| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The other_ctx is a strong contender for the worst name of a struct member
in OpenSSL. It's a void * member whose only purpose ever was to be set to a
STACK_OF(X509) * via X509_STORE_CTX_trusted_stack() (yes, this is obviously
a setter, why do you ask?) and then to be used by the get_issuer() callback
(which of course isn't there to find any old issuer, but only to look for
issuers among the 'trusted' certs).
Anyway, we may want to rename untrusted into intermediates and trusted into
roots later on, but for now let's match the lovely public API. While there
rename get_issuer_sk() into get_trusted_issuer() which is a more accurate
and slightly less silly name.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
roots was used to store the trusted stack or pull the roots out of the
X509_STORE before beck unmooned Ethel in x509_vfy.c r1.88. Since then
this variable is effectively unused. It seems the STACK_OF(3) madness
is too complicated for -Wunused-but-set-variable to notice.
ok miod
|
| |
|
|
|
|
|
| |
If an extension is non-critical, X509V3_extensions_print() would leave
trailing whitespace. This can be trivially avoided.
ok miod
|
| | |
|
| |
|
|
|
|
|
| |
regress for the moment. this will come back after we rethink
the failure versus not there case.
ok tb@ jsing@
|
| |
|
|
|
|
| |
changing tests.
ok tb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently these functions return raw ASN1_STRING bytes as
a C string and ignore the encoding in a "hold my beer I am
a toolkit not a functioning API surely it's just for testing
and you'd never send nasty bytes" kind of way.
Sadly some callers seem to use them to fetch things liks
subject name components for comparisons, and often just
use the result as a C string.
Instead, encode the resulting bytes as UTF-8 so it is
something like "text",
Add a failure case if the length provided is inadequate
or if the resulting text would contain an nul byte.
based on boringssl.
nits by dlg@
ok tb@
|
| |
|
|
|
|
| |
This helper has been inside #if 0 for nearly 25 years. Let it go. If we
should ever need it, I'm quite confident that we will be able to come up
with its one line body on our own.
|
| | |
|
| |
|
|
|
|
|
| |
This ensures that we will no longer silently ignore a certificate with
a critical policy extention by default.
ok tb@
|
| |
|
|
| |
with beck
|
| |
|
|
|
|
|
|
| |
It can go play in the fields with all the other exponential time policy
"code".
discussed with jsing
ok & commit message beck
|
| |
|
|
|
| |
Tell it we deliberately ignore the return value, (we really don't
care what the old comparison function was).
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
| |
The only caller is X509_policy_check() which goes straight to error.
with beck
ok jsing
|
| |
|
|
|
|
|
|
| |
Add sk_is_sorted() checks to the callers of sk_X509_POLICY_NODE_delete_if()
and add a comment that this is necessary.
with beck
ok jsing
|
| |
|
|
|
|
|
|
| |
Move the check that level->nodes is sorted to the call site and make sure
that the logic is preserved and erroring does the right thing.
with beck
ok jsing
|
| |
|
|
|
|
|
|
| |
Instead of asserting that i == num_certs - 2, simply make that an error
check.
with beck
ok jsing
|
| |
|
|
|
|
|
|
|
| |
This assert is in debugging code that ensures that there are no duplicate
nodes on this level. This is an expensive and unnecessary check. Duplicates
already cause failures as ensured by regress.
with beck
ok jsing
|
| |
|
|
|
|
|
| |
Turn the check into an error which will make all callers error.
with beck
ok jsing
|
| |
|
|
|
|
| |
This hoists variable declarations to the top and compiles with -Wshadow.
ok beck
|
| |
|
|
|
|
|
|
|
|
|
| |
The lets the regress in x509/policy pass instead of infinite looping.
The changes are necessry because our sk_num() returns an int with
0 for empty and -1 for NULL, wheras BoringSSL's returns a size_t with
0 for both an empty stack and a NULL stack.
pair work with tb@
ok tb@ jsing@
|
| |
|
|
| |
Pointed out by anton
|
| |
|
|
|
|
|
| |
Use calloc() instead of malloc/memset and make free functions look the
same as elsewhere in the tree.
ok beck jsing
|
| |
|
|
| |
ok beck
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
This used to be public API but is now only used for debug code that has
certainly never been used since it was released to the public. It drags
that debug nonsense with it.
ok beck
|
| |
|
|
|
|
|
| |
The old policy codes remains the default, with the new policy code
selectable by defining LIBRESSL_HAS_POLICY_DAG.
ok tb@ jsing@
|
| |
|
|
|
|
|
| |
We add this locally as a function to avoid delving into
the unholy macro madness of STACK_OF(3).
ok tb@ jsing@
|
| |
|
|
| |
ok tb@ jsing@
|
| |
|
|
| |
ok tb@ jsing@
|
| |
|
|
| |
ok tb@ jsing@
|
| |
|
|
| |
ok tb@ jsing@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
This is an implementation of the X509 policy processing using a
DAG instead of a tree to avoid the problem of exponential expansion
of the policy tree as specified in RFC 5280
For details see:
https://boringssl-review.googlesource.com/c/boringssl/+/55762
ok tb@ jsing@
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Unused and no authorative information was found online in 2016
|
| | |
|
| |
|
|
| |
This matches the OpenSSL 1.1 API a bit better.
|
| |
|
|
|
| |
A few hooks remain in the legacy validator, which will soon be replaced
with something better. The rest of the tentacles are now largely contained.
|
| |
|
|
|
|
| |
From David Benjamin (BoringSSL)
ok beck
|
| | |
|
| |
|
|
|
|
|
| |
Note that it is important to invalidate the cache before returning,
as the return might bubble up an error.
OK tb@ jsing@
|
| |
|
|
|
|
|
| |
A small side-effect in X509_to_X509_REQ() is that 'x->req_info->enc.modified'
now earlier on is set to 1.
OK tb@ jsing@
|
| |
|
|
|
|
| |
support.
discussed with beck and jsing
|
