wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/apps
History
Benjamin Kaduk 3d362f1903 apps: allow empty attribute values with -subj 
Historically (i.e., OpenSSL 1.0.x), the openssl applications would
allow for empty subject attributes to be passed via the -subj argument,
e.g., `opensl req -subj '/CN=joe/O=/OU=local' ...`.  Commit
db4c08f019 applied a badly needed rewrite
to the parse_name() helper function that parses these strings, but
in the process dropped a check that would skip attributes with no
associated value.  As a result, such strings are now treated as
hard errors and the operation fails.

Restore the check to skip empty attribute values and restore
the historical behavior.

Document the behavior for empty subject attribute values in the
corresponding applications' manual pages.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7349)
2018-10-08 16:32:47 -05:00
..
demoSRP
app_rand.c Create the .rnd file it it does not exist 2018-09-23 08:26:19 +02:00
apps.c apps: allow empty attribute values with -subj 2018-10-08 16:32:47 -05:00
apps.h Allow configuation of the number of TLSv1.3 session tickets via SSL_CONF 2018-05-17 16:48:25 +01:00
asn1pars.c Change the "offset too large" message to more generic wording 2018-04-03 16:02:17 +02:00
bf_prefix.c Fix of prefix bio filter (bf_prefix.c): rely on the given length 2018-02-01 22:09:41 +01:00
build.info Make sure the 'tsget' script is called 'tsget.pl' everywhere 2018-07-23 18:33:48 +02:00
ca-cert.srl
ca-key.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
ca-req.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
ca.c typo-fixes: miscellaneous typo fixes 2018-09-21 23:55:22 +02:00
CA.pl.in Update copyright year 2018-03-20 13:08:46 +00:00
cert.pem
ciphers.c Split configuration of TLSv1.3 ciphers from older ciphers 2018-03-14 10:15:50 +00:00
client.pem
cms.c apps: Don't include progs.h in apps.h 2018-01-31 23:45:12 +01:00
crl.c Update copyright year 2018-02-13 13:59:25 +00:00
crl2p7.c Update copyright year 2018-02-13 13:59:25 +00:00
ct_log_list.cnf GH1536: Install empty CT log list 2016-09-14 18:22:33 -04:00
dgst.c Add a note and better error if using Ed25519/Ed448 in dgst 2018-04-06 10:10:05 +01:00
dh1024.pem Update Diffie-Hellman parameters to IANA standards 2016-05-03 10:32:01 -04:00
dh2048.pem Update Diffie-Hellman parameters to IANA standards 2016-05-03 10:32:01 -04:00
dh4096.pem Update Diffie-Hellman parameters to IANA standards 2016-05-03 10:32:01 -04:00
dhparam.c apps/dsaparam.c generates code that is intended to be pasted or included 2018-07-30 07:34:32 +10:00
dsa-ca.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
dsa-pca.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
dsa.c Update copyright year 2018-02-13 13:59:25 +00:00
dsa512.pem
dsa1024.pem
dsap.pem
dsaparam.c apps/dsaparam.c generates code that is intended to be pasted or included 2018-07-30 07:34:32 +10:00
ec.c Update copyright year 2018-02-13 13:59:25 +00:00
ecparam.c Use the new non-curve type specific EC functions internally 2018-07-31 09:08:38 +01:00
enc.c Add support for PBKDF2 for enc command 2018-02-21 12:36:21 +00:00
engine.c Update copyright year 2018-02-13 13:59:25 +00:00
errstr.c Update copyright year 2018-02-13 13:59:25 +00:00
gendsa.c Issue warnings for large DSA and RSA keys 2018-06-05 18:08:01 +02:00
genpkey.c add 'unsupported cipher mode' diagnostics to evp_lib.c and genpkey.c 2018-06-18 10:45:35 +01:00
genrsa.c Issue warnings for large DSA and RSA keys 2018-06-05 18:08:01 +02:00
