x509 trust: remove unneeded headers

Final tweaks in x509_trs.c for now

looked over by jsing

Kill X509_TRUST

After peeling off enough layers, the entire wacky abstraction turns out
to be nothing but dispatching from a trust_id to a trust handler and
passing the appropriate nid and the cert.

ok beck jsing

Add back trust member of X509_TRUST that I accidentally deleted

Const correct the trust handlers

The certificates no longer need to be modified since we cache the
extensions up front.

ok beck

Pass the nid instead of the entire trust structure

This code is so ridiculously overengineered that it is an achievement even
by early OpenSSL standards.

ok beck

Pull extension caching into X509_check_trust()

This way the trust handlers can stop modifying the certificates.

ok beck

Rename ax into aux

Drop redundant NULL checks around two for loops

ok beck

Rename arg1 to nid because that's what it is

"Yeah, arg1 is always such an imaginative name" ian
ok beck

Drop the unused 'name' member from X509_TRUST

This used to be exposed via an accessor, but this accessor is no longer
part of the library, so nuke it.

ok beck

Remove unused flags and arg2 members from X509_TRUST

ok jsing

Remove unused flags argument from the trust handlers

The public X509_check_trust() takes a flag parameter which we must leave
in place. However, we can stop passing the flag parameter around without
ever looking at it.

ok jsing

Remove X509_TRUST from the public API

With API and other users internal, this struct can now go.

ok jsing

Remove unused public X509_TRUST API

Another thing that should never have leaked out of the library. It
will become internal entirely, where the code can be simplified greatly.

ok jsing

Prepare for removing most of the X509_TRUST API

X509_check_trust() is of course used by the verifier. Unfortunately
M2Crypto exposes it. The only other part of the X509_TRUST API that
are still needed are the X509_TRUST_* macros in x509.h, as they are
used via *_set_trust and indirectly via the purpose stuff. The rest
will be removed.

X509_TRUST_add() was defanged recently, in particular it no longer
hangs strdup()'ed strings off the global struct. Nothing ever cleaned
these up. TRUST_cleanup() attempted to do so, but since it checked
the dynamic/dynamic strings flags in the wrong order, that cleanup
call ended up doing nothing, so that code was removed at some point.

As a consequence, the struct can now be made const. Use a CTASSERT()
to ensure size assumptions on X509_TRUST_COUNT, X509_TRUST_MAX, and
X509_TRUST_MIN hold true.

Remove the global variable underlying X509_TRUST_set_default()'s
functionality and move its accessor down to all the other functions
that will be deleted.

Inline a few things in X509_check_trust(), so we can excise the
internals of X509_TRUST_get0(), X509_TRUST_get_by_id(). Since the
default trust function can no longer be changed, call obj_trust()
directly.

ok jsing

X509_TRUST: tidy up includes

X509_TRUST: group together all trust_*() functions

Now they are next to the trstandard[] table and listed in the order they
appear in the table.

X509_TRUST: hoist trust_compat() to the other end of the file

X509_TRUST: start shuffling some code around

Hoist obj_trust() to the top and move the static default_trust() next
to its setter.

Fix logic error (&& -> ||)

CID 477172

purpose/trust: Improve comments about COUNT/MAX confusion

Remove X509_TRUST extensibility

This is pretty much identical to the X509_PURPOSE case: remove the stack
used for extending and overriding the trust table and make X509_TRUST_add()
always fail. Simplify some other bits accordingly.

ok jsing

Convert some tables to C99 initializers

ok & "happy pirate day" beck

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h

fix suggested by & ok jsing

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Revert "Check certificate extensions in trusted certificates"

There are some possible strange side effects noticed by the
openssl cms regress tests that I missed. Backing this out
until I untangle it

ok tb@

Hide public symbols in libcrypto/x509 .c files

ok tb@

Check certificate extensions in trusted certificates.

Historically the standards let the implementation decide to
either check or ignore the certificate properties of trust anchors.
You could either use them simply as a source of a public key which
was trusted for everything, or you were also permitted to check the
certificate properties and fully enforce them. Hooray for freedumb.

OpenSSL changed to checking these with :
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Author: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Thu Jan 28 03:01:45 2016 -0500

BoringSSL currently does not check them, as it also inherited
the previous OpenSSL behaviour. It will change to check them in
the future.
(https://bugs.chromium.org/p/boringssl/issues/detail?id=533)

Allow explicit cert trusts or distrusts for EKU any

This matches the current OpenSSL behaviour introduced
in their commit:
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Date: Thu Jan 28 03:01:45 2016 -0500

ok jsing@ tb@

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Similar to x509/x509_purp.c rev. 1.5:
Delete some code from X509_TRUST_cleanup(3) that had no effect:
it called a function on static objects that returns right away
unless the argument is dynamically allocated.
Pointed out by tb@.

This commit is identical to:

OpenSSL commit 5e6e650d62af09f47d63bfdd6c92e3b16e9da644
Author: Kurt Cancemi <kurt at x64architecture dot com>
Date: Thu Jun 9 21:57:36 2016 -0400

Add const qualifiers to the name and xp arguments of X509_TRUST_add(3),
X509_TRUST_get0_name(3), X509_TRUST_get_flags(3), and X509_TRUST_get_trust(3).

tested in a bulk build by sthen
ok jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

The upcoming x509 alt chains diff tightens the trust requirements
for certificates. This (from OpenSSL) ensures that the current
"default" behaviour remains the same. We should revisit this
later
ok jsing@

Remove more IMPLEMENT_STACK_OF noops that have been hiding for the last
15 years.

Avoid modifying input on failure in X509_(TRUST|PURPOSE)_add.

If X509_TRUST_add() or X509_PURPOSE_add() fail, they will leave the
object in an inconsistent state since the name is already freed.
This commit avoids changing the original name unless the *_add() call
will succeed.

