| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Keep the depth which was needed.
This went an error too far, and broke openssl-ruby's callback
and error code sensitivity in it's tests.
With this removed, both my newly committed regress to verify
the same error codes and depths in the callback, and
openssl-ruby's tests pass again.
ok tb@
|
| |
|
|
|
|
|
|
| |
While this is not a leak currently, it definitely looks like one.
Pointed out by jsing on review of a diff that touched the vicinity
a while ago.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The verifier callback is used by mutt to do a form of certificate
pinning where the callback gets fired and depending on a
cert saved to a file will decide to accept an untrusted cert.
This corrects two problems that affected this. The callback was not
getting the correct depth and chain for the error where mutt would
save the certificate in the first place, and then the callback was not
getting fired to allow it to override the failing certificate
validation.
thanks to Avon Robertson <avon.r@xtra.co.nz> for the report and
sthen@ for analysis.
"The callback is not an API, it's a gordian knot - tb@"
ok jsing@
|
| |
|
|
| |
ok jsing@
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
|
|
| |
The tentacles are everywhere. This checks that all certs in a chain
have keys and signature algorithms matching the requirements of the
security_level configured in the verify parameters.
ok beck jsing
|
| |
|
|
|
|
|
|
| |
For some unknown reason this needed a different name than security_level,
both internally and in the public API. Obviously it is exactly the same
garbage.
ok beck jsing
|
| |
|
|
|
|
|
|
| |
the world seems to be using.
Symbols.list changes and exposure to wait for minor bump
ok jsing@ jca@
|
| |
|
|
|
|
|
| |
This also provides a pkey_security_bits member to the PKEY ASN.1 methods
and a corresponding setter EVP_PKEY_asn1_set_security_bits().
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
|
|
|
|
|
| |
Apparently at some point a LONG_it was misaligned - provide and use
long_{get,set}() so that we always memcpy() rather than doing it some times
but not others. While here provide long_clear() rather than abusing and
reusing long_free().
ok tb@
|
| |
|
|
|
|
|
|
|
|
|
| |
Such uri's must be parsed and allowed, but then should
fail if a name constraint is present.
Adds regress testing for this same case.
fixes https://github.com/libressl-portable/openbsd/issues/131
ok tb@
|
| | |
|
| |
|
|
|
|
|
|
| |
While seemingly illogical and not what is done in Go's validator, this
mimics OpenSSL's behavior so that callback overrides for the expiry of
a certificate will not "sticky" override a failure to build a chain.
ok jsing@
|
| |
|
|
|
|
|
| |
Switch to using ints for boolean values and use 0 or 1 for constructed,
rather than using 0 the ASN.1 tag encoded value (1 << 5).
ok tb@
|
| |
|
|
|
|
|
| |
Instead of having a separate get/set implementation, reuse the ASN1_INTEGER
code. Also prepare to provide ASN1_ENUMERATED_{get,set}_int64().
ok beck@ tb@
|
| |
|
|
|
|
| |
In the process, prepare to provide ASN1_INTEGER_{get,set}_{u,}int64().
ok beck@ tb@
|
| |
|
|
| |
ok beck@ tb@
|
| |
|
|
|
|
|
|
|
|
| |
Without these checks in both functions nw = n / BN_BITS2 will be negative
and this leads to out-of-bounds accesses via negative array indices and
memset with a negative size.
Pointed out by cheloha
ok jsing
|
| | |
|
| |
|
|
|
|
|
| |
This matches Cohen's text better and makes the entire thing easier to
read.
suggested by jsing
|
| |
|
|
|
|
|
|
|
|
| |
Instead of "Cohen's step N" explain in words what is being done. Things
such as (A & B & 2) != 0 being equivalent to (-1)^((A-1)(B-1)/4) being
negative are not entirely obvious... Remove the strange error dance and
adjust variable names to what Cohen's book uses. Simplify various curly
bits.
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
|
| |
If gcd(a, primes[i]) == 0 then a could still be a prime, namely in the
case that a == primes[i], so check for that case as well.
Problem noted by Martin Grenouilloux
ok jsing
|
| |
|
|
|
|
| |
upper bounds are known to be size_t.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
| |
length and using memcpy(). This also provides a missing overflow check
(which is done by the only caller, however).
ok jsing
|
| |
|
|
|
|
|
| |
Now that session_id_length is a size_t, we can pass it directly to
CBS_write_bytes() instead of using a temporary variable.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
| |
EVP_Digest() can fail, so handle failure appropriately and prepare
switch of session_id_length to a size_t.
ok jsing
|
| |
|
|
|
|
| |
respectively
ok jsing
|
| |
|
|
|
|
| |
redundant parentheses.
ok jsing
|
| |
|
|
|
|
|
| |
is deliberately reduced to an unsigned int. Since the session_id is at
most 32 bytes, this is not a concern.
ok jsing
|
| | |
|
| |
|
|
| |
ok jsing (who informs me he had the same diff in his jungle)
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
| |
Now that master_key_length is a size_t, we no longer have to fiddle with
data_len. We can rather pass a pointer to it to CBS_write_bytes().
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
Failure of this undocumented callback was previously silently ignored.
Follow OpenSSL's behavior and throw an internal error (for lack of a
better choice) if the callback failed or if it set the master_key_length
to a negative number.
Unindent the success path and clean up some strange idioms.
ok jsing
|
| |
|
|
|
|
| |
SSLv2 remnants.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
| |
Wrap long lines and fix a bug where the wrong struct member was checked
for NULL.
ok jsing
|
| |
|
|
|
| |
Apparently 60 * 5 + 4 seconds is 5 minutes. Presumably this is the case
with sufficiently potent crack, which would explain a few things in here.
|
| |
|
|
|
| |
The fallback to SHA-1 if SHA-256 is disabled fell victim to tedu many
moons ago when this file was still called s3_clnt.c and had no RCS ID.
|
| | |
|
