Loading CHANGES +12 −0 Original line number Original line Diff line number Diff line Loading @@ -4,6 +4,18 @@ Changes between 0.9.5 and 0.9.5a [XX XXX 2000] Changes between 0.9.5 and 0.9.5a [XX XXX 2000] *) Add compatability options to the purpose and trust code. The purpose X509_PURPOSE_ANY is "any purpose" which automatically accepts a certificate or CA, this was the previous behaviour, with all the associated security issues. X509_TRUST_COMPAT is the old trust behaviour: only and automatically trust self signed roots in certificate store. A new trust setting X509_TRUST_DEFAULT is used to specify that a purpose has no associated trust setting and it should instead use the value in the default purpose. [Steve Henson] *) Fix the PKCS#8 DSA private key code so it decodes keys again *) Fix the PKCS#8 DSA private key code so it decodes keys again and fix a memory leak. and fix a memory leak. [Steve Henson] [Steve Henson] Loading crypto/x509/x509.h +3 −1 Original line number Original line Diff line number Diff line Loading @@ -284,7 +284,9 @@ DECLARE_STACK_OF(X509_TRUST) /* standard trust ids */ /* standard trust ids */ #define X509_TRUST_ANY 1 #define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */ #define X509_TRUST_COMPAT 1 #define X509_TRUST_SSL_CLIENT 2 #define X509_TRUST_SSL_CLIENT 2 #define X509_TRUST_SSL_SERVER 3 #define X509_TRUST_SSL_SERVER 3 #define X509_TRUST_EMAIL 4 #define X509_TRUST_EMAIL 4 Loading crypto/x509/x509_trs.c +9 −8 Original line number Original line Diff line number Diff line Loading @@ -65,7 +65,7 @@ static int tr_cmp(X509_TRUST **a, X509_TRUST **b); static void trtable_free(X509_TRUST *p); static void trtable_free(X509_TRUST *p); static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags); static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags); static int trust_any(X509_TRUST *trust, X509 *x, int flags); static int trust_compat(X509_TRUST *trust, X509 *x, int flags); static int obj_trust(int id, X509 *x, int flags); static int obj_trust(int id, X509 *x, int flags); static int (*default_trust)(int id, X509 *x, int flags) = obj_trust; static int (*default_trust)(int id, X509 *x, int flags) = obj_trust; Loading @@ -76,7 +76,7 @@ static int (*default_trust)(int id, X509 *x, int flags) = obj_trust; */ */ static X509_TRUST trstandard[] = { static X509_TRUST trstandard[] = { {X509_TRUST_ANY, 0, trust_any, "Any", 0, NULL}, {X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL}, {X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL}, {X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL}, {X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Client", NID_server_auth, NULL}, {X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Client", NID_server_auth, NULL}, {X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL}, {X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL}, Loading Loading @@ -107,8 +107,8 @@ int X509_check_trust(X509 *x, int id, int flags) X509_TRUST *pt; X509_TRUST *pt; int idx; int idx; if(id == -1) return 1; if(id == -1) return 1; if(!(idx = X509_TRUST_get_by_id(id))) idx = X509_TRUST_get_by_id(id); return default_trust(id, x, flags); if(idx == -1) return default_trust(id, x, flags); pt = X509_TRUST_get0(idx); pt = X509_TRUST_get0(idx); return pt->check_trust(pt, x, flags); return pt->check_trust(pt, x, flags); } } Loading Loading @@ -230,6 +230,11 @@ static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags) /* we don't have any trust settings: for compatibility /* we don't have any trust settings: for compatibility * we return trusted if it is self signed * we return trusted if it is self signed */ */ return trust_compat(trust, x, flags); } static int trust_compat(X509_TRUST *trust, X509 *x, int flags) { X509_check_purpose(x, -1, 0); X509_check_purpose(x, -1, 0); if(x->ex_flags & EXFLAG_SS) return