Based on BoringSSL's commit: ab2815eaff6219ef57aedca2f7b1b72333c27fd0

ok miod@

further BUF_strdup conversion: these places should be safe to rely on
the function argument not being NULL

Get rid of the last remaining BUF_strdup and BUF_strlcpy and friends, use
intrinsic functions everywhere, and wrap these functions in an
#ifndef LIBRESSL_INTERNAL to make sure we don't bring their use back.

X509_TRUST_add(): check X509_TRUST_get0() return value before dereferencing it,
for it may be NULL. Do not leak memory upon error.

ok bcook@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

More KNF.

KNF.

blunt force knf

Change library to use intrinsic memory allocation functions instead of
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7c; minor bugsfixes;
API addition: ERR_release_err_state_table
[make includes before you build libssl/libcrypto]

OpenSSL 0.9.7 stable 2002 05 08 merge

merge openssl 0.9.6b-engine

Note that this is a maintenence release, API's appear *not* to have changed.
As such, I have only increased the minor number on these libraries

openssl-engine-0.9.6 merge

OpenSSL 0.9.5a merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

Final tweaks in x509_trs.c for now

looked over by jsing

Kill X509_TRUST

After peeling off enough layers, the entire wacky abstraction turns out
to be nothing but dispatching from a trust_id to a trust handler and
passing the appropriate nid and the cert.

ok beck jsing

Add back trust member of X509_TRUST that I accidentally deleted

Const correct the trust handlers

The certificates no longer need to be modified since we cache the
extensions up front.

ok beck

Pass the nid instead of the entire trust structure

This code is so ridiculously overengineered that it is an achievement even
by early OpenSSL standards.

ok beck

Pull extension caching into X509_check_trust()

This way the trust handlers can stop modifying the certificates.

ok beck

Rename ax into aux

Drop redundant NULL checks around two for loops

ok beck

Rename arg1 to nid because that's what it is

"Yeah, arg1 is always such an imaginative name" ian
ok beck

Drop the unused 'name' member from X509_TRUST

This used to be exposed via an accessor, but this accessor is no longer
part of the library, so nuke it.

ok beck

Remove unused flags and arg2 members from X509_TRUST

ok jsing

Remove unused flags argument from the trust handlers

The public X509_check_trust() takes a flag parameter which we must leave
in place. However, we can stop passing the flag parameter around without
ever looking at it.

ok jsing

Remove X509_TRUST from the public API

With API and other users internal, this struct can now go.

ok jsing

Remove unused public X509_TRUST API

Another thing that should never have leaked out of the library. It
will become internal entirely, where the code can be simplified greatly.

ok jsing

Prepare for removing most of the X509_TRUST API

X509_check_trust() is of course used by the verifier. Unfortunately
M2Crypto exposes it. The only other part of the X509_TRUST API that
are still needed are the X509_TRUST_* macros in x509.h, as they are
used via *_set_trust and indirectly via the purpose stuff. The rest
will be removed.

X509_TRUST_add() was defanged recently, in particular it no longer
hangs strdup()'ed strings off the global struct. Nothing ever cleaned
these up. TRUST_cleanup() attempted to do so, but since it checked
the dynamic/dynamic strings flags in the wrong order, that cleanup
call ended up doing nothing, so that code was removed at some point.

As a consequence, the struct can now be made const. Use a CTASSERT()
to ensure size assumptions on X509_TRUST_COUNT, X509_TRUST_MAX, and
X509_TRUST_MIN hold true.

Remove the global variable underlying X509_TRUST_set_default()'s
functionality and move its accessor down to all the other functions
that will be deleted.

Inline a few things in X509_check_trust(), so we can excise the
internals of X509_TRUST_get0(), X509_TRUST_get_by_id(). Since the
default trust function can no longer be changed, call obj_trust()
directly.

ok jsing

X509_TRUST: tidy up includes

X509_TRUST: group together all trust_*() functions

Now they are next to the trstandard[] table and listed in the order they
appear in the table.

X509_TRUST: hoist trust_compat() to the other end of the file

X509_TRUST: start shuffling some code around

Hoist obj_trust() to the top and move the static default_trust() next
to its setter.

Fix logic error (&& -> ||)

CID 477172

purpose/trust: Improve comments about COUNT/MAX confusion

Remove X509_TRUST extensibility

This is pretty much identical to the X509_PURPOSE case: remove the stack
used for extending and overriding the trust table and make X509_TRUST_add()
always fail. Simplify some other bits accordingly.

ok jsing

Convert some tables to C99 initializers

ok & "happy pirate day" beck

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h

fix suggested by & ok jsing

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Revert "Check certificate extensions in trusted certificates"

There are some possible strange side effects noticed by the
openssl cms regress tests that I missed. Backing this out
until I untangle it

ok tb@

Hide public symbols in libcrypto/x509 .c files

ok tb@

Check certificate extensions in trusted certificates.

Historically the standards let the implementation decide to
either check or ignore the certificate properties of trust anchors.
You could either use them simply as a source of a public key which
was trusted for everything, or you were also permitted to check the
certificate properties and fully enforce them. Hooray for freedumb.

OpenSSL changed to checking these with :
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Author: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Thu Jan 28 03:01:45 2016 -0500

BoringSSL currently does not check them, as it also inherited
the previous OpenSSL behaviour. It will change to check them in
the future.
(https://bugs.chromium.org/p/boringssl/issues/detail?id=533)

Allow explicit cert trusts or distrusts for EKU any

This matches the current OpenSSL behaviour introduced
in their commit:
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Date: Thu Jan 28 03:01:45 2016 -0500

ok jsing@ tb@

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Similar to x509/x509_purp.c rev. 1.5:
Delete some code from X509_TRUST_cleanup(3) that had no effect:
it called a function on static objects that returns right away
unless the argument is dynamically allocated.
Pointed out by tb@.

