Returning untrusted is enough for for full chains that end in
self-signed roots, because when explicit trust is specified it
suppresses the default blanket trust of self-signed objects.
But for partial chains, this is not enough, because absent a similar
trust-self-signed policy, non matching EKUs are indistinguishable
from lack of EKU constraints.
Therefore, failure to match any trusted purpose must trigger an
explicit reject.
Reviewed-by: Richard Levitte <levitte@openssl.org>
These can be re-generated via:
cd test/certs; ./setup.sh
if need be. The keys are all RSA 2048-bit keys, but it is possible
to change that via environment variables.
cd test/certs
rm -f *-key.pem *-key2.pem
OPENSSL_KEYALG=rsa OPENSSL_KEYBITS=3072 ./setup.sh
cd test/certs
rm -f *-key.pem *-key2.pem
OPENSSL_KEYALG=ecdsa OPENSSL_KEYBITS=secp384r1 ./setup.sh
...
Keys are re-used if already present, so the environment variables
are only used when generating any keys that are missing. Hence
the "rm -f"
Reviewed-by: Richard Levitte <levitte@openssl.org>
When DANE-EE(3) matches or either of DANE-EE/PKIX-EE fails, we don't
build a chain at all, but rather succeed or fail with just the leaf
certificate. In either case also check for Suite-B violations.
As unlikely as it may seem that anyone would enable both DANE and
Suite-B, we should do what the application asks.
Took the opportunity to eliminate the "cb" variables in x509_vfy.c,
just call ctx->verify_cb(ok, ctx)
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Split the read_config function into read_config that ONLY reads the
configuration files but doesn't try to resolve any of the
inheritances, and resolve_config which resolves the inheritance chain
of a given target. Move them to the bottom of Configure, with the
rest of the helpers.
Have a new small hash table, %target, which will hold the values for
the target the user requested. This also means that all access to the
current target data can be reduced from '$table{$target}->{key}' to a
mere '$target{key}'.
While we're at it, the old string formatted configurations are getting
obsolete, so they may as well get deprecated entirely.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Get rid of the --test-sanity option. Since we no longer have string
based configurations, we don't have the problem with miscounting
colons any more.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Start simple, removed some unused variables and change all '<<EOF' to
'<<"EOF"'. The latter is because some code colorizers (notably, in
emacs) cannot recognise the here document end marker unless it's
quoted and therefore assume the rest of the file is part of the here
document.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Rename 'update' to 'generate'. Rather than recurse, just explicitly
call the three generate targets directly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Calling SSL_shutdown while in init previously gave a "1" response, meaning
everything was successfully closed down (even though it wasn't). Better is
to send our close_notify, but fail when trying to receive one.
The problem with doing a shutdown while in the middle of a handshake is
that once our close_notify is sent we shouldn't really do anything else
(including process handshake/CCS messages) until we've received a
close_notify back from the peer. However the peer might send a CCS before
acting on our close_notify - so we won't be able to read it because we're
not acting on CCS messages!
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
The GOST engine is now out of date and is removed by this commit. An up
to date GOST engine is now being maintained in an external repository.
See:
https://wiki.openssl.org/index.php/Binaries
Reviewed-by: Richard Levitte <levitte@openssl.org>
For BSD systems, Configure adds a shared_ldflags including a reference
to the Makefile variable LIBRPATH, but since it must be passed down to
Makefile.shared, care must be taken so the value of LIBRPATH doesn't
get expanded too early, or it ends up giving an empty string.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Some users want to disable SSL 3.0/TLS 1.0/TLS 1.1, and enable just
TLS 1.2. In the future they might want to disable TLS 1.2 and
enable just TLS 1.3, ...
This commit makes it possible to disable any or all of the TLS or
DTLS protocols. It also considerably simplifies the SSL/TLS tests,
by auto-generating the min/max version tests based on the set of
supported protocols (425 explicitly written out tests got replaced
by two loops that generate all 425 tests if all protocols are
enabled, fewer otherwise).
Reviewed-by: Richard Levitte <levitte@openssl.org>
Fix a typo in the definition of the GOST2012-NULL-GOST12 ciphersuite.
RT#4213
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
It seems risky in the context of cross-signed certificates when the
same certificate might have multiple potential issuers. Also rarely
used, since chains in OpenSSL typically only employ self-signed
trust-anchors, whose self-signatures are not checked, while untrusted
certificates are generally ephemeral.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Cygwin was used for x86 before, so let's keep it around for those who
still use it (it make Configure reconf possible).
Cygwin-i[3456]86 for those that might generate and pass a target name
directly to Configure.
Reviewed-by: Rich Salz <rsalz@openssl.org>
This patch allows to recognize the architectures supported by Cygwin
and to choose the right configuration from there. Drop -march to
use default architecture on 32 bit x86.
Drop pre-Cygwin-1.3 recognition since it's long gone and there's no
valid configuration for this anymore.
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Building for the Cygwin distro requires to be able to build debuginfo
files. This in turn requires to build object files without stripping.
The stripping is performed by the next step after building which creates
the debuginfo files.
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Remove lint, tags, dclean, tests.
This is prep for a new makedepend scheme.
This is temporary pending unified makefile, and might help it.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Author: Remi Gacogne <rgacogne-github@coredump.fr>
GH334: Add an OCSP_SINGLERESP_get0_id() accessor to the OCSP_CERTID of
a OCSP_SINGLERESP. It is possible to do it the other way around using
OCSP_resp_find(), but this is more efficient when you have a tree indexed
by OCSP_CERTID, like haproxy does. (This is also RT4251)
Author: Marek Klein <kleinmrk@gmail.com>
GH556: OCSP_resp_get_produced_at() accessor to the producedAt of a
OCSP_BASICRESP
GH555: TS_STATUS_INFO_get_status(), TS_STATUS_INFO_get_text() and
TS_STATUS_INFO_get_failure_info() accessors for a TS_STATUS_INFO
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Also report an SSL_dane_enable error when the basedomain is an
invalid SNI name. Avoid side-effects when such a name is valid
with X509_VERIFY_PARAM_set1_host(), as e.g. with an empty name, by
setting the SNI name first.
Reviewed-by: Rich Salz <rsalz@openssl.org>