X509_TRUST_TRUSTED; if(x->ex_flags & EXFLAG_SS) return X509_TRUST_TRUSTED; else return X509_TRUST_UNTRUSTED; else return X509_TRUST_UNTRUSTED; Loading Loading @@ -257,7 +262,3 @@ static int obj_trust(int id, X509 *x, int flags) return X509_TRUST_UNTRUSTED; return X509_TRUST_UNTRUSTED; } } static int trust_any(X509_TRUST *trust, X509 *x, int flags) { return X509_TRUST_TRUSTED; } crypto/x509/x509_vfy.c +11 −4 Original line number Original line Diff line number Diff line Loading @@ -771,18 +771,25 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, if(!purpose) purpose = def_purpose; if(!purpose) purpose = def_purpose; /* If we have a purpose then check it is valid */ /* If we have a purpose then check it is valid */ if(purpose) { if(purpose) { X509_PURPOSE *ptmp; idx = X509_PURPOSE_get_by_id(purpose); idx = X509_PURPOSE_get_by_id(purpose); if(idx == -1) { if(idx == -1) { X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, X509_R_UNKNOWN_PURPOSE_ID); X509_R_UNKNOWN_PURPOSE_ID); return 0; return 0; } } /* If trust not set then get from purpose default */ if(!trust) { X509_PURPOSE *ptmp; ptmp = X509_PURPOSE_get0(idx); ptmp = X509_PURPOSE_get0(idx); trust = ptmp->trust; if(ptmp->trust == X509_TRUST_DEFAULT) { idx = X509_PURPOSE_get_by_id(def_purpose); if(idx == -1) { X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, X509_R_UNKNOWN_PURPOSE_ID); return 0; } ptmp = X509_PURPOSE_get0(idx); } } /* If trust not set then get from purpose default */ if(!trust) trust = ptmp->trust; } } if(trust) { if(trust) { idx = X509_TRUST_get_by_id(trust); idx = X509_TRUST_get_by_id(trust); Loading crypto/x509v3/v3_purp.c +8 −1 Original line number Original line Diff line number Diff line Loading @@ -71,6 +71,7 @@ static int purpose_smime(X509 *x, int ca); static int check_purpose_smime_sign(X509_PURPOSE *xp, X509 *x, int ca); static int check_purpose_smime_sign(X509_PURPOSE *xp, X509 *x, int ca); static int check_purpose_smime_encrypt(X509_PURPOSE *xp, X509 *x, int ca); static int check_purpose_smime_encrypt(X509_PURPOSE *xp, X509 *x, int ca); static int check_purpose_crl_sign(X509_PURPOSE *xp, X509 *x, int ca); static int check_purpose_crl_sign(X509_PURPOSE *xp, X509 *x, int ca); static int no_check(X509_PURPOSE *xp, X509 *x, int ca); static int xp_cmp(X509_PURPOSE **a, X509_PURPOSE **b); static int xp_cmp(X509_PURPOSE **a, X509_PURPOSE **b); static void xptable_free(X509_PURPOSE *p); static void xptable_free(X509_PURPOSE *p); Loading @@ -81,7 +82,8 @@ static X509_PURPOSE xstandard[] = { {X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ns_ssl_server, "Netscape SSL server", "nssslserver", NULL}, {X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ns_ssl_server, "Netscape SSL server", "nssslserver", NULL}, {X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign, "S/MIME signing", "smimesign", NULL}, {X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign, "S/MIME signing", "smimesign", NULL}, {X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0, check_purpose_smime_encrypt, "S/MIME encryption", "smimeencrypt", NULL}, {X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0, check_purpose_smime_encrypt, "S/MIME encryption", "smimeencrypt", NULL}, {X509_PURPOSE_CRL_SIGN, X509_TRUST_ANY, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL}, {X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL}, {X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, "Any Purpose", "any", NULL}, }; }; #define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE)) #define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE)) Loading Loading @@ -454,3 +456,8 @@ static int check_purpose_crl_sign(X509_PURPOSE *xp, X509 *x, int ca) if(ku_reject(x, KU_CRL_SIGN)) return 0; if(ku_reject(x, KU_CRL_SIGN)) return 0; return 1; return 1; } } static int no_check(X509_PURPOSE *xp, X509 *x, int ca) { return 1; } Loading