This commit is identical to:

OpenSSL commit 5e6e650d62af09f47d63bfdd6c92e3b16e9da644
Author: Kurt Cancemi <kurt at x64architecture dot com>
Date: Thu Jun 9 21:57:36 2016 -0400

Add const qualifiers to the name and xp arguments of X509_TRUST_add(3),
X509_TRUST_get0_name(3), X509_TRUST_get_flags(3), and X509_TRUST_get_trust(3).

tested in a bulk build by sthen
ok jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

The upcoming x509 alt chains diff tightens the trust requirements
for certificates. This (from OpenSSL) ensures that the current
"default" behaviour remains the same. We should revisit this
later
ok jsing@

Remove more IMPLEMENT_STACK_OF noops that have been hiding for the last
15 years.

Avoid modifying input on failure in X509_(TRUST|PURPOSE)_add.

If X509_TRUST_add() or X509_PURPOSE_add() fail, they will leave the
object in an inconsistent state since the name is already freed.
This commit avoids changing the original name unless the *_add() call
will succeed.

Based on BoringSSL's commit: ab2815eaff6219ef57aedca2f7b1b72333c27fd0

ok miod@

further BUF_strdup conversion: these places should be safe to rely on
the function argument not being NULL

Get rid of the last remaining BUF_strdup and BUF_strlcpy and friends, use
intrinsic functions everywhere, and wrap these functions in an
#ifndef LIBRESSL_INTERNAL to make sure we don't bring their use back.

X509_TRUST_add(): check X509_TRUST_get0() return value before dereferencing it,
for it may be NULL. Do not leak memory upon error.

ok bcook@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

More KNF.

KNF.

blunt force knf

Change library to use intrinsic memory allocation functions instead of
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7c; minor bugsfixes;
API addition: ERR_release_err_state_table
[make includes before you build libssl/libcrypto]

OpenSSL 0.9.7 stable 2002 05 08 merge

merge openssl 0.9.6b-engine

Note that this is a maintenence release, API's appear *not* to have changed.
As such, I have only increased the minor number on these libraries

openssl-engine-0.9.6 merge

OpenSSL 0.9.5a merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

Rename arg1 to nid because that's what it is

"Yeah, arg1 is always such an imaginative name" ian
ok beck

Drop the unused 'name' member from X509_TRUST

This used to be exposed via an accessor, but this accessor is no longer
part of the library, so nuke it.

ok beck

Remove unused flags and arg2 members from X509_TRUST

ok jsing

Remove unused flags argument from the trust handlers

The public X509_check_trust() takes a flag parameter which we must leave
in place. However, we can stop passing the flag parameter around without
ever looking at it.

ok jsing

Remove X509_TRUST from the public API

With API and other users internal, this struct can now go.

ok jsing

Remove unused public X509_TRUST API

Another thing that should never have leaked out of the library. It
will become internal entirely, where the code can be simplified greatly.

ok jsing

Prepare for removing most of the X509_TRUST API

X509_check_trust() is of course used by the verifier. Unfortunately
M2Crypto exposes it. The only other part of the X509_TRUST API that
are still needed are the X509_TRUST_* macros in x509.h, as they are
used via *_set_trust and indirectly via the purpose stuff. The rest
will be removed.

X509_TRUST_add() was defanged recently, in particular it no longer
hangs strdup()'ed strings off the global struct. Nothing ever cleaned
these up. TRUST_cleanup() attempted to do so, but since it checked
the dynamic/dynamic strings flags in the wrong order, that cleanup
call ended up doing nothing, so that code was removed at some point.

As a consequence, the struct can now be made const. Use a CTASSERT()
to ensure size assumptions on X509_TRUST_COUNT, X509_TRUST_MAX, and
X509_TRUST_MIN hold true.

Remove the global variable underlying X509_TRUST_set_default()'s
functionality and move its accessor down to all the other functions
that will be deleted.

Inline a few things in X509_check_trust(), so we can excise the
internals of X509_TRUST_get0(), X509_TRUST_get_by_id(). Since the
default trust function can no longer be changed, call obj_trust()
directly.

ok jsing

X509_TRUST: tidy up includes

X509_TRUST: group together all trust_*() functions

Now they are next to the trstandard[] table and listed in the order they
appear in the table.

X509_TRUST: hoist trust_compat() to the other end of the file

X509_TRUST: start shuffling some code around

Hoist obj_trust() to the top and move the static default_trust() next
to its setter.

Fix logic error (&& -> ||)

CID 477172

purpose/trust: Improve comments about COUNT/MAX confusion

Remove X509_TRUST extensibility

This is pretty much identical to the X509_PURPOSE case: remove the stack
used for extending and overriding the trust table and make X509_TRUST_add()
always fail. Simplify some other bits accordingly.

ok jsing

Convert some tables to C99 initializers

ok & "happy pirate day" beck

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h

fix suggested by & ok jsing

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Revert "Check certificate extensions in trusted certificates"

There are some possible strange side effects noticed by the
openssl cms regress tests that I missed. Backing this out
until I untangle it

ok tb@

Hide public symbols in libcrypto/x509 .c files

ok tb@

Check certificate extensions in trusted certificates.

Historically the standards let the implementation decide to
either check or ignore the certificate properties of trust anchors.
You could either use them simply as a source of a public key which
was trusted for everything, or you were also permitted to check the
certificate properties and fully enforce them. Hooray for freedumb.

OpenSSL changed to checking these with :
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Author: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Thu Jan 28 03:01:45 2016 -0500

BoringSSL currently does not check them, as it also inherited
the previous OpenSSL behaviour. It will change to check them in
the future.
(https://bugs.chromium.org/p/boringssl/issues/detail?id=533)

Allow explicit cert trusts or distrusts for EKU any

This matches the current OpenSSL behaviour introduced
in their commit:
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Date: Thu Jan 28 03:01:45 2016 -0500

ok jsing@ tb@

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Similar to x509/x509_purp.c rev. 1.5:
Delete some code from X509_TRUST_cleanup(3) that had no effect:
it called a function on static objects that returns right away
unless the argument is dynamically allocated.
Pointed out by tb@.

