This bug is present in both 0.9.7 and 0.9.8 branches. Function
X509v3_get_ext_by_critical() implemented in crypto/x509/x509_v3.c returns
only critical extensions regardless of the value of the second parameter
crit. The problem is in the following statement (line 118):
if ( ((ex->critical > 0) && crit) ||
(!(ex->critical <= 0) && !crit))
return(lastpos);
}
I believe that it was meant to be:
if ( ((ex->critical > 0) && crit) ||
((ex->critical <= 0) && !crit))
return(lastpos);
}
--
Ville Hallik
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
