| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
| |
the unused cache member of X509_STORE.
ok jsing
|
| |
|
|
|
|
|
| |
Check for allocation failures and if one happens push an error on
the stack and clean up using X509_STORE_free().
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
| |
callbacks are called.
ok jsing
|
| |
|
|
|
|
|
| |
Switch from malloc() to calloc() and drop a bunch of initializations
to 0. Call the returned object lu instead of the generic ret.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
Both these are essentially unused. Remove the last use of data.ptr
by initializing and copying the X509_OBJECT using memset() and
struct assignment in X509_STORE_CTX_get_subject_by_name() and add
a missing error check for X509_OBJECT_up_ref_count() while there.
ok beck
|
| |
|
|
|
|
|
|
|
|
|
| |
Replace sha1 hash use with sha512 for certificate comparisons internal
to the library. use the cached sha512 for the validator's verification
cache.
Reduces our recomputation of hashes, and heavy use of time1 time
conversion functions noticed bu claudio@ in rpki client.
ok jsing@ tb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* memory leak in X509_set_subject_name(ret, X509_NAME_dup(xn));
* memory leak in X509_set_issuer_name(ret, X509_NAME_dup(xn));
* memory leak in X509_set_pubkey(ret, X509_REQ_get_pubkey(r));
* missing return value check of X509_REQ_get_pubkey(r);
* missing return value check of X509_set_pubkey(...);
Some of these bugs have survived for twenty-five years.
I noticed the first two bugs while documenting the function,
then found that a commit in the OpenSSL 1.1.1 branch, which is
still under a free license, fixed all of them in 2016.
In the function X509_REQ_to_X509(3), merge everything worth merging
from OpenSSL 1.1.1, in particular the relevant parts of:
* 222561fe Apr 30 17:33:59 2015 -0400 (err: label cleanup)
* 0517538d Mar 17 00:15:48 2016 +0100 (the bugfix)
* c5137473 Apr 3 23:37:32 2016 +0200 (code simplification)
While here, delete some commented out code that is wrong in
multiple ways and untouched since the SSLeay era.
One code tweak for readability by tb@, and OK tb@.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In this function, merge everything that is worth merging
from the OpenSSL 1.1.1 branch, which is still under a free license,
mostly the relevant part of commit 9b0a4531 Mar 14 23:48:47 2015 +0000
to use X509_ATTRIBUTE_get0_type(3) rather than re-implementing it.
While here,
* use d2i_X509_EXTENSIONS(3) rather than ASN1_item_d2i(3);
* test pointers explicitly against NULL, not with '!', as suggested by tb@;
* drop some useless parentheses as suggested by tb@.
OK tb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
that i noticed while documneting the function:
* missing return value check for ASN1_item_i2d(3) and
* missing return value check for OBJ_nid2obj(3).
In the function X509_REQ_add_extensions_nid(3), merge everything
that is worth merging from the OpenSSL 1.1.1 branch, which is still
under a free license; that's mostly parts of the commit 9b0a4531
Mar 14 23:48:47 2015 +0000 (containing the bugfix, even though the
OpenSSL commit message did not mention the bugs) and some minor
stylistic changes from 0f113f3e and 26a7d938.
While here, use i2d_X509_EXTENSIONS(3) instead of the layer-violating
call to ASN1_item_i2d(3), and include a few stylistic tweaks from tb@.
OK tb@, and jsing@ agreed on the general direction.
|
| |
|
|
|
|
|
|
| |
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.
ok jsing
|
| |
|
|
|
|
| |
the generic 'ret' to obj' in X509.
Requested by jsing
|
| |
|
|
|
|
| |
no longer needed.
ok jsing
|
| |
|
|
|
|
| |
parts of LibreSSL can no longer reach into them.
discussed with beck, jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
|
|
|
| |
around X509_STORE_get_by_subject() that eliminates the need of
allocating an object on the heap by hand.
ok beck inoguchi jsing
|
| |
|
|
|
|
| |
OpenSSL's signatures.
ok beck inoguchi jsing
|
| |
|
|
|
|
| |
Remove the now unused X509_LU_{RETRY,FAIL,PKEY}.
ok beck inoguchi jsing
|
| |
|
|
|
|
| |
opaque structs.
ok beck inoguchi jsing
|
| |
|
|
| |
ok beck inoguchi jsing
|
| |
|
|
|
|
|
|
|
| |
indicates failure. The previous "error return" X509_V_ERR_UNSPECIFIED
translates to 1, i.e., success. This changes to the intended behavior
of x509_purp.c r1.3 and matches OpenSSL. This will need various
adjustments in the documentation.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
Original commit message from beck:
Validate Subject Alternate Names when they are being added to certificates.
With this change we will reject adding SAN DNS, EMAIL, and IP addresses
that are malformed at certificate creation time.
ok jsing@ tb@
|
| |
|
|
|
|
|
|
|
| |
breaks the ruby regression tests that expect to make bogus certificates
and see that they are rejected :(
I am reverting this for now to make the regress tests pass, and will
bring it back if we decide to patch the regress tests to remove the
problem cases
|
| |
|
|
| |
OK beck@
|
| |
|
|
|
|
|
| |
With this change we will reject adding SAN DNS, EMAIL, and IP addresses
that are malformed at certificate creation time.
ok jsing@ tb@
|
| | |
|
| |
|
|
| |
Spotted by egcc. ok tb@
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok beck inoguchi jsing
|
| |
|
|
| |
ok jsing
|
| | |
|
| | |
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
| |
that we know that it only returns 0 or 1. Eliminate the last uses
of X509_LU_{FAIL,RETRY}.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
Initialize stmp.type and stmp.data.ptr so that a user-defined lookup
method need not take responsibility of initializing those. Get rid of
current_method, which was never really used. Stop potentially returning
a negative value since most callers assume Boolean return values already.
In addition, garbage collect the pointless j variable.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
| |
extension. This is part of OpenSSL commit df4c395c which didn't make
it into our tree for some reason.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
| |
for a NULL ctx->ctx in the lookup functions using X509_STORE_CTX.
This affects X509_STORE_get1_certs(), X509_STORE_get1_crls(),
X509_STORE_CTX_get1_issuer() and X509_STORE_get_by_subject().
With this X509_verify_cert() no longer crashes with a NULL store.
With and OK tb@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In order to work around the expired DST Root CA X3 certficiate, enable
X509_V_FLAG_TRUSTED_FIRST in the legacy verifier. This means that the
default chain provided by Let's Encrypt will stop at the ISRG Root X1
intermediate, rather than following the DST Root CA X3 intermediate.
Note that the new verifier does not suffer from this issue, so only a
small number of things will hit this code path.
ok millert@ robert@ tb@
|