This commit is identical to:

OpenSSL commit 5e6e650d62af09f47d63bfdd6c92e3b16e9da644
Author: Kurt Cancemi <kurt at x64architecture dot com>
Date: Thu Jun 9 21:57:36 2016 -0400

Add const qualifiers to the name and xp arguments of X509_TRUST_add(3),
X509_TRUST_get0_name(3), X509_TRUST_get_flags(3), and X509_TRUST_get_trust(3).

tested in a bulk build by sthen
ok jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

The upcoming x509 alt chains diff tightens the trust requirements
for certificates. This (from OpenSSL) ensures that the current
"default" behaviour remains the same. We should revisit this
later
ok jsing@

Remove more IMPLEMENT_STACK_OF noops that have been hiding for the last
15 years.

Avoid modifying input on failure in X509_(TRUST|PURPOSE)_add.

If X509_TRUST_add() or X509_PURPOSE_add() fail, they will leave the
object in an inconsistent state since the name is already freed.
This commit avoids changing the original name unless the *_add() call
will succeed.

Based on BoringSSL's commit: ab2815eaff6219ef57aedca2f7b1b72333c27fd0

ok miod@

further BUF_strdup conversion: these places should be safe to rely on
the function argument not being NULL

Get rid of the last remaining BUF_strdup and BUF_strlcpy and friends, use
intrinsic functions everywhere, and wrap these functions in an
#ifndef LIBRESSL_INTERNAL to make sure we don't bring their use back.

X509_TRUST_add(): check X509_TRUST_get0() return value before dereferencing it,
for it may be NULL. Do not leak memory upon error.

ok bcook@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

More KNF.

KNF.

blunt force knf

Change library to use intrinsic memory allocation functions instead of
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7c; minor bugsfixes;
API addition: ERR_release_err_state_table
[make includes before you build libssl/libcrypto]

OpenSSL 0.9.7 stable 2002 05 08 merge

merge openssl 0.9.6b-engine

Note that this is a maintenence release, API's appear *not* to have changed.
As such, I have only increased the minor number on these libraries

openssl-engine-0.9.6 merge

OpenSSL 0.9.5a merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

Remove X509_TRUST from the public API

With API and other users internal, this struct can now go.

ok jsing

Remove unused public X509_TRUST API

Another thing that should never have leaked out of the library. It
will become internal entirely, where the code can be simplified greatly.

ok jsing

Prepare for removing most of the X509_TRUST API

X509_check_trust() is of course used by the verifier. Unfortunately
M2Crypto exposes it. The only other part of the X509_TRUST API that
are still needed are the X509_TRUST_* macros in x509.h, as they are
used via *_set_trust and indirectly via the purpose stuff. The rest
will be removed.

X509_TRUST_add() was defanged recently, in particular it no longer
hangs strdup()'ed strings off the global struct. Nothing ever cleaned
these up. TRUST_cleanup() attempted to do so, but since it checked
the dynamic/dynamic strings flags in the wrong order, that cleanup
call ended up doing nothing, so that code was removed at some point.

As a consequence, the struct can now be made const. Use a CTASSERT()
to ensure size assumptions on X509_TRUST_COUNT, X509_TRUST_MAX, and
X509_TRUST_MIN hold true.

Remove the global variable underlying X509_TRUST_set_default()'s
functionality and move its accessor down to all the other functions
that will be deleted.

Inline a few things in X509_check_trust(), so we can excise the
internals of X509_TRUST_get0(), X509_TRUST_get_by_id(). Since the
default trust function can no longer be changed, call obj_trust()
directly.

ok jsing

X509_TRUST: tidy up includes

X509_TRUST: group together all trust_*() functions

Now they are next to the trstandard[] table and listed in the order they
appear in the table.

X509_TRUST: hoist trust_compat() to the other end of the file

X509_TRUST: start shuffling some code around

Hoist obj_trust() to the top and move the static default_trust() next
to its setter.

Fix logic error (&& -> ||)

CID 477172

purpose/trust: Improve comments about COUNT/MAX confusion

Remove X509_TRUST extensibility

This is pretty much identical to the X509_PURPOSE case: remove the stack
used for extending and overriding the trust table and make X509_TRUST_add()
always fail. Simplify some other bits accordingly.

ok jsing

Convert some tables to C99 initializers

ok & "happy pirate day" beck

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h

fix suggested by & ok jsing

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Revert "Check certificate extensions in trusted certificates"

There are some possible strange side effects noticed by the
openssl cms regress tests that I missed. Backing this out
until I untangle it

ok tb@

Hide public symbols in libcrypto/x509 .c files

ok tb@

Check certificate extensions in trusted certificates.

Historically the standards let the implementation decide to
either check or ignore the certificate properties of trust anchors.
You could either use them simply as a source of a public key which
was trusted for everything, or you were also permitted to check the
certificate properties and fully enforce them. Hooray for freedumb.

OpenSSL changed to checking these with :
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Author: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Thu Jan 28 03:01:45 2016 -0500

BoringSSL currently does not check them, as it also inherited
the previous OpenSSL behaviour. It will change to check them in
the future.
(https://bugs.chromium.org/p/boringssl/issues/detail?id=533)

Allow explicit cert trusts or distrusts for EKU any

This matches the current OpenSSL behaviour introduced
in their commit:
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Date: Thu Jan 28 03:01:45 2016 -0500

ok jsing@ tb@

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Similar to x509/x509_purp.c rev. 1.5:
Delete some code from X509_TRUST_cleanup(3) that had no effect:
it called a function on static objects that returns right away
unless the argument is dynamically allocated.
Pointed out by tb@.

