| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
After peeling off enough layers, the entire wacky abstraction turns out
to be nothing but dispatching from a trust_id to a trust handler and
passing the appropriate nid and the cert.
ok beck jsing
|
| |
|
|
| |
ok tb@
|
| |
|
|
|
|
|
|
|
| |
The PSK extension must be the last extension in the client hello. This is
currently implemented by relying on the fact that it is the last extension
in the TLS extension table. Remove this dependency so that we can reorder
the table as needed.
ok tb@
|
| | |
|
| |
|
|
|
|
|
| |
The certificates no longer need to be modified since we cache the
extensions up front.
ok beck
|
| |
|
|
|
|
|
| |
This code is so ridiculously overengineered that it is an achievement even
by early OpenSSL standards.
ok beck
|
| |
|
|
|
|
| |
This way the trust handlers can stop modifying the certificates.
ok beck
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When searching for a CA or CRL file in by_dir, this stat()
was used to short circuit attempting to open the file with
X509_load_cert_file(). This was a deliberate TOCTOU introduced
to avoid setting an error on the error stack, when what you
really want to say is "we couldn't find a CA" and continue
merrily on your way.
As it so happens you really do not care why the load_file failed
in any of these cases, it all boils down to "I can't find the CA
or CRL". Instead we just omit the stat call, and clear the error
stack if the load_file fails. The fact that you don't have a CA or
CRL is caught later in the callers and is what you want, mimicing
the non by_dir behaviour instead of possibly some bizzaro file
system error.
Based on a similar change in Boring.
ok tb@
|
| |
|
|
| |
Requested by and ok tb@
|
| |
|
|
|
|
|
|
|
| |
The previous implementation used the now defunct OBJ_NAME_get() which
bailed out when passed a NULL argument. Difference spotted by the
regress tests in ports/net/openvpn (regular openvpn use is fine but
openvpn --show-ciphers/--show-digests crashes).
ok tb@
|
| |
|
|
|
|
|
|
| |
This gets rid of our last uses of timegm and gmtime in the
library and things that ship with it. It includes a bit
of refactoring in ocsp_cl.c to remove some obvious ugly.
ok tb@
|
| | |
|
| |
|
|
| |
ok beck
|
| |
|
|
| |
noticed/ok beck
|
| |
|
|
| |
discussed with jsing
|
| |
|
|
| |
ok beck
|
| |
|
|
|
| |
"Yeah, arg1 is always such an imaginative name" ian
ok beck
|
| |
|
|
|
|
|
| |
This used to be exposed via an accessor, but this accessor is no longer
part of the library, so nuke it.
ok beck
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
| |
The public X509_check_trust() takes a flag parameter which we must leave
in place. However, we can stop passing the flag parameter around without
ever looking at it.
ok jsing
|
| |
|
|
|
|
|
| |
This had an inlined version of sk_pop_free(). We can just call it the
right way.
ok jsing
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Hungarian notation occasionally helps, but only if it is done consistently.
Steve and consistency... cf e.g the last few commits. Accordingly,
Hensonian Hungarian notation is a complete disaster. Start cleaning this
mess up.
|
| |
|
|
| |
requested by jsing
|
| |
|
|
|
| |
A CONF_IMODULE is neither an EVP_MD nor a CONF_MODULE, so call it imod
instead of md or mod.
|
| |
|
|
| |
A CONF_MODULE is no EVP_MD, so call it mod instead of md.
|
| |
|
|
|
|
|
| |
There is one caller of this function which returns module_add() != NULL.
Make the function return an int instead.
suggested by and ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
The new certificates are more representative of the real world. The old
certificates use weak algorithms and expire in the very near future. Most
of our regress has already been switched over, this changes the remainder.
Thanks to Bernhard M. Wiedemann for reminding us of the upcoming expiry.
ok tb@
|
| | |
|
| | |
|
| |
|
|
|
| |
As far as LibreSSL is concerned, this terrible API is pushing up the
daisies.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A historic blunderfest in the ASN.1 module for RSA-PSS led to very
confusing text in various RFCs. davidben and my current reading of
this is that parameters for SHA-* should be encoded as an ASN.1 NULL
rather than omitted. The use of X509_ALGOR_set_evp_md() leads to them
being omitted, and is therefore counter to the specification (but
allowed. We should fix this. For now, leave a reminder.
See https://boringssl-review.googlesource.com/c/boringssl/+/67088
for a lot more details.
ok davidben
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If more bits than INT_MAX - 7 are requested, the calculation of number
of bytes required to store the bignum triggers undefined behavior due to
signed integer overflow. This will typically result in bytes becoming
negative which will then make malloc() fail. If the ulimit should be
high enough to make malloc() succeed, there is a bad out of bounds write
in case bottom is set (an odd number was requested).
On jsing's request this does not deal with another bug which we could
catch with a similar check due to BN_bn2bin() failing later on as the
number of words in a BIGNUM is some fraction of INT_MAX.
ok jsing
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Whether an X509_LOOKUP with given method already exists or not, this API
returns an internal pointer that must not be freed.
|
| |
|
|
| |
ok deraadt@ jmc@
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Move the description of the EVP_MD_FLAGs to EVP_MD_nid() and add a
reference to the CMS specification.
|
| | |
|
| | |
|
