Emit warnings when unexpected X.509v3 extensions are encountered

author job <job@openbsd.org>

Wed, 2 Nov 2022 23:20:59 +0000 (23:20 +0000)

committer job <job@openbsd.org>

Wed, 2 Nov 2022 23:20:59 +0000 (23:20 +0000)
author job <job@openbsd.org>
Wed, 2 Nov 2022 23:20:59 +0000 (23:20 +0000)
committer job <job@openbsd.org>
Wed, 2 Nov 2022 23:20:59 +0000 (23:20 +0000)
diff --git a/usr.sbin/rpki-client/cert.c b/usr.sbin/rpki-client/cert.c

index 0098c0e..19ec62b 100644 (file)
--- a/usr.sbin/rpki-client/cert.c
+++ b/usr.sbin/rpki-client/cert.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: cert.c,v 1.89 2022/09/03 21:24:02 job Exp $ */
+/*     $OpenBSD: cert.c,v 1.90 2022/11/02 23:20:59 job Exp $ */
  /*
   * Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
   * Copyright (c) 2021 Job Snijders <job@openbsd.org>
@@ -689,13 +689,18 @@ cert_parse_pre(const char *fn, const unsigned char *der, size_t len)
                         break;
                 case NID_ext_key_usage:
                         break;
+               case NID_basic_constraints:
+                       break;
+               case NID_key_usage:
+                       break;
                 default:
-                       /* {
+                       /* unexpected extensions warrant investigation */
+                       {
                                 char objn[64];
                                 OBJ_obj2txt(objn, sizeof(objn), obj, 0);
                                 warnx("%s: ignoring %s (NID %d)",
-                                       p.fn, objn, OBJ_obj2nid(obj));
-                       } */
+                                   p.fn, objn, OBJ_obj2nid(obj));
+                       }
                         break;
                 }
         }
author	job <job@openbsd.org>
	Wed, 2 Nov 2022 23:20:59 +0000 (23:20 +0000)
committer	job <job@openbsd.org>
	Wed, 2 Nov 2022 23:20:59 +0000 (23:20 +0000)