This commit is identical to:

OpenSSL commit 5e6e650d62af09f47d63bfdd6c92e3b16e9da644
Author: Kurt Cancemi <kurt at x64architecture dot com>
Date: Thu Jun 9 21:57:36 2016 -0400

Add const qualifiers to the name and xp arguments of X509_TRUST_add(3),
X509_TRUST_get0_name(3), X509_TRUST_get_flags(3), and X509_TRUST_get_trust(3).

tested in a bulk build by sthen
ok jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

The upcoming x509 alt chains diff tightens the trust requirements
for certificates. This (from OpenSSL) ensures that the current
"default" behaviour remains the same. We should revisit this
later
ok jsing@

Remove more IMPLEMENT_STACK_OF noops that have been hiding for the last
15 years.

Avoid modifying input on failure in X509_(TRUST|PURPOSE)_add.

If X509_TRUST_add() or X509_PURPOSE_add() fail, they will leave the
object in an inconsistent state since the name is already freed.
This commit avoids changing the original name unless the *_add() call
will succeed.

Based on BoringSSL's commit: ab2815eaff6219ef57aedca2f7b1b72333c27fd0

ok miod@

further BUF_strdup conversion: these places should be safe to rely on
the function argument not being NULL

Get rid of the last remaining BUF_strdup and BUF_strlcpy and friends, use
intrinsic functions everywhere, and wrap these functions in an
#ifndef LIBRESSL_INTERNAL to make sure we don't bring their use back.

X509_TRUST_add(): check X509_TRUST_get0() return value before dereferencing it,
for it may be NULL. Do not leak memory upon error.

ok bcook@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

More KNF.

KNF.

blunt force knf

Change library to use intrinsic memory allocation functions instead of
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7c; minor bugsfixes;
API addition: ERR_release_err_state_table
[make includes before you build libssl/libcrypto]

OpenSSL 0.9.7 stable 2002 05 08 merge

merge openssl 0.9.6b-engine

Note that this is a maintenence release, API's appear *not* to have changed.
As such, I have only increased the minor number on these libraries

openssl-engine-0.9.6 merge

OpenSSL 0.9.5a merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

Prepare for removing most of the X509_TRUST API

X509_check_trust() is of course used by the verifier. Unfortunately
M2Crypto exposes it. The only other part of the X509_TRUST API that
are still needed are the X509_TRUST_* macros in x509.h, as they are
used via *_set_trust and indirectly via the purpose stuff. The rest
will be removed.

X509_TRUST_add() was defanged recently, in particular it no longer
hangs strdup()'ed strings off the global struct. Nothing ever cleaned
these up. TRUST_cleanup() attempted to do so, but since it checked
the dynamic/dynamic strings flags in the wrong order, that cleanup
call ended up doing nothing, so that code was removed at some point.

As a consequence, the struct can now be made const. Use a CTASSERT()
to ensure size assumptions on X509_TRUST_COUNT, X509_TRUST_MAX, and
X509_TRUST_MIN hold true.

Remove the global variable underlying X509_TRUST_set_default()'s
functionality and move its accessor down to all the other functions
that will be deleted.

Inline a few things in X509_check_trust(), so we can excise the
internals of X509_TRUST_get0(), X509_TRUST_get_by_id(). Since the
default trust function can no longer be changed, call obj_trust()
directly.

ok jsing

X509_TRUST: tidy up includes

X509_TRUST: group together all trust_*() functions

Now they are next to the trstandard[] table and listed in the order they
appear in the table.

X509_TRUST: hoist trust_compat() to the other end of the file

X509_TRUST: start shuffling some code around

Hoist obj_trust() to the top and move the static default_trust() next
to its setter.

Fix logic error (&& -> ||)

CID 477172

purpose/trust: Improve comments about COUNT/MAX confusion

Remove X509_TRUST extensibility

This is pretty much identical to the X509_PURPOSE case: remove the stack
used for extending and overriding the trust table and make X509_TRUST_add()
always fail. Simplify some other bits accordingly.

ok jsing

Convert some tables to C99 initializers

ok & "happy pirate day" beck

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h

fix suggested by & ok jsing

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Revert "Check certificate extensions in trusted certificates"

There are some possible strange side effects noticed by the
openssl cms regress tests that I missed. Backing this out
until I untangle it

ok tb@

Hide public symbols in libcrypto/x509 .c files

ok tb@

Check certificate extensions in trusted certificates.

Historically the standards let the implementation decide to
either check or ignore the certificate properties of trust anchors.
You could either use them simply as a source of a public key which
was trusted for everything, or you were also permitted to check the
certificate properties and fully enforce them. Hooray for freedumb.

OpenSSL changed to checking these with :
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Author: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Thu Jan 28 03:01:45 2016 -0500

BoringSSL currently does not check them, as it also inherited
the previous OpenSSL behaviour. It will change to check them in
the future.
(https://bugs.chromium.org/p/boringssl/issues/detail?id=533)

Allow explicit cert trusts or distrusts for EKU any

This matches the current OpenSSL behaviour introduced
in their commit:
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Date: Thu Jan 28 03:01:45 2016 -0500

ok jsing@ tb@

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Similar to x509/x509_purp.c rev. 1.5:
Delete some code from X509_TRUST_cleanup(3) that had no effect:
it called a function on static objects that returns right away
unless the argument is dynamically allocated.
Pointed out by tb@.

