openbsd/src/lib/libcrypto/x509, branch libressl-v2.4.0

openbsd/src/lib/libcrypto/x509, branch libressl-v2.4.0 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v2.4.0 2016-03-21T04:05:33+00:00 Return zero from two functions on allocation failure instead of always 2016-03-21T04:05:33+00:00 mmcc 2016-03-21T04:05:33+00:00 urn:sha1:d3d50bbe74e3efe3344fcfcdc1de5f0e17b603a7 returning one (indicating success). Each function has only a single usage, and both usages check the return value. Merged from BoringSSL 0ce78a757d815c0dde9ed5884229f3a5b2cb3e9c: https://boringssl.googlesource.com/boringssl/+/0ce78a757d815c0dde9ed5884229f3a5b2cb3e9c%5E!/#F0 ok beck@ X509_free(3) is NULL-safe, so remove NULL checks before its calls. 2016-03-11T07:08:45+00:00 mmcc 2016-03-11T07:08:45+00:00 urn:sha1:3935f3d5bc0215b231fcd3c9f9ebd7cf653cfcde ok doug@ initialize ok to 0 2015-12-14T03:38:13+00:00 beck 2015-12-14T03:38:13+00:00 urn:sha1:545369100a8463914bf7c95aeeca1f420d169b55 ok guenther@ Stop supporing "legcay" time formats that OpenSSL supports. Rewrite the 2015-10-19T16:32:37+00:00 beck 2015-10-19T16:32:37+00:00 urn:sha1:6f20e3b7bc4e6801abfde111c397198fb23a59ec utctime and gentime wrappers accordingly. Along with some other cleanup. this also removes the need for timegm. ok bcook@ sthen@ jsing@ Convert a number of the old ASN1_{d2i,i2d}_{bio,fp}_of() macros to 2015-10-13T14:03:26+00:00 jsing 2015-10-13T14:03:26+00:00 urn:sha1:2c4986af365cae2c693ad8a02bcb6f1e4e6b80cb ASN1_item_{d2i,i2d}_{bio,fp}() function calls. ok beck@ doug@ Flense the greasy black guts of unreadble string parsing code out of three areas 2015-10-02T15:04:45+00:00 beck 2015-10-02T15:04:45+00:00 urn:sha1:0fdba47b730ef7a8d2107e42c5db7b2a3e008a8f in asn1 and x509 code, all dealing with an ASN1_TIME. This brings the parsing together in one function that converts into a struct tm. While we are at it this also brings us into conformance with RFC 5280 for times allowed in an X509 cert, as OpenSSL is very liberal with what it allows. input and fixes from deraadt@ jsing@ guethther@ and others. ok krw@, guenther@, jsing@ s/M_ASN1_TIME_free/ASN1_TIME_free/ 2015-09-30T17:49:59+00:00 jsing 2015-09-30T17:49:59+00:00 urn:sha1:40e8ba9c4d631b50c0d5d6298e3e88a1fc3b90a8 Replace M_ASN1_INTEGER_(new|free) with ASN1_INTEGER_(new|free) - this is 2015-09-30T17:30:16+00:00 jsing 2015-09-30T17:30:16+00:00 urn:sha1:56c28c591a2d58b6dda7237a4962fc6f6b0eca75 different from the macro expansion, but the result is the same. Also replace some ASN1_STRING_dup() with ASN1_INTEGER_dup(). ok beck@ doug@ Add support for disabling certificate and CRL validity checking. 2015-09-14T16:13:39+00:00 jsing 2015-09-14T16:13:39+00:00 urn:sha1:33cb993a8d2c13b5765b3a3f9538892658ae6665 Loosely based on changes in OpenSSL. ok beck@ Reorder functions for readability/consistency. 2015-09-13T15:59:30+00:00 jsing 2015-09-13T15:59:30+00:00 urn:sha1:e1e5c9f78b74257912dbabd424ccb6d6cf346746