[release-branch.go1.8] crypto/x509: reject intermediates with unknown critical extensions.
In https://golang.org/cl/9390 I messed up and put the critical extension test in the wrong function. Thus it only triggered for leaf certificates and not for intermediates or roots. In practice, this is not expected to have a security impact in the web PKI. [Merge conflicts resolved in verify_test.go] Change-Id: I4f2464ef2fb71b5865389901f293062ba1327702 Reviewed-on: https://go-review.googlesource.com/69294 Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by:Russ Cox <rsc@golang.org> Reviewed-on: https://go-review.googlesource.com/70842 Run-TryBot: Russ Cox <rsc@golang.org> Reviewed-by:
Adam Langley <agl@golang.org>
Loading
Please sign in to comment