ssl-proxies: Fix path validator when cert is lacking key usage extensions

jglobus / JGlobus

jGlobus is a collection of Java client libraries for Globus® Toolkit security, GRAM, and GridFTP.

http://www.globus.org/toolkit/jglobus/

Apache License 2.0

24 stars 44 forks source link

ssl-proxies: Fix path validator when cert is lacking key usage extensions #92

Closed gbehrmann closed 11 years ago

gbehrmann commented 11 years ago

270e41c6b59f5f113edd18cbad71956444f2090c introduced an enum to represent key usage bits. The patch broke the key usage check for non-proxy certs in that it did not deal correctly with the absence of the extension.

bbockelm commented 11 years ago

Shouldn't we also add a null-pointer check at line 520-or-so of X509ProxyCertPathValidator.java?

gbehrmann commented 11 years ago

That's a different getKeyUsage() method and that method does not return null.

bbockelm commented 11 years ago

Ok, in that case, I'm merging through...