mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
e4142ec43b
openssl/crypto/x509
History
Matt Caswell e4142ec43b Ensure that EXFLAG_INVALID_POLICY is checked even in leaf certs 
Even though we check the leaf cert to confirm it is valid, we
later ignored the invalid flag and did not notice that the leaf
cert was bad.

Fixes: CVE-2023-0465

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20585)
2023-03-28 13:31:38 +02:00
..
build.info x509_trs.c: rename to x509_trust.c and correct comment in trust_compat() 2021-06-08 07:47:18 +02:00
by_dir.c Fix corruption when searching for CRLs in hashed directories 2023-01-24 11:23:17 +11:00
by_file.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
by_store.c crypto/*: Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:01 +11:00
ext_dat.h Update copyright year 2021-04-08 13:04:41 +01:00
pcy_cache.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
pcy_data.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
pcy_lib.c Fix safestack issues in x509v3.h 2020-09-13 11:09:45 +01:00
pcy_local.h x509: excessive resource use verifying policy constraints 2023-03-22 11:24:45 +11:00
pcy_map.c x509: fix double locking problem 2022-12-08 11:10:58 +01:00
pcy_node.c x509: excessive resource use verifying policy constraints 2023-03-22 11:24:45 +11:00
pcy_tree.c x509: excessive resource use verifying policy constraints 2023-03-22 11:24:45 +11:00
standard_exts.h Update copyright year 2021-04-08 13:04:41 +01:00
t_crl.c Update copyright year 2021-05-06 13:03:23 +01:00
t_req.c Add X509 version constants. 2021-04-28 11:40:06 +02:00
t_x509.c Update copyright year 2022-05-03 13:34:51 +01:00
v3_addr.c Fix coverity issues in X509v3_addr 2022-11-21 12:41:25 +01:00
v3_admis.c Fix incorrect error return value in i2r_ADMISSION_SYNTAX() 2023-01-19 14:15:19 +01:00
v3_admis.h
v3_akeya.c
v3_akid.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_asid.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_bcons.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_bitst.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_conf.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_cpols.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_crld.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_enum.c Update copyright year 2021-04-08 13:04:41 +01:00
v3_extku.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_genn.c Fix GENERAL_NAME_cmp for x400Address (master) 2023-02-07 17:05:10 +01:00
v3_ia5.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_info.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_int.c Update copyright year 2021-04-08 13:04:41 +01:00
v3_ist.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_lib.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_ncons.c Fix type confusion in nc_match_single() 2023-02-07 17:05:10 +01:00
v3_pci.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_pcia.c fix some code with obvious wrong coding style 2021-10-28 13:10:46 +10:00
v3_pcons.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_pku.c Update copyright year 2021-04-08 13:04:41 +01:00
v3_pmaps.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_prn.c Fix safestack issues in conf.h 2020-09-13 11:11:20 +01:00
v3_purp.c x509/v3_purp.c: rename 'require_ca' parameters to the more adequate 'non_leaf' 2022-11-18 15:10:01 +01:00
v3_san.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_skid.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_sxnet.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_tlsf.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_utf8.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3_utl.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
v3err.c Update copyright year 2022-05-03 13:34:51 +01:00
x509_att.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
x509_cmp.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
x509_d2.c Fix the checks of X509_LOOKUP_* functions 2022-06-23 12:42:25 +02:00
x509_def.c Add support for loading root CAs from Windows crypto API 2022-09-14 14:10:18 +01:00
x509_err.c x509_att.c: improve error checking and reporting and coding style 2022-08-24 11:25:04 +02:00
x509_ext.c
x509_local.h Update copyright year 2021-04-08 13:04:41 +01:00
x509_lu.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
x509_meth.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
x509_obj.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
x509_r2x.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
x509_req.c Fix regression in i2d_re_X509_REQ_tbs() 2022-10-05 16:12:38 +02:00
x509_set.c first cut at sigalg loading 2023-02-24 11:02:48 +11:00
x509_trust.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
x509_txt.c doc/man3/X509_STORE_CTX_get_error.pod: make order consistent, add some missing entries 2023-03-15 08:32:18 +11:00
x509_v3.c Refine the documents of several APIs 2022-12-16 18:59:28 +01:00
x509_vfy.c Ensure that EXFLAG_INVALID_POLICY is checked even in leaf certs 2023-03-28 13:31:38 +02:00
x509_vpm.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
x509cset.c X509{,_CRL,_REVOKED}_{set,sign}*(): fix 'modified' field and return values 2023-01-24 15:16:25 +01:00
x509name.c Refine the documents of several APIs 2022-12-16 18:59:28 +01:00
x509rset.c
x509spki.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
x509type.c Update copyright year 2021-06-17 13:24:59 +01:00
x_all.c APPS: generated certs bear X.509 V3, unless -x509v1 option of req app is given 2023-01-24 15:16:47 +01:00
x_attrib.c Fix NULL pointer access caused by X509_ATTRIBUTE_create() 2020-12-21 15:25:59 +01:00
x_crl.c crypto/*: Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:01 +11:00
x_exten.c
x_name.c x509: fix -Wunused-but-set-variable 2022-10-21 15:56:32 +02:00
x_pubkey.c Do not create DSA keys without parameters by decoder 2023-02-07 17:05:10 +01:00
x_req.c crypto/*: Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:01 +11:00
x_x509.c crypto/*: Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:01 +11:00
x_x509a.c Update copyright year 2021-07-29 15:41:35 +01:00