Forbid repeated X.509 extensions

commit: 8a5e3d4a4011f3f2142e15a23ad98fa7c7753b6e [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Nov 12 17:47:28 2014 +0100
committer: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Nov 12 18:13:58 2014 +0100
tree: 9eb1f0ee55bbe731a5f44febb52c7151a4f9d97c
parent: d681443f69080ec68f2323e7f53fae2f863d69ee [diff] [blame]
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 525d250..5273c3a 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c

@@ -481,6 +481,10 @@
             continue;
         }
 
+        /* Forbid repeated extensions */
+        if( ( crt->ext_types & ext_type ) != 0 )
+            return( POLARSSL_ERR_X509_INVALID_EXTENSIONS );
+
         crt->ext_types |= ext_type;
 
         switch( ext_type )
commit	8a5e3d4a4011f3f2142e15a23ad98fa7c7753b6e	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Wed Nov 12 17:47:28 2014 +0100
committer	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Wed Nov 12 18:13:58 2014 +0100
tree	9eb1f0ee55bbe731a5f44febb52c7151a4f9d97c
parent	d681443f69080ec68f2323e7f53fae2f863d69ee [diff] [blame]