This commit is identical to:

OpenSSL commit 5e6e650d62af09f47d63bfdd6c92e3b16e9da644
Author: Kurt Cancemi <kurt at x64architecture dot com>
Date: Thu Jun 9 21:57:36 2016 -0400

Add const qualifiers to the name and xp arguments of X509_TRUST_add(3),
X509_TRUST_get0_name(3), X509_TRUST_get_flags(3), and X509_TRUST_get_trust(3).

tested in a bulk build by sthen
ok jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

The upcoming x509 alt chains diff tightens the trust requirements
for certificates. This (from OpenSSL) ensures that the current
"default" behaviour remains the same. We should revisit this
later
ok jsing@

Remove more IMPLEMENT_STACK_OF noops that have been hiding for the last
15 years.

Avoid modifying input on failure in X509_(TRUST|PURPOSE)_add.

If X509_TRUST_add() or X509_PURPOSE_add() fail, they will leave the
object in an inconsistent state since the name is already freed.
This commit avoids changing the original name unless the *_add() call
will succeed.

Based on BoringSSL's commit: ab2815eaff6219ef57aedca2f7b1b72333c27fd0

ok miod@

further BUF_strdup conversion: these places should be safe to rely on
the function argument not being NULL

Get rid of the last remaining BUF_strdup and BUF_strlcpy and friends, use
intrinsic functions everywhere, and wrap these functions in an
#ifndef LIBRESSL_INTERNAL to make sure we don't bring their use back.

X509_TRUST_add(): check X509_TRUST_get0() return value before dereferencing it,
for it may be NULL. Do not leak memory upon error.

ok bcook@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

More KNF.

KNF.

blunt force knf

Change library to use intrinsic memory allocation functions instead of
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7c; minor bugsfixes;
API addition: ERR_release_err_state_table
[make includes before you build libssl/libcrypto]

OpenSSL 0.9.7 stable 2002 05 08 merge

merge openssl 0.9.6b-engine

Note that this is a maintenence release, API's appear *not* to have changed.
As such, I have only increased the minor number on these libraries

openssl-engine-0.9.6 merge

OpenSSL 0.9.5a merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

X509_TRUST: tidy up includes

X509_TRUST: group together all trust_*() functions

Now they are next to the trstandard[] table and listed in the order they
appear in the table.

X509_TRUST: hoist trust_compat() to the other end of the file

X509_TRUST: start shuffling some code around

Hoist obj_trust() to the top and move the static default_trust() next
to its setter.

Fix logic error (&& -> ||)

CID 477172

purpose/trust: Improve comments about COUNT/MAX confusion

Remove X509_TRUST extensibility

This is pretty much identical to the X509_PURPOSE case: remove the stack
used for extending and overriding the trust table and make X509_TRUST_add()
always fail. Simplify some other bits accordingly.

ok jsing

Convert some tables to C99 initializers

ok & "happy pirate day" beck

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h

fix suggested by & ok jsing

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Revert "Check certificate extensions in trusted certificates"

There are some possible strange side effects noticed by the
openssl cms regress tests that I missed. Backing this out
until I untangle it

ok tb@

Hide public symbols in libcrypto/x509 .c files

ok tb@

Check certificate extensions in trusted certificates.

Historically the standards let the implementation decide to
either check or ignore the certificate properties of trust anchors.
You could either use them simply as a source of a public key which
was trusted for everything, or you were also permitted to check the
certificate properties and fully enforce them. Hooray for freedumb.

OpenSSL changed to checking these with :
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Author: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Thu Jan 28 03:01:45 2016 -0500

BoringSSL currently does not check them, as it also inherited
the previous OpenSSL behaviour. It will change to check them in
the future.
(https://bugs.chromium.org/p/boringssl/issues/detail?id=533)

Allow explicit cert trusts or distrusts for EKU any

This matches the current OpenSSL behaviour introduced
in their commit:
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Date: Thu Jan 28 03:01:45 2016 -0500

ok jsing@ tb@

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Similar to x509/x509_purp.c rev. 1.5:
Delete some code from X509_TRUST_cleanup(3) that had no effect:
it called a function on static objects that returns right away
unless the argument is dynamically allocated.
Pointed out by tb@.

This commit is identical to:

OpenSSL commit 5e6e650d62af09f47d63bfdd6c92e3b16e9da644
Author: Kurt Cancemi <kurt at x64architecture dot com>
Date: Thu Jun 9 21:57:36 2016 -0400

Add const qualifiers to the name and xp arguments of X509_TRUST_add(3),
X509_TRUST_get0_name(3), X509_TRUST_get_flags(3), and X509_TRUST_get_trust(3).

tested in a bulk build by sthen
ok jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

The upcoming x509 alt chains diff tightens the trust requirements
for certificates. This (from OpenSSL) ensures that the current
"default" behaviour remains the same. We should revisit this
later
ok jsing@

Remove more IMPLEMENT_STACK_OF noops that have been hiding for the last
15 years.

Avoid modifying input on failure in X509_(TRUST|PURPOSE)_add.

If X509_TRUST_add() or X509_PURPOSE_add() fail, they will leave the
object in an inconsistent state since the name is already freed.
This commit avoids changing the original name unless the *_add() call
will succeed.

Based on BoringSSL's commit: ab2815eaff6219ef57aedca2f7b1b72333c27fd0

ok miod@

further BUF_strdup conversion: these places should be safe to rely on
the function argument not being NULL

Get rid of the last remaining BUF_strdup and BUF_strlcpy and friends, use
intrinsic functions everywhere, and wrap these functions in an
#ifndef LIBRESSL_INTERNAL to make sure we don't bring their use back.

X509_TRUST_add(): check X509_TRUST_get0() return value before dereferencing it,
for it may be NULL. Do not leak memory upon error.

ok bcook@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

More KNF.

