Age | Commit message (Collapse) | Author |
|
This was hidden behind -v but it seems useful to always have this when
creating a new account.
As sthen points out in his previous commit:
This is useful if you want to set a CAA DNS record restricting
issuance to a specific user account.
OK deraadt
|
|
header sent by the server in response to the newAccount API call (used for
every cert request). This is useful if you want to set a CAA DNS record
restricting issuance to a specific user account, rather than just "all of
$whichever_acme_CA". ok florian
|
|
Instead just SIG_IGN SIGPIPE in main.c for all of acme-client.
More work to be done here but at least this distraction is gone.
OK florian@ deraadt@ op@
|
|
partly checked by millert@
|
|
Being two different cryptographic primitives, it is clear that there must
be some differences between RSA and EC keygen, but they don't have to be
entirely different. We need to set the key type, RSA needs a bit size and
ECDSA needs a curve. That's all the differences there need to be.
Garbage collect a few useless elses and avoid two exit labels paths where
one would do just fine.
As another small bonus, this file no longer uses "deprecated API", so the
portable fork can get rid of an ugly openssl 3 patch if they want to.
ok florian
|
|
Leftover from when RFC 8555 support was added.
ok florian
|
|
segfault reported by sthen, which was most likely caused by buf_dump().
OK tb
|
|
While here drop EC_KEY_set_asn1_flag(OPENSSL_EC_NAMED_CURVE).
EC_KEY_new_by_curve_name() ends up calling EC_GROUP_new() which already
sets the OPENSSL_EC_NAMED_CURVE flag on the group. (suggested by tb@)
ok tb@
|
|
would break scripts, go figure), highlight the staging servers so that
people with non-standard configurations (challenge/response) get a chance
at figuring things out.
okay tb@
|
|
any parts of his diff not taken are noted on tech
|
|
|
|
requested by jsing
|
|
We don't do PEM or random in here, but we use BN, EC, ECDSA, so include
the relevant headers. errno.h was also missing.
|
|
Make sure the size_t containing EC signature length is not truncated
when passing it to d2i_ECDSA_SIG() as a long. This won't happen, but
documents API quirks...
requested by jsing
|
|
We can get the correct size of the signature using EVP_PKEY_bits() which
uses the order instead of the (strictly speaking incorrect) degree. Grab
the (r, s) out of the ECDSA signature with ECDSA_SIG_get0_{r,s}(), which
is a saner interface than EVP_SIG_get0(). Finally, do the zero padding
using BN_bn2binpad() which is simpler than the currently rather fiddly
solution.
ok jsing
|
|
EVP_DigestSign() is a bit more ergonomic than the old EVP_Sign* family,
it takes size_t instead of int and and it also allows allocating the
memory needed instead of relying on some weird estimate. This again gets
rid of a few stupid else if.
ok jsing
|
|
We can EVP_Digest() into an array on the stack rather than doing a long
dance and song with lots of ugly else if.
ok jsing
|
|
|
|
If a SAN isn't configured, it could be anything, so make printing it safe
using strvisx(). If it is configured but duplicate, printing it should be
fine, so don't bother. This removes two XXX added in the previous commit.
ok florian
|
|
The revoke process, which does a lot more than revoking a cert, wants to
know the SANs in the cert to be revoked or renewed and check them against
the ones configured in the config file.
To find out which ones are, it prints the SAN extension to a BIO using
X509V3_EXT_print(), slurps that into a buffer, tokenizes the undocumented
output string and plucks out the "DNS:" names. This is reminiscent of
node's hilarious CVE-2021-44532 and on about the same level of crazy, but
fortunately not security relevant.
Get the SAN extension as a GENERAL_NAMES from libcrypto, then we have an
actual data structure to work with, which allows us to access the DNS names
without problems. This simplifies things quite a bit, but the actual logic
in this file remains unmodified. Be careful about ASN1_IA5STRINGs and do
not assume they are C strings.
Tested by florian, millert, Renaud Allard, thanks!
ok florian jsing
|
|
Times in certificates are all expressed in Zulu time, so calling the time
zone dependent mktime() on such a time and comparing it to time(NULL) is
wrong.
