openbsd/src/lib/libcrypto/x509, branch libressl-v3.3.6

openbsd/src/lib/libcrypto/x509, branch libressl-v3.3.6 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v3.3.6 2021-09-30T18:25:43+00:00 Enable X509_V_FLAG_TRUSTED_FIRST by default in the legacy verifier. 2021-09-30T18:25:43+00:00 deraadt 2021-09-30T18:25:43+00:00 urn:sha1:8e81e40d0c1296f1862d4a6749edd4cba53c4a23 In order to work around the expired DST Root CA X3 certficiate, enable X509_V_FLAG_TRUSTED_FIRST in the legacy verifier. This means that the default chain provided by Let's Encrypt will stop at the ISRG Root X1 intermediate, rather than following the DST Root CA X3 intermediate. Note that the new verifier does not suffer from this issue, so only a small number of things will hit this code path. ok millert@ robert@ tb@ this is errata 6.9/018_cert Avoid a potential overread in x509_constraints_parse_mailbox() 2021-09-26T14:07:40+00:00 deraadt 2021-09-26T14:07:40+00:00 urn:sha1:35f8ef07a93e59616eb96dc41d4f8e6a21a6319b The length checks need to be >= rather than > in order to ensure the string remains NUL terminated. While here consistently check wi before using it so we have the same idiom throughout this function. Issue reported by GoldBinocle on GitHub. ok deraadt@ tb@ this is 6.9 errata 017 Switch back to the legacy verifier for the release. 2021-04-15T14:15:03+00:00 tb 2021-04-15T14:15:03+00:00 urn:sha1:013c39e97f0af8342cdb560b4a2a45f87602f7b7 This is disappointing as a lot of work was put into the new verifier during this cycle. However, there are still too many known bugs and incompatibilities. It is better to be faced with known broken behavior than with new broken behavior and to switch now rather than via errata. This way we have another cycle to iron out the kinks and to fix some of the remaining bugs. ok jsing Don't leak param->name in x509_verify_param_zero() 2021-04-05T07:02:50+00:00 tb 2021-04-05T07:02:50+00:00 urn:sha1:57e3ff55d71172acc1caf21e8c346e67b7089676 For dynamically allocated verify parameters, param->name is only ever set in X509_VERIFY_set1_name() where the old one is freed and the new one is assigned via strdup(). Setting it to NULL without freeing it beforehand is a leak. looks correct to millert, ok inoguchi Provide missing prototype for d2i_DSAPrivateKey_fp(3) 2021-03-31T16:51:06+00:00 tb 2021-03-31T16:51:06+00:00 urn:sha1:a2c7dc9f61c905842b4ecaed7ee8beba13289e15 ok bcook inoguchi jsing Fix copy-paste error in previous 2021-03-19T18:52:14+00:00 tb 2021-03-19T18:52:14+00:00 urn:sha1:7a958181310bd7835ec408fe536f58123486fc76 Found the hard way by lists y42 org via an OCSP validation failure that in turn caused pkg_add over TLS to fail. Detailed report by sthen. ok sthen Use EXFLAG_INVALID to handle out of memory and parse errors in 2021-03-13T23:01:49+00:00 tobhe 2021-03-13T23:01:49+00:00 urn:sha1:0c378cc53837d51d2f3a48a028d7726d2a78d8d7 x509v3_cache_extensions(). ok tb@ Zap a useless variable. 2021-03-12T15:57:30+00:00 tb 2021-03-12T15:57:30+00:00 urn:sha1:266aa0aa5323d0e87855e9e761085c9b055a4f10 suggested by jsing Missing void in function definition 2021-03-12T15:55:26+00:00 tb 2021-03-12T15:55:26+00:00 urn:sha1:93c437239760ae62e33d9a36197c37c8dec288b3 ok jsing Fix checks of memory caps of constraints names 2021-03-12T15:53:38+00:00 tb 2021-03-12T15:53:38+00:00 urn:sha1:430ac1ca1c8120f48481984e640aa9977f780961 x509_internal.h defines caps on the number of name constraints and other names (such as subjectAltNames) that we want to allocate per cert chain. These limits are checked too late. In a particularly silly cert that jan found on ugos.ugm.ac.id 443, we ended up allocating six times 2048 x509_constraint_name structures before deciding that these are more than 512. Fix this by adding a names_max member to x509_constraints_names which is set on allocation against which each addition of a name is checked. cluebat/ok jsing ok inoguchi on earlier version