x509 verification fails on critical EKU

[nbastin]

If any certificate in the verification chain has a critical EKU, verification will fail. RFC 5280 (and X.509 in general) allows EKU to be either critical or non-critical for any certificate. I've attached a test script and 2 different sets of certs (one that works, one that fails). Both sets pass openssl verify -x509_strict.

The script takes the root cert as the first argument (-cacert.pem) and the to-be-verified client cert as the second (-testuser-cert.pem).

pyca_test.tar.gz