Skip to content

G
golang
Switch branch/tag
History Find file
  • Adam Langley's avatar
    crypto/x509, crypto/tls: improve root matching and observe CA flag. · 8e5f673d
    Adam Langley authored 
    The key/value format of X.500 names means that it's possible to encode
a name with multiple values for, say, organisation. RFC5280
doesn't seem to consider this, but there are Verisign root
certificates which do this and, in order to find the correct
root certificate in some cases, we need to handle it.

Also, CA certificates should set the CA flag and we now check
this. After looking at the other X.509 extensions it appears
that they are universally ignored/bit rotted away so we ignore
them.

R=rsc
CC=golang-dev
https://golang.org/cl/2249042
    8e5f673d
Name
Last commit
 Last update
..
Makefile Loading commit data...
alert.go Loading commit data...
ca_set.go Loading commit data...
common.go Loading commit data...
conn.go Loading commit data...
generate_cert.go Loading commit data...
handshake_client.go Loading commit data...
handshake_messages.go Loading commit data...
handshake_messages_test.go Loading commit data...
handshake_server.go Loading commit data...
handshake_server_test.go Loading commit data...
prf.go Loading commit data...
prf_test.go Loading commit data...
tls.go Loading commit data...