KNF.

blunt force knf

Change library to use intrinsic memory allocation functions instead of
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7c; minor bugsfixes;
API addition: ERR_release_err_state_table
[make includes before you build libssl/libcrypto]

OpenSSL 0.9.7 stable 2002 05 08 merge

merge openssl 0.9.6b-engine

Note that this is a maintenence release, API's appear *not* to have changed.
As such, I have only increased the minor number on these libraries

openssl-engine-0.9.6 merge

OpenSSL 0.9.5a merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

Fix logic error (&& -> ||)

CID 477172

purpose/trust: Improve comments about COUNT/MAX confusion

Remove X509_TRUST extensibility

This is pretty much identical to the X509_PURPOSE case: remove the stack
used for extending and overriding the trust table and make X509_TRUST_add()
always fail. Simplify some other bits accordingly.

ok jsing

Convert some tables to C99 initializers

ok & "happy pirate day" beck

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h

fix suggested by & ok jsing

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Revert "Check certificate extensions in trusted certificates"

There are some possible strange side effects noticed by the
openssl cms regress tests that I missed. Backing this out
until I untangle it

ok tb@

Hide public symbols in libcrypto/x509 .c files

ok tb@

Check certificate extensions in trusted certificates.

Historically the standards let the implementation decide to
either check or ignore the certificate properties of trust anchors.
You could either use them simply as a source of a public key which
was trusted for everything, or you were also permitted to check the
certificate properties and fully enforce them. Hooray for freedumb.

OpenSSL changed to checking these with :
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Author: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Thu Jan 28 03:01:45 2016 -0500

BoringSSL currently does not check them, as it also inherited
the previous OpenSSL behaviour. It will change to check them in
the future.
(https://bugs.chromium.org/p/boringssl/issues/detail?id=533)

Allow explicit cert trusts or distrusts for EKU any

This matches the current OpenSSL behaviour introduced
in their commit:
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Date: Thu Jan 28 03:01:45 2016 -0500

ok jsing@ tb@

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Similar to x509/x509_purp.c rev. 1.5:
Delete some code from X509_TRUST_cleanup(3) that had no effect:
it called a function on static objects that returns right away
unless the argument is dynamically allocated.
Pointed out by tb@.

This commit is identical to:

OpenSSL commit 5e6e650d62af09f47d63bfdd6c92e3b16e9da644
Author: Kurt Cancemi <kurt at x64architecture dot com>
Date: Thu Jun 9 21:57:36 2016 -0400

Add const qualifiers to the name and xp arguments of X509_TRUST_add(3),
X509_TRUST_get0_name(3), X509_TRUST_get_flags(3), and X509_TRUST_get_trust(3).

tested in a bulk build by sthen
ok jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

The upcoming x509 alt chains diff tightens the trust requirements
for certificates. This (from OpenSSL) ensures that the current
"default" behaviour remains the same. We should revisit this
later
ok jsing@

Remove more IMPLEMENT_STACK_OF noops that have been hiding for the last
15 years.

Avoid modifying input on failure in X509_(TRUST|PURPOSE)_add.

If X509_TRUST_add() or X509_PURPOSE_add() fail, they will leave the
object in an inconsistent state since the name is already freed.
This commit avoids changing the original name unless the *_add() call
will succeed.

Based on BoringSSL's commit: ab2815eaff6219ef57aedca2f7b1b72333c27fd0

ok miod@

further BUF_strdup conversion: these places should be safe to rely on
the function argument not being NULL

Get rid of the last remaining BUF_strdup and BUF_strlcpy and friends, use
intrinsic functions everywhere, and wrap these functions in an
#ifndef LIBRESSL_INTERNAL to make sure we don't bring their use back.

X509_TRUST_add(): check X509_TRUST_get0() return value before dereferencing it,
for it may be NULL. Do not leak memory upon error.

ok bcook@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

More KNF.

KNF.

blunt force knf

Change library to use intrinsic memory allocation functions instead of
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7c; minor bugsfixes;
API addition: ERR_release_err_state_table
[make includes before you build libssl/libcrypto]

OpenSSL 0.9.7 stable 2002 05 08 merge

merge openssl 0.9.6b-engine

Note that this is a maintenence release, API's appear *not* to have changed.
As such, I have only increased the minor number on these libraries

openssl-engine-0.9.6 merge

OpenSSL 0.9.5a merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

Fix logic error (&& -> ||)

CID 477172

purpose/trust: Improve comments about COUNT/MAX confusion

Remove X509_TRUST extensibility

This is pretty much identical to the X509_PURPOSE case: remove the stack
used for extending and overriding the trust table and make X509_TRUST_add()
always fail. Simplify some other bits accordingly.

ok jsing

Convert some tables to C99 initializers

ok & "happy pirate day" beck

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h

fix suggested by & ok jsing

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Revert "Check certificate extensions in trusted certificates"

There are some possible strange side effects noticed by the
openssl cms regress tests that I missed. Backing this out
until I untangle it

ok tb@

Hide public symbols in libcrypto/x509 .c files

ok tb@

Check certificate extensions in trusted certificates.

Historically the standards let the implementation decide to
either check or ignore the certificate properties of trust anchors.
You could either use them simply as a source of a public key which
was trusted for everything, or you were also permitted to check the
certificate properties and fully enforce them. Hooray for freedumb.

OpenSSL changed to checking these with :
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Author: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Thu Jan 28 03:01:45 2016 -0500

BoringSSL currently does not check them, as it also inherited
the previous OpenSSL behaviour. It will change to check them in
the future.
(https://bugs.chromium.org/p/boringssl/issues/detail?id=533)

Allow explicit cert trusts or distrusts for EKU any

This matches the current OpenSSL behaviour introduced
in their commit:
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Date: Thu Jan 28 03:01:45 2016 -0500

ok jsing@ tb@

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Similar to x509/x509_purp.c rev. 1.5:
Delete some code from X509_TRUST_cleanup(3) that had no effect:
it called a function on static objects that returns right away
unless the argument is dynamically allocated.
Pointed out by tb@.

