diff options
| author | job <> | 2023-04-24 08:09:29 +0000 |
|---|---|---|
| committer | job <> | 2023-04-24 08:09:29 +0000 |
| commit | bc4204740df46cf24509d764979a6fd747bb4f4a (patch) | |
| tree | dd57dd7e2c9553f92697532a4a002edac23b50fd /src | |
| parent | abcd9cf7eaa057b8d4787e6390794eeaea653ada (diff) | |
| download | openbsd-bc4204740df46cf24509d764979a6fd747bb4f4a.tar.gz openbsd-bc4204740df46cf24509d764979a6fd747bb4f4a.tar.bz2 openbsd-bc4204740df46cf24509d764979a6fd747bb4f4a.zip | |
Revert 1.32
jsing@ noted that ASN1_OP_D2I_POST might not be the best place to
introduce this check (as could lead to pushing errors
(ASN1_R_AUX_ERROR) onto the stack). Additionally, without matching
validation on the encoding side brittleness is introduced.
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/asn1/x_x509.c | 29 |
1 files changed, 2 insertions, 27 deletions
diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c index 87b714877f..df66153c45 100644 --- a/src/lib/libcrypto/asn1/x_x509.c +++ b/src/lib/libcrypto/asn1/x_x509.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x_x509.c,v 1.32 2023/04/23 21:31:16 job Exp $ */ | 1 | /* $OpenBSD: x_x509.c,v 1.33 2023/04/24 08:09:29 job Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -61,7 +61,6 @@ | |||
| 61 | #include <openssl/opensslconf.h> | 61 | #include <openssl/opensslconf.h> |
| 62 | 62 | ||
| 63 | #include <openssl/asn1t.h> | 63 | #include <openssl/asn1t.h> |
| 64 | #include <openssl/err.h> | ||
| 65 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 66 | #include <openssl/x509.h> | 65 | #include <openssl/x509.h> |
| 67 | #include <openssl/x509v3.h> | 66 | #include <openssl/x509v3.h> |
| @@ -195,34 +194,10 @@ x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) | |||
| 195 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); | 194 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); |
| 196 | break; | 195 | break; |
| 197 | 196 | ||
| 198 | case ASN1_OP_D2I_POST: { | 197 | case ASN1_OP_D2I_POST: |
| 199 | const ASN1_BIT_STRING *issuerUID = NULL, *subjectUID = NULL; | ||
| 200 | long version; | ||
| 201 | |||
| 202 | version = X509_get_version(ret); | ||
| 203 | /* accept 0 despite DER requiring omission of default values */ | ||
| 204 | if (version < 0 || version > 2) { | ||
| 205 | X509error(X509_R_INVALID_VERSION); | ||
| 206 | return 0; | ||
| 207 | } | ||
| 208 | |||
| 209 | /* RFC 5280 section 4.1.2.8, these fields require v2 or v3 */ | ||
| 210 | X509_get0_uids(ret, &issuerUID, &subjectUID); | ||
| 211 | if ((issuerUID != NULL || subjectUID != NULL) && version == 0) { | ||
| 212 | X509error(X509_R_INVALID_VERSION); | ||
| 213 | return 0; | ||
| 214 | } | ||
| 215 | |||
| 216 | /* RFC 5280 section 4.1.2.9, extensions require v3. */ | ||
| 217 | if (X509_get_ext_count(ret) != 0 && version != 2) { | ||
| 218 | X509error(X509_R_INVALID_VERSION); | ||
| 219 | return 0; | ||
| 220 | } | ||
| 221 | |||
| 222 | free(ret->name); | 198 | free(ret->name); |
| 223 | ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0); | 199 | ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0); |
| 224 | break; | 200 | break; |
| 225 | } | ||
| 226 | 201 | ||
| 227 | case ASN1_OP_FREE_POST: | 202 | case ASN1_OP_FREE_POST: |
| 228 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); | 203 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); |