diff options
| author | wolfbeast <mcwerewolf@wolfbeast.com> | 2020-01-02 21:06:40 +0100 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2020-01-02 21:06:40 +0100 |
| commit | f4a12fc67689a830e9da1c87fd11afe5bc09deb3 (patch) | |
| tree | 211ae0cd022a6c11b0026ecc7761a550c584583c /security/nss/cmd/certutil/certext.c | |
| parent | f7d30133221896638f7bf4f66c504255c4b14f48 (diff) | |
| download | UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar.gz UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar.lz UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar.xz UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.zip | |
Issue #1338 - Part 2: Update NSS to 3.48-RTM
Diffstat (limited to 'security/nss/cmd/certutil/certext.c')
| -rw-r--r-- | security/nss/cmd/certutil/certext.c | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/security/nss/cmd/certutil/certext.c b/security/nss/cmd/certutil/certext.c index 0be3eb120..501608c85 100644 --- a/security/nss/cmd/certutil/certext.c +++ b/security/nss/cmd/certutil/certext.c @@ -497,6 +497,13 @@ static const char *const "ocspResponder", "stepUp", "msTrustListSigning", + "x509Any", + "ipsecIKE", + "ipsecIKEEnd", + "ipsecIKEIntermediate", + "ipsecEnd", + "ipsecTunnel", + "ipsecUser", NULL }; static SECStatus @@ -517,6 +524,10 @@ AddExtKeyUsage(void *extHandle, const char *userSuppliedValue) while (1) { if (!userSuppliedValue) { + /* + * none of the 'new' extended key usage options work with the prompted menu. This is so + * old scripts can continue to work. + */ if (PrintChoicesAndGetAnswer( "\t\t0 - Server Auth\n" "\t\t1 - Client Auth\n" @@ -572,6 +583,45 @@ AddExtKeyUsage(void *extHandle, const char *userSuppliedValue) case 7: rv = AddOidToSequence(os, SEC_OID_MS_EXT_KEY_USAGE_CTL_SIGNING); break; + /* + * These new usages can only be added explicitly by the userSuppliedValues. This allows old + * scripts which used '>7' as an exit value to continue to work. + */ + case 8: + if (!userSuppliedValue) + goto endloop; + rv = AddOidToSequence(os, SEC_OID_X509_ANY_EXT_KEY_USAGE); + break; + case 9: + if (!userSuppliedValue) + goto endloop; + rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_IPSEC_IKE); + break; + case 10: + if (!userSuppliedValue) + goto endloop; + rv = AddOidToSequence(os, SEC_OID_IPSEC_IKE_END); + break; + case 11: + if (!userSuppliedValue) + goto endloop; + rv = AddOidToSequence(os, SEC_OID_IPSEC_IKE_INTERMEDIATE); + break; + case 12: + if (!userSuppliedValue) + goto endloop; + rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_IPSEC_END); + break; + case 13: + if (!userSuppliedValue) + goto endloop; + rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_IPSEC_TUNNEL); + break; + case 14: + if (!userSuppliedValue) + goto endloop; + rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_IPSEC_USER); + break; default: goto endloop; } |