sync code with last improvements from OpenBSD
This commit is contained in:
parent
5903cbe575
commit
62d64fa864
841 changed files with 83929 additions and 40755 deletions
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: x509.h,v 1.101 2023/07/28 15:50:33 tb Exp $ */
|
||||
/* $OpenBSD: x509.h,v 1.103 2023/11/02 20:25:48 tb Exp $ */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
|
@ -527,7 +527,9 @@ X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
|
|||
int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval);
|
||||
void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, const void **ppval,
|
||||
const X509_ALGOR *algor);
|
||||
#ifndef LIBRESSL_INTERNAL
|
||||
void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
|
||||
#endif
|
||||
int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
|
||||
|
||||
X509_NAME *X509_NAME_dup(X509_NAME *xn);
|
||||
|
@ -1081,13 +1083,10 @@ const STACK_OF(X509_ATTRIBUTE) *PKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO
|
|||
int PKCS8_pkey_add1_attr_by_NID(PKCS8_PRIV_KEY_INFO *p8, int nid, int type,
|
||||
const unsigned char *bytes, int len);
|
||||
|
||||
int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
|
||||
int ptype, void *pval,
|
||||
unsigned char *penc, int penclen);
|
||||
int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
|
||||
const unsigned char **pk, int *ppklen,
|
||||
X509_ALGOR **pa,
|
||||
X509_PUBKEY *pub);
|
||||
int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, int ptype,
|
||||
void *pval, unsigned char *penc, int penclen);
|
||||
int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, const unsigned char **pk,
|
||||
int *ppklen, X509_ALGOR **pa, X509_PUBKEY *pub);
|
||||
|
||||
int X509_check_trust(X509 *x, int id, int flags);
|
||||
int X509_TRUST_get_count(void);
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: x509_addr.c,v 1.90 2023/09/27 11:29:22 tb Exp $ */
|
||||
/* $OpenBSD: x509_addr.c,v 1.91 2023/10/29 13:22:37 tb Exp $ */
|
||||
/*
|
||||
* Contributed to the OpenSSL Project by the American Registry for
|
||||
* Internet Numbers ("ARIN").
|
||||
|
@ -1886,8 +1886,11 @@ addr_validate_path_internal(X509_STORE_CTX *ctx, STACK_OF(X509) *chain,
|
|||
if (ext == NULL) {
|
||||
depth = 0;
|
||||
cert = sk_X509_value(chain, depth);
|
||||
if ((X509_get_extension_flags(cert) & EXFLAG_INVALID) != 0)
|
||||
goto done;
|
||||
if ((X509_get_extension_flags(cert) & EXFLAG_INVALID) != 0) {
|
||||
if ((ret = verify_error(ctx, cert,
|
||||
X509_V_ERR_INVALID_EXTENSION, depth)) == 0)
|
||||
goto done;
|
||||
}
|
||||
if ((ext = cert->rfc3779_addr) == NULL)
|
||||
goto done;
|
||||
} else if (!X509v3_addr_is_canonical(ext)) {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: x509_local.h,v 1.10 2023/10/11 13:05:18 tb Exp $ */
|
||||
/* $OpenBSD: x509_local.h,v 1.11 2023/11/01 20:37:42 tb Exp $ */
|
||||
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project 2013.
|
||||
*/
|
||||
|
@ -380,6 +380,8 @@ int x509_check_cert_time(X509_STORE_CTX *ctx, X509 *x, int quiet);
|
|||
int name_cmp(const char *name, const char *cmp);
|
||||
|
||||
int X509_ALGOR_set_evp_md(X509_ALGOR *alg, const EVP_MD *md);
|
||||
int X509_ALGOR_set0_by_nid(X509_ALGOR *alg, int nid, int parameter_type,
|
||||
void *parameter_value);
|
||||
|
||||
int X509_policy_check(const STACK_OF(X509) *certs,
|
||||
const STACK_OF(ASN1_OBJECT) *user_policies, unsigned long flags,
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue