| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
| |
Need to make sure i * 4 won't overflow. Based on OpenSSL:
commit 99ba9fd02fd481eb971023a3a0a251a37eb87e4c
input + ok bcook@
ok beck@
|
|
|
|
| |
ok deraadt@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Based on a few OpenSSL commits:
Remove ancient DSA workarounds
commit ab4a81f69ec88d06c9d8de15326b9296d7f498ed
Remove workaround for broken DSA implementations using negative integers
commit dfb10af92e9663ce4eefaa1d6b678817fa85344d
Typo in error name (EVP_R_DECODE_ERROR -> DSA_R_DECODE_ERROR)
commit f6fb7f1856d443185c23f1a5968c08b4269dd37d
ok beck@
|
|
|
|
| |
ok doug@
|
|
|
|
|
| |
about which options are turned on/off by 's' and 'S'
ok tedu
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Add new root certificates present in Mozilla cert store from CA
organizations who are already in cert.pem (AddTrust, Comodo, DigiCert,
Entrust, GeoTrust, USERTrust).
- Replace Startcom's root with their updated sha256 version present in
Mozilla cert store. (They maintained serial# etc so this is still valid
for existing signed certificates).
- Add two root certificates from CA not previously present:
"C=US, O=Network Solutions L.L.C., CN=Network Solutions Certificate Authority"
"C=PL, O=Unizeto Sp. z o.o., CN=Certum CA" (the latter used by yandex.ru)
We are still listing some certificates that have been removed from
Mozilla's store (1024-bit etc) however these cannot be removed until
cert validation is improved (we don't currently accept a certificate
as valid unless the CA is at the end of a chain).
|
| |
|
|
|
|
| |
improvements sthen@, jmc@. okay millert@, jca@ jmc@
|
|
|
|
|
|
| |
There is long-standing consensus that err(1, NULL) is the best idiom
after failure of malloc(3) and friends.
Quirk in the manual noticed by tb@.
|
|
|
|
|
|
|
|
|
|
|
| |
(CN if available, otherwise OU).
Add a comment identifying the org. Now to get an easy-to-read list
of certificates in the file you can use "grep ^[#=] cert.pem".
Prepared with https://spacehopper.org/format-pem.20160201. If you would
like to verify this commit to ensure that I didn't sneak in any other
changes, it will be easier to use the script rather than do it by hand.
|
|
|
|
|
|
|
|
|
| |
aren't really useful (the information can be obtained by feeding the cert
into "openssl x509 -in filename -text") and add a separator between certs
showing the CA's CN or OU (similar to the display format in web browsers).
Include both SHA1 and SHA256 fingerprints for all certificates.
ok beck@ zhuk@ jung@
|
|
|
|
| |
from ray@, ok jmc@
|
|
|
|
| |
ok jsing@
|
|
|
|
| |
David CARLIER
|
|
|
|
| |
This is of course a no-op on other platforms. Noted by equalsraf from github.
|
|
|
|
|
|
|
|
| |
The 'A' option elevated warnings to errors, and has been the default for some
time. Then warnings were effectively eliminated in favor of everything
being an error, but then the 'a' flag turned real errors into warnings!
Remove the 'a' option entirely. You shouldn't have used it anyway.
ok tb tdeval
|
|
|
|
|
|
|
|
| |
the examples.
Diff from Juuso Lapinlampi < wub () partyvan ! eu >, thanks!
ok schwarze@
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Work around this particular case by reseeding whenever pid=1, but as guenther@
notes, directly calling clone(2), and then forking to match another pid,
provides other ways to bypass new process detection on Linux.
Hopefully at some point Linux implements something like MAP_INHERIT_ZERO, and
does not invent a corresponding mechanism to subvert it.
Noted by Sebastian Krahmer and the opmsg team.
See http://stealth.openwall.net/crypto/randup.c for a test program.
ok beck@
|
| |
|
| |
|
|
|
|
| |
validate_junk. from Michal Mazurek
|
|
|
|
| |
ok and valuable input from millert@
|
|
|
|
| |
ok tedu@
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
millert@
|
|
|
|
|
|
|
|
|
| |
This is slightly less robust, but RAND_MAX must be one below a power
of two in both variants anyway.
Based on a suggestion by Matthew Martin.
ok tedu@
|
| |
|
|
|
|
|
|
|
|
| |
any file indicated by an environment variable" feature inside the
resolver is incompatible with what pledge "dns" is trying to be. It is
a misguided "feature" added way back in history which almost noone uses,
but everyone has to assume the risk from.
ok eric florian kettenis
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Authority" (serial 3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be) root
certificate from cert.pem. ok rpe@
Symantec/VeriSign say "Browsers/root store operators are encouraged to
remove/untrust this root from their root stores" and "hasn't been used to
generate new certificates in several years, and will now be repurposed to
provide transition support for some of our enterprise customers' legacy,
non-public applications" (https://www.symantec.com/page.jsp?id=roots,
http://www.scmagazine.com/google-will-remove-trust-of-symantecs-pca3-g1-certificate/article/459688/).
Also see
https://knowledge.symantec.com/support/ssl-certificates-support/index?page=content&id=ALERT1941
https://googleonlinesecurity.blogspot.co.uk/2015/12/proactive-measures-in-digital.html
|
|
|
|
| |
ok guenther@
|
|
|
|
| |
ok guenther@
|
|
|
|
| |
ok guenther@
|
| |
|
| |
|
|
|
|
|
|
| |
case is ok.
ok bcook@
|
|
|
|
| |
ok bcook@
|
|
|
|
| |
ok bcook@
|
| |
|
|
|
|
| |
ok jsing@, deraadt@, beck@
|
|
|
|
|
|
|
|
|
|
|
| |
The recently-added EVP_aead_chacha20_poly1305_ietf() function, which implements
informational RFC 7539, "ChaCha20 and Poly1305 for IETF Protocols", needs a
64-bit counter to avoid truncation on 32-bit platforms.
The existing TLS ChaCha20-Poly1305 ciphersuite is not impacted by this, but
making this change requires an ABI bump.
ok jsing@, "Looks sane" beck@
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Optionally add random "canaries" to the end of an allocation. This
requires increasing the internal size of the allocation slightly, which
probably results in a large effective increase with current power of two
sizing. Therefore, this option is only enabled via 'C'.
2. When writing junk (0xdf) to freed chunks (current default behavior),
check that the junk is still intact when finally freeing the delayed chunk
to catch some potential use after free. This should be pretty cheap so
there's no option to control it separately.
ok deraadt tb
|
|
|
|
|
|
|
| |
In some cases sites signed by this are covered by the old "AddTrust External
CA Root" that we already had, but that depends on the site sending a fairly
large chain of intermediate certificates which most aren't doing (because
there's no need because this newer one is in browser stores..).
|
|
|
|
|
|
| |
This enables ENGINE_get_digest to work again with SHA1.
noted by NARUSE, Yui, @nurse from github
|
|
|
|
| |
ok djm@ jsing@
|
|
|
|
| |
ok krw@
|
| |
|