CHANGES +12 −0 Original line number Original line Diff line number Diff line Loading @@ -4,6 +4,18 @@ Changes between 0.9.5 and 0.9.5a [XX XXX 2000] Changes between 0.9.5 and 0.9.5a [XX XXX 2000] *) Add compatability options to the purpose and trust code. The purpose X509_PURPOSE_ANY is "any purpose" which automatically accepts a certificate or CA, this was the previous behaviour, with all the associated security issues. X509_TRUST_COMPAT is the old trust behaviour: only and automatically trust self signed roots in certificate store. A new trust setting X509_TRUST_DEFAULT is used to specify that a purpose has no associated trust setting and it should instead use the value in the default purpose. [Steve Henson] *) Fix the PKCS#8 DSA private key code so it decodes keys again *) Fix the PKCS#8 DSA private key code so it decodes keys again and fix a memory leak. and fix a memory leak. [Steve Henson] [Steve Henson] Loading
crypto/x509/x509.h +3 −1 Original line number Original line Diff line number Diff line Loading @@ -284,7 +284,9 @@ DECLARE_STACK_OF(X509_TRUST) /* standard trust ids */ /* standard trust ids */ #define X509_TRUST_ANY 1 #define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */ #define X509_TRUST_COMPAT 1 #define X509_TRUST_SSL_CLIENT 2 #define X509_TRUST_SSL_CLIENT 2 #define X509_TRUST_SSL_SERVER 3 #define X509_TRUST_SSL_SERVER 3 #define X509_TRUST_EMAIL 4 #define X509_TRUST_EMAIL 4 Loading
crypto/x509/x509_trs.c +9 −8 Original line number Original line Diff line number Diff line Loading @@ -65,7 +65,7 @@ static int tr_cmp(X509_TRUST **a, X509_TRUST **b); static void trtable_free(X509_TRUST *p); static void trtable_free(X509_TRUST *p); static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags); static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags); static int trust_any(X509_TRUST *trust, X509 *x, int flags); static int trust_compat(X509_TRUST *trust, X509 *x, int flags); static int obj_trust(int id, X509 *x, int flags); static int obj_trust(int id, X509 *x, int flags); static int (*default_trust)(int id, X509 *x, int flags) = obj_trust; static int (*default_trust)(int id, X509 *x, int flags) = obj_trust; Loading @@ -76,7 +76,7 @@ static int (*default_trust)(int id, X509 *x, int flags) = obj_trust; */ */ static X509_TRUST trstandard[] = { static X509_TRUST trstandard[] = { {X509_TRUST_ANY, 0, trust_any, "Any", 0, NULL}, {X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL}, {X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL}, {X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL}, {X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Client", NID_server_auth, NULL}, {X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Client", NID_server_auth, NULL}, {X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL}, {X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL}, Loading Loading @@ -107,8 +107,8 @@ int X509_check_trust(X509 *x, int id, int flags) X509_TRUST *pt; X509_TRUST *pt; int idx; int idx; if(id == -1) return 1; if(id == -1) return 1; if(!(idx = X509_TRUST_get_by_id(id))) idx = X509_TRUST_get_by_id(id); return default_trust(id, x, flags); if(idx == -1) return default_trust(id, x, flags); pt = X509_TRUST_get0(idx); pt = X509_TRUST_get0(idx); return pt->check_trust(pt, x, flags); return pt->check_trust(pt, x, flags); } } Loading Loading @@ -230,6 +230,11 @@ static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags) /* we don't have any trust settings: for compatibility /* we don't have any trust settings: for compatibility * we return trusted if it is self signed * we return trusted if it is self signed */ */ return trust_compat(trust, x, flags); } static int trust_compat(X509_TRUST *trust, X509 *x, int flags) { X509_check_purpose(x, -1, 0); X509_check_purpose(x, -1, 0); if(x->ex_flags & EXFLAG_SS) return X509_TRUST_TRUSTED; if(x->ex_flags & EXFLAG_SS) return X509_TRUST_TRUSTED; else return X509_TRUST_UNTRUSTED; else return X509_TRUST_UNTRUSTED; Loading Loading @@ -257,7 +262,3 @@ static int obj_trust(int id, X509 *x, int flags) return X509_TRUST_UNTRUSTED; return X509_TRUST_UNTRUSTED; } } static int trust_any(X509_TRUST *trust, X509 *x, int flags) { return X509_TRUST_TRUSTED; }
