summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Fix the legacy verifier callback behaviour for untrusted certs.beck2022-06-283-19/+347
| | | | | | | | | | | | | | | | | | The verifier callback is used by mutt to do a form of certificate pinning where the callback gets fired and depending on a cert saved to a file will decide to accept an untrusted cert. This corrects two problems that affected this. The callback was not getting the correct depth and chain for the error where mutt would save the certificate in the first place, and then the callback was not getting fired to allow it to override the failing certificate validation. thanks to Avon Robertson <avon.r@xtra.co.nz> for the report and sthen@ for analysis. "The callback is not an API, it's a gordian knot - tb@" ok jsing@
* Correct misleading comment for URI parsingbeck2022-06-271-4/+10
| | | | ok jsing@
* Add function to free all of the issuer cache.beck2022-06-271-13/+39
| | | | ok jsing@
* Allow security_level to mestastasize into the verifiertb2022-06-274-4/+156
| | | | | | | | The tentacles are everywhere. This checks that all certs in a chain have keys and signature algorithms matching the requirements of the security_level configured in the verify parameters. ok beck jsing
* Prepare to provide X509_VERIFY_PARAM_set_auth_level()tb2022-06-273-2/+12
| | | | | | | | For some unknown reason this needed a different name than security_level, both internally and in the public API. Obviously it is exactly the same garbage. ok beck jsing
* Add new time manipulation funcitons that OpenSSL has exposed thatbeck2022-06-274-26/+121
| | | | | | | | the world seems to be using. Symbols.list changes and exposure to wait for minor bump ok jsing@ jca@
* Prepare to provide EVP_PKEY_security_bits()tb2022-06-278-8/+75
| | | | | | | This also provides a pkey_security_bits member to the PKEY ASN.1 methods and a corresponding setter EVP_PKEY_asn1_set_security_bits(). ok beck jsing
* Prepare to provide DH_security_bits()tb2022-06-272-2/+18
| | | | ok beck jsing
* Prepare to provide RSA_security_bits()tb2022-06-272-2/+12
| | | | ok beck jsing
* Prepare to provide DSA_security_bits()tb2022-06-272-2/+14
| | | | ok beck jsing
* Prepare to provide BN_security_bits()tb2022-06-272-2/+37
| | | | ok beck jsing
* Provide and use long_{get,set}()jsing2022-06-261-11/+35
| | | | | | | | | Apparently at some point a LONG_it was misaligned - provide and use long_{get,set}() so that we always memcpy() rather than doing it some times but not others. While here provide long_clear() rather than abusing and reusing long_free(). ok tb@
* Fix URI name constraints, allow for URI's with no host part.beck2022-06-262-3/+38
| | | | | | | | | | | Such uri's must be parsed and allowed, but then should fail if a name constraint is present. Adds regress testing for this same case. fixes https://github.com/libressl-portable/openbsd/issues/131 ok tb@
* whitespacetb2022-06-261-2/+2
|
* Move leaf certificate checks to the last thing after chain validation.beck2022-06-253-20/+317
| | | | | | | | While seemingly illogical and not what is done in Go's validator, this mimics OpenSSL's behavior so that callback overrides for the expiry of a certificate will not "sticky" override a failure to build a chain. ok jsing@
* Use ints for boolean values.jsing2022-06-251-31/+31
| | | | | | | Switch to using ints for boolean values and use 0 or 1 for constructed, rather than using 0 the ASN.1 tag encoded value (1 << 5). ok tb@
* Reuse ASN1_INTEGER functions for ASN1_ENUMERATED_{get,set}()jsing2022-06-252-56/+59
| | | | | | | Instead of having a separate get/set implementation, reuse the ASN1_INTEGER code. Also prepare to provide ASN1_ENUMERATED_{get,set}_int64(). ok beck@ tb@
* Check pointer argument after {d2i,i2d}_ASN1_{BIT_STRING,BOOLEAN,INTEGER}()jsing2022-06-251-2/+46
|
* Add regress for ASN1_INTEGER_{get,set}_{u,}int64()jsing2022-06-251-1/+103
|
* Rewrite ASN1_INTEGER_{get,set}() using CBS/CBBjsing2022-06-254-65/+197
| | | | | | In the process, prepare to provide ASN1_INTEGER_{get,set}_{u,}int64(). ok beck@ tb@
