summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509/x509_trs.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove X509_TRUST from the public APItb2024-03-021-1/+10
| | | | | | With API and other users internal, this struct can now go. ok jsing
* Remove unused public X509_TRUST APItb2024-03-021-80/+1
| | | | | | | Another thing that should never have leaked out of the library. It will become internal entirely, where the code can be simplified greatly. ok jsing
* Prepare for removing most of the X509_TRUST APItb2024-01-131-41/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | X509_check_trust() is of course used by the verifier. Unfortunately M2Crypto exposes it. The only other part of the X509_TRUST API that are still needed are the X509_TRUST_* macros in x509.h, as they are used via *_set_trust and indirectly via the purpose stuff. The rest will be removed. X509_TRUST_add() was defanged recently, in particular it no longer hangs strdup()'ed strings off the global struct. Nothing ever cleaned these up. TRUST_cleanup() attempted to do so, but since it checked the dynamic/dynamic strings flags in the wrong order, that cleanup call ended up doing nothing, so that code was removed at some point. As a consequence, the struct can now be made const. Use a CTASSERT() to ensure size assumptions on X509_TRUST_COUNT, X509_TRUST_MAX, and X509_TRUST_MIN hold true. Remove the global variable underlying X509_TRUST_set_default()'s functionality and move its accessor down to all the other functions that will be deleted. Inline a few things in X509_check_trust(), so we can excise the internals of X509_TRUST_get0(), X509_TRUST_get_by_id(). Since the default trust function can no longer be changed, call obj_trust() directly. ok jsing
* X509_TRUST: tidy up includestb2024-01-101-2/+4
|
* X509_TRUST: group together all trust_*() functionstb2024-01-101-33/+30
| | | | | Now they are next to the trstandard[] table and listed in the order they appear in the table.
* X509_TRUST: hoist trust_compat() to the other end of the filetb2024-01-101-12/+11
|
* X509_TRUST: start shuffling some code aroundtb2024-01-101-32/+31
| | | | | Hoist obj_trust() to the top and move the static default_trust() next to its setter.
* Fix logic error (&& -> ||)tb2024-01-081-2/+2
| | | | CID 477172
* purpose/trust: Improve comments about COUNT/MAX confusiontb2024-01-071-2/+5
|
* Remove X509_TRUST extensibilitytb2024-01-071-102/+10
| | | | | | | | This is pretty much identical to the X509_PURPOSE case: remove the stack used for extending and overriding the trust table and make X509_TRUST_add() always fail. Simplify some other bits accordingly. ok jsing
* Convert some tables to C99 initializerstb2023-07-021-10/+49
| | | | ok & "happy pirate day" beck
* libressl *_namespace.h: adjust *_ALIAS() to require a semicolontb2023-02-161-12/+12
| | | | | | | | | | LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon. This does not conform to style(9), breaks editors and ctags and (most importantly) my workflow. Fix this by neutering them with asm("") so that -Wpedantic doesn't complain. There's precedent in libc's namespace.h fix suggested by & ok jsing
* Make internal header file names consistenttb2022-11-261-2/+2
| | | | | | | | | | | | | | | | Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
* Revert "Check certificate extensions in trusted certificates"beck2022-11-171-16/+4
| | | | | | | | There are some possible strange side effects noticed by the openssl cms regress tests that I missed. Backing this out until I untangle it ok tb@
* Hide public symbols in libcrypto/x509 .c filesbeck2022-11-141-1/+12
| | | | ok tb@
* Check certificate extensions in trusted certificates.beck2022-11-131-4/+16
| | | | | | | | | | | | | | | | | | Historically the standards let the implementation decide to either check or ignore the certificate properties of trust anchors. You could either use them simply as a source of a public key which was trusted for everything, or you were also permitted to check the certificate properties and fully enforce them. Hooray for freedumb. OpenSSL changed to checking these with : commit 0daccd4dc1f1ac62181738a91714f35472e50f3c Author: Viktor Dukhovni <openssl-users@dukhovni.org> Date: Thu Jan 28 03:01:45 2016 -0500 BoringSSL currently does not check them, as it also inherited the previous OpenSSL behaviour. It will change to check them in the future. (https://bugs.chromium.org/p/boringssl/issues/detail?id=533)