crypto/x509/x509_vfy.c +11 −4 Original line number Original line Diff line number Diff line Loading @@ -771,18 +771,25 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, if(!purpose) purpose = def_purpose; if(!purpose) purpose = def_purpose; /* If we have a purpose then check it is valid */ /* If we have a purpose then check it is valid */ if(purpose) { if(purpose) { X509_PURPOSE *ptmp; idx = X509_PURPOSE_get_by_id(purpose); idx = X509_PURPOSE_get_by_id(purpose); if(idx == -1) { if(idx == -1) { X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, X509_R_UNKNOWN_PURPOSE_ID); X509_R_UNKNOWN_PURPOSE_ID); return 0; return 0; } } /* If trust not set then get from purpose default */ if(!trust) { X509_PURPOSE *ptmp; ptmp = X509_PURPOSE_get0(idx); ptmp = X509_PURPOSE_get0(idx); trust = ptmp->trust; if(ptmp->trust == X509_TRUST_DEFAULT) { idx = X509_PURPOSE_get_by_id(def_purpose); if(idx == -1) { X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, X509_R_UNKNOWN_PURPOSE_ID); return 0; } ptmp = X509_PURPOSE_get0(idx); } } /* If trust not set then get from purpose default */ if(!trust) trust = ptmp->trust; } } if(trust) { if(trust) { idx = X509_TRUST_get_by_id(trust); idx = X509_TRUST_get_by_id(trust); Loading
crypto/x509v3/v3_purp.c +8 −1 Original line number Original line Diff line number Diff line Loading @@ -71,6 +71,7 @@ static int purpose_smime(X509 *x, int ca); static int check_purpose_smime_sign(X509_PURPOSE *xp, X509 *x, int ca); static int check_purpose_smime_sign(X509_PURPOSE *xp, X509 *x, int ca); static int check_purpose_smime_encrypt(X509_PURPOSE *xp, X509 *x, int ca); static int check_purpose_smime_encrypt(X509_PURPOSE *xp, X509 *x, int ca); static int check_purpose_crl_sign(X509_PURPOSE *xp, X509 *x, int ca); static int check_purpose_crl_sign(X509_PURPOSE *xp, X509 *x, int ca); static int no_check(X509_PURPOSE *xp, X509 *x, int ca); static int xp_cmp(X509_PURPOSE **a, X509_PURPOSE **b); static int xp_cmp(X509_PURPOSE **a, X509_PURPOSE **b); static void xptable_free(X509_PURPOSE *p); static void xptable_free(X509_PURPOSE *p); Loading @@ -81,7 +82,8 @@ static X509_PURPOSE xstandard[] = { {X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ns_ssl_server, "Netscape SSL server", "nssslserver", NULL}, {X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ns_ssl_server, "Netscape SSL server", "nssslserver", NULL}, {X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign, "S/MIME signing", "smimesign", NULL}, {X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign, "S/MIME signing", "smimesign", NULL}, {X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0, check_purpose_smime_encrypt, "S/MIME encryption", "smimeencrypt", NULL}, {X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0, check_purpose_smime_encrypt, "S/MIME encryption", "smimeencrypt", NULL}, {X509_PURPOSE_CRL_SIGN, X509_TRUST_ANY, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL}, {X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL}, {X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, "Any Purpose", "any", NULL}, }; }; #define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE)) #define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE)) Loading Loading @@ -454,3 +456,8 @@ static int check_purpose_crl_sign(X509_PURPOSE *xp, X509 *x, int ca) if(ku_reject(x, KU_CRL_SIGN)) return 0; if(ku_reject(x, KU_CRL_SIGN)) return 0; return 1; return 1; } } static int no_check(X509_PURPOSE *xp, X509 *x, int ca) { return 1; }
