| Age | Commit message (Collapse) | Author |
|---|
|
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.
discussed with jsing,
no objection bcook
|
|
ok tb@
|
|
extract_min_max().
|
|
Factor the trimming of the end and the counting of unused bits into
helper functions and reuse an ASN.1 bit string API to set the unused
bits and the ASN1_STRING_FLAG_BITS_SET. With a couple of explanatory
comments it becomes much clearer what the code is actually doing and
why.
ok jsing
|
|
In order to set the BIT STRING containing an address prefix, use existing
helper functions from the ASN.1 code instead of redoing everything by
hand. Make the function single exit and rename a few variables to make
it clearer what is being done.
ok jsing
|
|
Requested by jsing
|
|
X509v3_{addr,asid}_is_canonical() check that the ipAddrBlocks and
autonomousSysIds extension conform to RFC 3779. These checks are not
cheap. Certs containing non-conformant extensions should not be
considered valid, so mark them with EXFLAG_INVALID while caching the
extension information in x509v3_cache_extensions(). This way the
expensive check while walking the chains during X509_verify_cert() is
replaced with a cheap check of the extension flags. This avoids a lot
of superfluous work when validating numerous certs with similar chains
against the same roots as is done in rpki-client.
Issue noticed and fix suggested by claudio
ok claudio inoguchi jsing
|
|
gcc 4 on sparc64 issues a few 'warning: value computed is not used'.
There are two cases: sk_set_cmp_function() returns the old comparison
function of the stack which we don't care about. The one warning about
an sk_delete() is about a return value that we know already and which
we will free a few lines down.
ok inoguchi miod
|
|
The trust anchor can't inherit, but the code says that it can inherit
just not if the leaf tries to inherit from that. This makes no sense
and doesn't match what is done on the asid side.
ok jsing
|
|
Adjust a comment to reality, zap a stray empty line and fix whitespace
before comment after #endif
|
|
|
|
|
|
|
|
suggested by jsing
|
|
suggested by jsing
|
|
more readable.
Repeated complaints by jsing
|
|
sk_find + sk_value into something easier to follow and swallow.
ok inoguchi jsing
|
|
ok inoguchi jsing
|
|
|
|
various loops in addr_validate_path_internal().
|
|
what it is.
|
|
validation_err() is an ugly macro with side effects and a goto in it.
At the cost of a few lines of code we can turn this into a function
where the side effects are explicit and ret is now explicitly set in
the main body of addr_validate_path_internal().
We get to a point where it is halfway possible to reason about the
convoluted control flow in this function.
ok inoguchi jsing
|
|
the function and unindent some code.
ok inoguchi jsing
|
|
range_should_be_prefix() currently always fails. The reason for this
is that OpenSSL commit 42d7d7dd incorrectly moved a memcmp() out of
an assertion. As a consequence, the library emits and accepts
incorrectly encoded ipAddrBlock extensions since it will never detect
ranges that MUST be encoded as a prefix according to RFC 3779, 2.2.3.7.
The return -1 from this memcmp() indicates to the callers that the
range should be expressed as a range, so callers must check beforehand
that min <= max to be able to fail. Thus, remove this memcmp() and
add a check to make_addressRange(), the only caller that didn't already
ensure that min <= max.
This fixes the noisy output in regress/lib/libcrypto/x509/rfc3779.
ok inoguchi jsing
|
|
Use child and parent instead of a and b. Split unrelated checks. Use
accessors and assign to local variables to avoid ugly line wrapping.
Declare vriables up front instead of mixing declarations with
assignments from function returns.
ok inoguchi jsing
|
|
Assign to local variables to avoid ugly line wrapping.
ok inoguchi jsing
|
|
by returning 0 instead of -1 on extract_min_max() failure. Callers
would interpret -1 as success of addr_contains().
ok inoguchi jsing
|
|
Assign repeated nested expressions to local variables and avoid some
awkward line wrapping.
|
|
things like prefixlen, afi_length, etc.
suggested by jsing
|
|
suggested by jsing during review
|
|
extract_min_max() crammed all the work in two return statements
inside a switch. Make this more readable by splitting out the
extraction of the min and max as BIT STRINGs from an addressPrefix
or an addressRange and once that's done expanding them to raw
addresses.
ok inoguchi jsing
|
|
The NULL checks and the checks that aor->type is reasonable are already
performed in extract_min_max(), so it is unnecessary to repeat them
in X509v3_addr_get_range()
ok inoguchi jsing
|
|
Instead of checking everything in a single if statement, group the
checks according to their purposes.
ok inoguchi jsing
|
|
Make the callers pass in the afi so that make_addressPrefix() can check
prefixlen to be reasonable. If the afi is anything else than IPv4 or
IPv6, cap its length at the length needed for IPv6. This way we avoid
arbitrary out-of-bounds reads if the caller decides to pass in something
stupid.
ok inoguchi jsing
|
|
IPAddressRange_new() populates both its min and max members, so
they won't ever be NULL and will never need to be allocated.
ok inoguchi jsing
|
|
IPAddressOrRange_new() instantiates a choice type, so we need to
allocate one member of the union ourselves, so aor->u.addressPrefix
will always be NULL.
ok inoguchi jsing
|
|
Replace reaching into the structs with IPAddressFamily accessors
and add a few comments that explain what the code is actually doing.
ok inoguchi jsing
|
|
Introduce a helper function that allows fetching the AFI and the
optional SAFI out of an IPAddressFamily. Also add two wrappers that
only fetch and validate the AFI, where validation currently only
means that the length is between 2 and 3.
Use these accessors throughout to simplify and streamline the code.
ok inoguchi jsing
|
|
|
|
prefer this.
|
|
This is again a straightforward conversion and leads to something which
matches our usual style more.
ok jsing
|
|
Again, we're dealing with necessarily not fully validated data here,
so a check up front seems prudent.
ok jsing
|
|
This is a more or less straightforward conversion using the new
IPAddressFamily accessor API. As a result, some checks have become
a bit stricter, which is only desirable here.
ok jsing
|
|
As mentioned in a previous commit, IPAddressFamily_cmp() can't really
check for trailing garbage in addressFamily->data. Since the path
validation and hence the X.509 validator call X509v3_addr_is_canonical(),
this deals with only partially validated data.
ok jsing
|
|
Define and use MINIMUM() instead of a ternary operator and separate
the code from the declarations. Also, we can spare a line to make the
return legible instead of squeezing it into another ternary operator.
addressFamily->data contains a two-bytes AFI and an optional one-byte
SAFI. This function currently also compares any trailing garbage that
may be present. Since comparison functions can't really error, this
needs to be checked bofore it is used. Such checks will be added in
subsequent commits.
ok jsing
|
|
ok jsing
|
|
ok jsing
|
|
Declare IPAddressFamily before using it.
|
|
|
|
unknown address family types.
Pointed out by jsing during review.
|
