint) {
@@ -670,7 +670,7 @@ static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x,
return 0;
/* Extended Key Usage MUST be critical */
- i_ext = X509_get_ext_by_NID((X509 *) x, NID_ext_key_usage, 0);
+ i_ext = X509_get_ext_by_NID((X509 *) x, NID_ext_key_usage, -1);
if (i_ext >= 0)
{
X509_EXTENSION *ext = X509_get_ext((X509 *) x, i_ext);