* Simplify ASN1_INTEGER_cmp()jsing2022-06-251-16/+9
| | | | ok beck@ tb@
* Add regress for ASN1_INTEGER_cmp()jsing2022-06-251-1/+76
|
* Use dynamic linking correctly. bntest and bn_to_string need static linking.tb2022-06-231-3/+5
|
* Explicitly include fcntl.h and unistd.h for pipe2tb2022-06-221-1/+4
|
* Fix format strings for size_ttb2022-06-221-5/+5
|
* Fix format string: use %zu for size_t, not %lu.tb2022-06-221-3/+3
|
* Error out on negative shifts in BN_{r,l}shift()tb2022-06-221-1/+13
| | | | | | | | | | Without these checks in both functions nw = n / BN_BITS2 will be negative and this leads to out-of-bounds accesses via negative array indices and memset with a negative size. Pointed out by cheloha ok jsing
* Tweak a commenttb2022-06-201-2/+2
|
* Flip roles of lowercase and uppercase A and B.tb2022-06-201-44/+44
| | | | | | | This matches Cohen's text better and makes the entire thing easier to read. suggested by jsing
* Clean up BN_kronecker()tb2022-06-201-73/+88
| | | | | | | | | | Instead of "Cohen's step N" explain in words what is being done. Things such as (A & B & 2) != 0 being equivalent to (-1)^((A-1)(B-1)/4) being negative are not entirely obvious... Remove the strange error dance and adjust variable names to what Cohen's book uses. Simplify various curly bits. ok jsing
* Fix some bizarre indentation and line breaks.tb2022-06-201-8/+7
|
* Use uppercase for SUCCESS for consistencytb2022-06-191-2/+2
|
* None of these tests needs to link statically.tb2022-06-192-4/+4
|
* Drop bogus DPADD += ${LIBSSL}tb2022-06-193-7/+6
|
* Quick regression test that checks that BN_is_prime_fasttest_ex()tb2022-06-182-1/+97
| | | | | recognizes the primes in the primes[] table with and without trial division. Would have caught the bug fixed in bn_primes.c r1.9.
* Fix prime recognition when doing trial divisionstb2022-06-181-2/+2
| | | | | | | | | If gcd(a, primes[i]) == 0 then a could still be a prime, namely in the case that a == primes[i], so check for that case as well. Problem noted by Martin Grenouilloux ok jsing
* Switch to using TLS_INT instead of handrolling ittb2022-06-151-3/+2
|
* More %i vs %d cleanuptb2022-06-107-20/+20
|
* do not refuse valid IPv6 addresses in -X connect (HTTP CONNECT proxy)djm2022-06-081-2/+2
| | | | support. Identified by Wilmer van der Gaast, ok millert@
* KNF, mostly whitespace - no binary change on amd64tb2022-06-081-22/+19
|
* Fix format strings: change %i, %li, %lli to %d, %ld, %lld and switch totb2022-06-071-18/+18
| | | | | %zu for master_key_length, session_id_length and sid_ctx_length, which are now size_t.
* Change the loop index from an unsigned int to size_t now that alltb2022-06-071-2/+2
| | | | | | upper bounds are known to be size_t. ok jsing
* Simplify another CBS_write_bytes() call in d2i_SSL_SESSION()tb2022-06-071-5/+2
| | | | ok jsing
* Switch sid_ctx_length in SSL, SSL_CTX and SSL_SESSION to a size_ttb2022-06-071-4/+4
| | | | ok jsing
* Use CBS_write_bytes() instead of manual unpacking of a CBS and assigningtb2022-06-071-3/+5
| | | | | | | length and using memcpy(). This also provides a missing overflow check (which is done by the only caller, however). ok jsing
* Simplify various CBS_write_bytes() callstb2022-06-073-13/+7
| | | | | | | Now that session_id_length is a size_t, we can pass it directly to CBS_write_bytes() instead of using a temporary variable. ok jsing
* Switch SSL_SESSION's session_id_length to a size_ttb2022-06-071-2/+2
| | | | ok jsing
* Add missing error check call in ssl3_get_new_session_ticket()tb2022-06-071-4/+9
| | | | | | | EVP_Digest() can fail, so handle failure appropriately and prepare switch of session_id_length to a size_t. ok jsing
* Another small readability tweak: compare explicitly against 0 and NULL,tb2022-06-071-4/+3
| | | | | | respectively ok jsing
* Tweak readability of a test: compare tmp explicitly against 0 and droptb2022-06-071-2/+2
| | | | | | redundant parentheses. ok jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-29 14:55:06 +0000