Closed mchldbrtl closed 1 year ago
Hi mchldbrtl thank you for bringing this enhancement.
Please make sure to add a unit test that specifically stresses the code that you have added.
This will be a prerequisite before the PR could be accepted.
Thank you! Is this ready to merge ?
Hi! It is ready indeed. Still, the appveyor CI fails in the very early stage with error:
The build phase is set to "MSBuild" mode (default), but no Visual Studio project or solution files were found in the root directory. If you are not building Visual Studio project switch build mode to "Script" and provide your custom build command.
Are you aware of the failures? I saw that happens for other jobs too. Thanks!
I found myself in a situation where an OPCUA server is offering me a certificate with the basicConstraints extension specifying
pathLength
but notCA
field. This is probably due to a malformed certificate but it is still correctly parsed by popular tools like openssl etc etc. The client then fails because the functionreadBasicConstraint2_5_29_19
expects theCA
field to be encountered first and thepathLength
second, possibly. Honestly, the literature and the real world examples are often misleading about the correct structure of this extension. I don't know if my suggestion is fully compliant with the specs but I hope it should provide a less stringent and more accepted approach for parsingbasicConstraints
extensions.