Cypherpunks repositories - gostls13.git/commit

author	Aaron Gable <aaron@letsencrypt.org>
	Tue, 28 Jun 2022 22:28:21 +0000 (15:28 -0700)
committer	Gopher Robot <gobot@golang.org>
	Thu, 7 Jul 2022 19:26:16 +0000 (19:26 +0000)
commit	486fc0177068277a51235c7794660b238e70d622
tree	329d84b700a36e37fac1334c6eeabeaab66207e0	tree
parent	8ac58de1857637f372a00ea16ab5497193b784a6	commit \| diff

crypto/x509: correctly parse CRL entry extensions

When checking to see if a CRL entry has any extensions, attempt to read
them from the individual revokedCertificate, rather than from the parent
TBSCertList.

Additionally, crlEntryExtensions is not an EXPLICIT field (c.f.
crlExtension and Certificate extensions), so do not perform an extra
layer of unwrapping when parsing the field.

The added test case fails without the accompanying changes.

Fixes #53592

Change-Id: Icc00e4c911f196aef77e3248117de64ddc5ea27f
Reviewed-on: https://go-review.googlesource.com/c/go/+/414877
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>

src/crypto/x509/parser.go		diff \| blob \| history
src/crypto/x509/x509_test.go		diff \| blob \| history