| Commit message (Collapse) | Author | Files | Lines |
|---|
|
Based on the version in OpenSSL 1.1.1l with minor tweaks.
ok inoguchi jsing
|
|
that will be used in subsequent commits.
ok inoguchi jsing
|
|
Assign the result of BN_dup() and BN_bn2bin() to local BIGNUMs, then
set the factors and pubkey on the dh using DH_set0_{pqg,key}().
A second pass will be done during the upcoming bump.
ok jsing
|
|
ok jsing
|
|
BIO_s_file_internal() should never have leaked out of libcrypto,
but it did. As a first step of getting rid of it, stop using it
internally.
ok jsing
|
|
ok inoguchi@ tb@
|
|
This follows what was done previously for ECDHE EC point key exchange and
will allow for deduplication and further code improvement.
Convert the TLSv1.2 client to use the new DHE key exchange functions.
ok inoguchi@ tb@
|
|
|
|
to 3-term BSD license.
|
|
|
|
While here,
* call the function arguments "content_length" rather than just
"length" to make it less likely that the reader confuses them with
the total length returned by ASN1_object_size(3);
* state that only the short form is supported for content_length <= 127;
* add the missing STANDARDS section.
|
|
as intentionally undocumented
|
|
|
|
initializing five of the fields in BIO_ASN1_BUF_CTX (prefix,
prefix_free, suffix, suffix_free, ex_arg), inviting a segfault in
a subsequent call from the application program to BIO_write(3)
because subroutines of that function assume that the function
pointers are either NULL or valid.
Fix this by using the less error-prone calloc(3) idiom.
While here, inline asn1_bio_init() at the only call site
in asn1_bio_new() to simplify the code and make it easier to read.
Bug found and initial patch by me,
this version (with inlining) by and OK tb@.
|
|
|
|
ok inoguchi jsing
|
|
reaching into the EVP_PKEY struct.
ok inoguchi jsing
|
|
ok inoguchi jsing
|
|
ok schwarze@
|
|
replace the BUGS section with a shorter CAVEATS section
|
|
If EVP_PKEY_copy_parameters(3) fails - among other reasons, this
may happen when out of memory - the pkey argument and/or the chain
argument will not contain all the desired parameters after returning.
Consequently, report the failure to the caller rather than silently
ignoring it.
OK tb@
|
|
by using X509_get0_pubkey(3) instead of X509_get_pubkey(3);
no functional change.
OK tb@
This is similar to the relevant part of the follwoing commit
from the OpenSSL 1.1.1 branch, which is still under a free licence,
but without the bug that commit introduced into this function in OpenSSL:
commit c01ff880d47392b82cce2f93ac4a9bb8c68f8cc7
Author: Dr. Stephen Henson <steve@openssl.org>
Date: Mon Dec 14 13:13:32 2015 +0000
|
|
ok bluhm inoguchi
|
|
|
|
While here, also improve the rest of the page:
* add missing BIO_TYPE_* constants
* describe BIO_TYPE_START
* better function argument names
* more precision in the descriptions and regarding the RETURN VALUES
* lots of wording improvements
* improve the coding style below EXAMPLES
* delete a BUGS section describing cretaceous behaviour
|
|
|
|
ok florian@
|
|
OCSP_BASICRESP bs contains no certificates.
From David von Oheimb (OpenSSL 121738d1)
ok beck
|
|
need for EVP_PKEY_free().
ok beck
|
|
|
|
Our ASN1_GENERALIZEDTIME_set() doesn't accept time strings with
fractional seconds, so don't feed it milliseconds, but only seconds.
Ensures that openssl x509 -text prints timestamps instead of skipping
them.
ok beck jsing
|
|
This way, CT extensions in certs will be parsed by the new CT code
when they are encountered. This gets rid of a lot of gibberish when
looking at a cert with 'openssl x509 -text -noout -in server.pem'
ok beck jsing
|
|
from <Malgorzata dot Olszowka at stunnel dot org>
via OpenSSL commit 256989ce in the OpenSSL 1.1.1 branch,
which is still under a free license
|
|
|
|
certificte chain. This would happen when the verification callback was
in use, instructing the verifier to continue unconditionally. This could
lead to incorrect decisions being made in software.
|
|
Do not expose it yet, this will wait for an upcoming bump
ok tb@
|
|
from beck
|
|
|
|
not yet available.
ok schwarze
|
|
|
|
i2a_ASN1_ENUMERATED(3), and a2i_ASN1_ENUMERATED(3)
|
|
to fix the same double-counting of the backslash
and to make the parsing stricter in the same way;
OK tb@
|
|
ok inoguchi jsing
|
|
libc can't do DNSSEC validation but it can ask a "security-aware"
resolver to do so. Let's send queries with the AD flag set when
appropriate, and let applications look at the AD flag in responses in
a safe way, ie clear the AD flag if the resolvers aren't trusted.
By default we only trust resolvers if resolv.conf(5) only lists name
servers on localhost - the obvious candidates being unwind(8) and
unbound(8). For non-localhost resolvers, an admin who trusts *all the
name servers* listed in resolv.conf(5) *and the network path leading to
them* can annotate this with "options trust-ad".
AD flag processing gives ssh -o VerifyHostkeyDNS=Yes a chance to fetch
SSHFP records in a secure manner, and tightens the situation for other
applications, eg those using RES_USE_DNSSEC for DANE. It should be
noted that postfix currently assumes trusted name servers by default and
forces RES_TRUSTAD if available.
RES_TRUSTAD and "options trust-ad" were first introduced in glibc by
Florian Weimer. Florian Obser (florian@) contributed various
improvements, fixed a bug and added automatic trust for name servers on
localhost.
ok florian@ phessler@
|
|
thanks Matthias Schmidt
|
|
|
|
while here, add a few STANDARDS references
|
|
|
|
|
|
|