This means that the check of at least 30 days validity and deciding on
whether to renew or not might have been off by by half a day depending on
where you are. That should not matter since you (or cron) are supposed to
run acme-client way more often than once a month.
ok claudio millert
|
|
There is a hand-rolled, only minimally checked implementation converting
an ASN1_TIME into a struc tm. beck has invested a lot of time improving
the time parsing inside libcrypto, so make use of that. That code is safer,
better vetted and more correct.
ok florian
|
|
unsigned char.
Casting to int is particularly useless because that's what the
compiler already does. We need to prevent sign extension, not write
down that we want sign extension.
OK deraadt, kn, miod
|
|
unsigned char.
Casting to int is particularly useless because that's what the
compiler already does. We need to prevent sign extension, not write
down that we want sign extension.
OK deraadt, millert, kn
|
|
|
|
ok sthen
|
|
location header was received.
OK deraadt
|
|
ok florian
|
|
|
|
Rather than assuming the default value from X509_REQ_new(), explicitly set
the X.509 request version number to zero.
ok tb@
|
|
base64url encoded.
We have only the challenge directory unveil(2)'ed so funny business
like ../ will not work, but we shouldn't generate garbage filenames
that someone else might trip over either.
Pointed out and diff by Ali Farzanrad (ali_farzanrad AT riseup.net)
OK beck
|
|
EVP_PKEY_set1_EC_KEY() bumps the refcount of eckey, so eckey won't be
freed at the end of keyproc() or acctproc(), which means that secrets
aren't wiped. Move EC_KEY_free() to the out label, so that the refcount
is decremented or the key freed, as appropriate.
tested/ok claudio
|
|
|
|
of everytime ec_create_key() is called.
From wolf at wolfsden dot cz
ok florian
|
|
|
|
|
|
The loop was exited prematurely because of a stray break statement.
In case of a failure to connect to the first address returned by
getaddrinfo(3), acme-client can now try to connect using another address
or address family if available.
ok florian@
|
|
Avoid awkward line wrapping by removing awkward else if chaining.
ok claudio florian
|
|
In an upcoming libcrypto bump, EVP_PKEY will become opaque. In order to
stop reaching inside EVP_PKEY, we must replace EVP_PKEY_type(pkey->type)
with the equivalent EVP_PKEY_base_Id(pkey) in various places.
ok florian
|
|
functions that take "char *" arguments. Where such chars are
assigned to int or passed to ctype functions, explicitly cast them
to unsigned char.
For OpenBSD's clang, -Wpointer-sign has been disabled by default,
but when the parse.y code was built elsewhere, the compiler would
complain.
With help from millert@
ok benno@ deraadt@
|
|
Prepare for an upcoming change in libcrypto and retrieve the stack
of extensions via X509_get0_extensions(). Simplify the for loop by
relying on the fact that empty or NULL stacks have an sk_num() of 0
and -1, respectively, so the loop won't be entered and the extsz
dance is unnecessary.
ok florian
|
|
requirements require that it's used in certificates so it makes sense to
generate a CSR compliant with this, additionally it replaces rather than
adds to the name in the certificate's subject which we weren't handling
correctly. Diff from wolf at wolfsden/cz, ok florian@
|
|
ok deraadt florian
|
|
|
|
As per the manual and lib/libtls/tls.c revision 1.79 from 2018
"Automatically handle library initialisation for libtls." initialisation
is handled automatically by other tls_*(3) functions.
Remove explicit tls_init() calls from base to not give the impression of
it being needed.
Feedback tb
OK Tests mestre
|
|
fails to report the path that the failure occured on. Suggested by
deraadt@ after some tech discussion.
Work done and verified by Ashton Fagg <ashton@fagg.id.au>
ok deraadt@ semarie@ claudio@
|
|
The versions with _GFp() suffix only exist for historical reasons.
Now that we have EC_POINT_{get,set}_affine_coordinates(), we should
stop using the old ones as they provide no benefit.
ok florian
|
|
to acme-client users.
|
|
modified version of diff from wolf on misc,
improved by and ok florian benno sthen
|
|
certificate file.
These files are not terribly big and they might become helpful if one
re-creates a certificate with additional or removed domains and
whishes to revoke the old cert (this part needs a bit of work to make
it convenient to do).
OK sthen
|