* Allow explicit cert trusts or distrusts for EKU anybeck2022-11-101-4/+6
| | | | | | | | | This matches the current OpenSSL behaviour introduced in their commit: commit 0daccd4dc1f1ac62181738a91714f35472e50f3c Date: Thu Jan 28 03:01:45 2016 -0500 ok jsing@ tb@
* Move the now internal X.509-related structs into x509_lcl.h.tb2021-11-011-1/+3
| | | | | | | | Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and fix a couple of unnecessary reacharounds. ok jsing
* Similar to x509/x509_purp.c rev. 1.5:schwarze2021-07-231-5/+1
| | | | | | | | | | | | | Delete some code from X509_TRUST_cleanup(3) that had no effect: it called a function on static objects that returns right away unless the argument is dynamically allocated. Pointed out by tb@. This commit is identical to: OpenSSL commit 5e6e650d62af09f47d63bfdd6c92e3b16e9da644 Author: Kurt Cancemi <kurt at x64architecture dot com> Date: Thu Jun 9 21:57:36 2016 -0400
* Add const qualifiers to the name and xp arguments of X509_TRUST_add(3),tb2018-05-181-5/+5
| | | | | | | X509_TRUST_get0_name(3), X509_TRUST_get_flags(3), and X509_TRUST_get_trust(3). tested in a bulk build by sthen ok jsing
* Send the function codes from the error functions to the bit bucket,beck2017-01-291-5/+5
| | | | | | as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
* The upcoming x509 alt chains diff tightens the trust requirementsbeck2016-11-061-1/+17
| | | | | | | for certificates. This (from OpenSSL) ensures that the current "default" behaviour remains the same. We should revisit this later ok jsing@
* Remove more IMPLEMENT_STACK_OF noops that have been hiding for the lastjsing2015-02-101-3/+1
| | | | 15 years.
* Avoid modifying input on failure in X509_(TRUST|PURPOSE)_add.doug2014-12-061-6/+8
| | | | | | | | | | | If X509_TRUST_add() or X509_PURPOSE_add() fail, they will leave the object in an inconsistent state since the name is already freed. This commit avoids changing the original name unless the *_add() call will succeed. Based on BoringSSL's commit: ab2815eaff6219ef57aedca2f7b1b72333c27fd0 ok miod@
* further BUF_strdup conversion: these places should be safe to rely ontedu2014-11-181-2/+2
| | | | the function argument not being NULL
* Get rid of the last remaining BUF_strdup and BUF_strlcpy and friends, usebeck2014-10-161-2/+3
| | | | | intrinsic functions everywhere, and wrap these functions in an #ifndef LIBRESSL_INTERNAL to make sure we don't bring their use back.
* X509_TRUST_add(): check X509_TRUST_get0() return value before dereferencing it,miod2014-09-281-15/+23
| | | | | | for it may be NULL. Do not leak memory upon error. ok bcook@
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-111-3/+3
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* tags as requested by miod and teduderaadt2014-06-121-1/+1
|
* More KNF.jsing2014-04-201-2/+2
|
* KNF.jsing2014-04-201-66/+101
|
* blunt force knftedu2014-04-181-5/+5
|
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-171-5/+5
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* resolve conflicts, fix local changesdjm2010-10-011-1/+2
|
* resolve conflictsdjm2009-01-091-1/+1
|
* resolve conflictsdjm2008-09-061-2/+2
|
* merge 0.9.7c; minor bugsfixes;markus2003-11-111-0/+1
| | | | | API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
* OpenSSL 0.9.7 stable 2002 05 08 mergebeck2002-05-151-5/+24
|
* merge openssl 0.9.6b-enginebeck2001-08-011-1/+2
| | | | | Note that this is a maintenence release, API's appear *not* to have changed. As such, I have only increased the minor number on these libraries
* openssl-engine-0.9.6 mergebeck2000-12-151-7/+9
|
* OpenSSL 0.9.5a mergebeck2000-04-151-8/+9
|
* OpenSSL 0.9.5 mergebeck2000-03-191-0/+263
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-09-21 13:50:00 +0000