nseq.c Update copyright year 2018-02-13 13:59:25 +00:00
ocsp.c Fix a mem leak in the ocsp app 2018-10-02 10:52:57 +01:00
openssl-vms.cnf Create the .rnd file it it does not exist 2018-09-23 08:26:19 +02:00
openssl.c 'openssl list': add option -objects to list built in objects 2018-10-01 15:33:28 +02:00
openssl.cnf Create the .rnd file it it does not exist 2018-09-23 08:26:19 +02:00
opt.c apps/opt.c: Remove the access checks of input and output files 2018-04-25 11:44:26 +02:00
passwd.c Update copyright year 2018-02-13 13:59:25 +00:00
pca-cert.srl
pca-key.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
pca-req.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
pkcs7.c Update copyright year 2018-02-13 13:59:25 +00:00
pkcs8.c Update copyright year 2018-02-13 13:59:25 +00:00
pkcs12.c Update copyright year 2018-02-13 13:59:25 +00:00
pkey.c Do not ignore EVP_PKEY_print_public/EVP_PKEY_print_private return values 2018-08-24 15:33:26 +03:00
pkeyparam.c Update copyright year 2018-02-13 13:59:25 +00:00
pkeyutl.c Add a sanity check on the length of pkeyutl inputs 2018-05-24 17:26:03 +01:00
prime.c Update copyright year 2018-02-13 13:59:25 +00:00
privkey.pem
progs.pl Enable all implemented digests 2018-04-19 21:03:53 +02:00
rand.c Update copyright year 2018-02-13 13:59:25 +00:00
rehash.c Replace strdup() with OPENSSL_strdup() 2018-05-29 17:08:39 +01:00
req.c openssl req: don't try to report bits 2018-09-04 14:24:11 +02:00
req.pem
rsa.c Update copyright year 2018-02-13 13:59:25 +00:00
rsa8192.pem
rsautl.c Update copyright year 2018-02-13 13:59:25 +00:00
s512-key.pem
s512-req.pem
s1024key.pem
s1024req.pem
s_apps.h openssl s_server: print the accepting address and socket 2018-04-04 20:24:26 +02:00
s_cb.c Text description of GOST signature algorithms 2018-05-30 09:14:04 +01:00
s_client.c Change Post Handshake auth so that it is opt-in 2018-08-20 15:14:01 +01:00
s_server.c Don't allow -early_data with other options where it doesn't work 2018-09-13 10:06:09 +01:00
s_socket.c Only set TCP_NODELAY if the protocol is TCP 2018-05-31 10:39:13 +01:00
s_time.c Don't call setsockopt with an invalid fd 2018-05-31 10:39:13 +01:00
server.pem
server.srl
server2.pem
sess_id.c Fix the type of -out option 2018-02-28 18:44:56 +01:00
smime.c Update copyright year 2018-02-13 13:59:25 +00:00
speed.c Speed for HMACs. 2018-09-12 08:54:21 +10:00
spkac.c Fix mixed indentation (and other whitespace issues) 2018-04-26 21:34:46 +02:00
srp.c update SRP copyright notice 2018-03-13 18:33:44 +10:00
storeutl.c Free a variable 2018-05-31 10:39:13 +01:00
testCA.pem
testdsa.h Clean up a bundle of codingstyle stuff in apps directory 2017-06-12 16:11:05 -04:00
testrsa.h Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
timeouts.h Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ts.c Update copyright year 2018-02-13 13:59:25 +00:00
tsget.in Update copyright year 2018-03-20 13:08:46 +00:00
verify.c Fix memory leaks in CA related functions. 2018-05-02 08:35:32 +02:00
version.c Restore the display of options with 'openssl version -a' 2018-03-09 14:28:51 +01:00
vms_decc_init.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
vms_term_sock.c Consistent formatting for sizeof(foo) 2017-12-07 19:11:49 -05:00
vms_term_sock.h Cleanup some copyright stuff 2017-06-30 21:56:44 -04:00
win32_init.c Fix not-c code 2016-10-19 00:56:48 +02:00
x509.c Support directories with "." in x509_load_serial() 2018-06-24 15:42:28 +02:00