TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / df48efa77a697ce44629eab5836649a9ab2966ff^! / .
commitdf48efa77a697ce44629eab5836649a9ab2966ff[log] [tgz]
authorRon Eldor <Ron.Eldor@arm.com>Mon Apr 08 13:28:24 2019 +0300
committerRon Eldor <Ron.Eldor@arm.com>Wed Apr 10 11:06:53 2019 +0300
tree6dbd3a72c0840e195a51cde7b9f5c8ebf9f3f947
parent57773d4ede814fd94ebcffc92b1b81186c2856de [diff]
Skip uncritical unsupported extensions

Skip extensions that have support in the `oid` layer`, but
no parser found in the x509 layer, in case these are not critical.

diff --git a/library/x509_crt.c b/library/x509_crt.c
index 5d82816..8024b51 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c

@@ -820,7 +820,17 @@
             break;
 
         default:
-            return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
+            /*
+             * If this is a non-critical extension, which the oid layer
+             * supports, but there isn't an x509 parser for it,
+             * skip the extension.
+             */
+#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
+            if( is_critical )
+                return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
+            else
+#endif
+                *p = end_ext_octet;
         }
     }