Skip to content

Show an indicator of critical extensions in the openssl_x509_parse() … #20311

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
StephenWall wants to merge 11 commits into
base: master
Choose a base branch
from
Open

Show an indicator of critical extensions in the openssl_x509_parse() … #20311

StephenWall wants to merge 11 commits into from
+68 −33

Conversation

@StephenWall
Copy link
Contributor

@StephenWall StephenWall commented Oct 27, 2025

…output in a backwards compatible way.

Fixes #20310

@StephenWall StephenWall requested a review from bukka as a code owner October 27, 2025 17:31
@StephenWall StephenWall force-pushed the critical branch 5 times, most recently from 97e7639 to 208d4d4 Compare October 30, 2025 21:17
@bukka
Copy link
Member

bukka commented Dec 9, 2025

This looks slightly strange. How about a new field criticalExtension that would contain string array of critical extension names?

@StephenWall
Copy link
Contributor Author

StephenWall commented Dec 9, 2025

This looks slightly strange. How about a new field criticalExtension that would contain string array of critical extension names?

To clarify, $info['extensions'] is unchanged and a new $info['criticalExtensions'] has a list of the names of critical extensions?

$info['extensions'] => array (
  'basicConstraints' => 'CA:FALSE',
  ...
)

$info['criticalExtensions'] => array(
  'basicConstraints'
)

@bukka
Copy link
Member

bukka commented Dec 9, 2025

Yes, exactly.

@StephenWall
Copy link
Contributor Author

StephenWall commented Dec 10, 2025

OK, self test runs cleanly, I think this is set.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bukka bukka Awaiting requested review from bukka bukka is a code owner

Assignees

No one assigned

Labels

Extension: openssl

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

No critical extension indication in openssl_x509_parse() output.

2 participants

@StephenWall @bukka