Cypherpunks repositories - gostls13.git/commit

author	Roland Shoemaker <roland@golang.org>
	Mon, 2 May 2022 19:00:36 +0000 (12:00 -0700)
committer	Gopher Robot <gobot@golang.org>
	Fri, 6 May 2022 17:05:06 +0000 (17:05 +0000)
commit	0aee59736f53ca1ef29d53163f26c2fc21a4c415
tree	643a205d36cb68f0b3e4478f2f5cbf4e7db4d07f	tree
parent	5fcd1badf724db853784243b29711df209976873	commit \| diff

crypto/x509: fix EKU nesting enforcement

The path building rework broke the enforcement of EKU nesting, this
change goes back to using the old method of enforcement, since it ends
up being more efficient to check the chains after building, rather than
at each step during path building.

Fixes #52659

Change-Id: Ic7c3717a10c33905677cf7bc4bc0a20f5f15f259
Reviewed-on: https://go-review.googlesource.com/c/go/+/403554
Reviewed-by: Damien Neil <dneil@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <valsorda@google.com>
Run-TryBot: Roland Shoemaker <roland@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>

src/crypto/x509/name_constraints_test.go		diff \| blob \| history
src/crypto/x509/verify.go		diff \| blob \| history
src/crypto/x509/verify_test.go		diff \| blob \| history