This commit is identical to:

OpenSSL commit 5e6e650d62af09f47d63bfdd6c92e3b16e9da644
Author: Kurt Cancemi <kurt at x64architecture dot com>
Date: Thu Jun 9 21:57:36 2016 -0400

Add const qualifiers to the name and xp arguments of X509_TRUST_add(3),
X509_TRUST_get0_name(3), X509_TRUST_get_flags(3), and X509_TRUST_get_trust(3).

tested in a bulk build by sthen
ok jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

The upcoming x509 alt chains diff tightens the trust requirements
for certificates. This (from OpenSSL) ensures that the current
"default" behaviour remains the same. We should revisit this
later
ok jsing@

Remove more IMPLEMENT_STACK_OF noops that have been hiding for the last
15 years.

Avoid modifying input on failure in X509_(TRUST|PURPOSE)_add.

If X509_TRUST_add() or X509_PURPOSE_add() fail, they will leave the
object in an inconsistent state since the name is already freed.
This commit avoids changing the original name unless the *_add() call
will succeed.

Based on BoringSSL's commit: ab2815eaff6219ef57aedca2f7b1b72333c27fd0

ok miod@

further BUF_strdup conversion: these places should be safe to rely on
the function argument not being NULL

Get rid of the last remaining BUF_strdup and BUF_strlcpy and friends, use
intrinsic functions everywhere, and wrap these functions in an
#ifndef LIBRESSL_INTERNAL to make sure we don't bring their use back.

X509_TRUST_add(): check X509_TRUST_get0() return value before dereferencing it,
for it may be NULL. Do not leak memory upon error.

ok bcook@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

More KNF.

KNF.

blunt force knf

Change library to use intrinsic memory allocation functions instead of
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7c; minor bugsfixes;
API addition: ERR_release_err_state_table
[make includes before you build libssl/libcrypto]

OpenSSL 0.9.7 stable 2002 05 08 merge

merge openssl 0.9.6b-engine

Note that this is a maintenence release, API's appear *not* to have changed.
As such, I have only increased the minor number on these libraries

openssl-engine-0.9.6 merge

OpenSSL 0.9.5a merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

Convert some tables to C99 initializers

ok & "happy pirate day" beck

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h

fix suggested by & ok jsing

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Revert "Check certificate extensions in trusted certificates"

There are some possible strange side effects noticed by the
openssl cms regress tests that I missed. Backing this out
until I untangle it

ok tb@

Hide public symbols in libcrypto/x509 .c files

ok tb@

Check certificate extensions in trusted certificates.

Historically the standards let the implementation decide to
either check or ignore the certificate properties of trust anchors.
You could either use them simply as a source of a public key which
was trusted for everything, or you were also permitted to check the
certificate properties and fully enforce them. Hooray for freedumb.

OpenSSL changed to checking these with :
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Author: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Thu Jan 28 03:01:45 2016 -0500

BoringSSL currently does not check them, as it also inherited
the previous OpenSSL behaviour. It will change to check them in
the future.
(https://bugs.chromium.org/p/boringssl/issues/detail?id=533)

Allow explicit cert trusts or distrusts for EKU any

This matches the current OpenSSL behaviour introduced
in their commit:
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Date: Thu Jan 28 03:01:45 2016 -0500

ok jsing@ tb@

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Similar to x509/x509_purp.c rev. 1.5:
Delete some code from X509_TRUST_cleanup(3) that had no effect:
it called a function on static objects that returns right away
unless the argument is dynamically allocated.
Pointed out by tb@.

This commit is identical to:

OpenSSL commit 5e6e650d62af09f47d63bfdd6c92e3b16e9da644
Author: Kurt Cancemi <kurt at x64architecture dot com>
Date: Thu Jun 9 21:57:36 2016 -0400

Add const qualifiers to the name and xp arguments of X509_TRUST_add(3),
X509_TRUST_get0_name(3), X509_TRUST_get_flags(3), and X509_TRUST_get_trust(3).

tested in a bulk build by sthen
ok jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

The upcoming x509 alt chains diff tightens the trust requirements
for certificates. This (from OpenSSL) ensures that the current
"default" behaviour remains the same. We should revisit this
later
ok jsing@

Remove more IMPLEMENT_STACK_OF noops that have been hiding for the last
15 years.

Avoid modifying input on failure in X509_(TRUST|PURPOSE)_add.

If X509_TRUST_add() or X509_PURPOSE_add() fail, they will leave the
object in an inconsistent state since the name is already freed.
This commit avoids changing the original name unless the *_add() call
will succeed.

Based on BoringSSL's commit: ab2815eaff6219ef57aedca2f7b1b72333c27fd0

ok miod@

further BUF_strdup conversion: these places should be safe to rely on
the function argument not being NULL

Get rid of the last remaining BUF_strdup and BUF_strlcpy and friends, use
intrinsic functions everywhere, and wrap these functions in an
#ifndef LIBRESSL_INTERNAL to make sure we don't bring their use back.

X509_TRUST_add(): check X509_TRUST_get0() return value before dereferencing it,
for it may be NULL. Do not leak memory upon error.

ok bcook@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

More KNF.

KNF.

blunt force knf

Change library to use intrinsic memory allocation functions instead of
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7c; minor bugsfixes;
API addition: ERR_release_err_state_table
[make includes before you build libssl/libcrypto]

OpenSSL 0.9.7 stable 2002 05 08 merge

merge openssl 0.9.6b-engine

Note that this is a maintenence release, API's appear *not* to have changed.
As such, I have only increased the minor number on these libraries

openssl-engine-0.9.6 merge

OpenSSL 0.9.5a merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h

fix suggested by & ok jsing

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Revert "Check certificate extensions in trusted certificates"

There are some possible strange side effects noticed by the
openssl cms regress tests that I missed. Backing this out
until I untangle it

ok tb@

Hide public symbols in libcrypto/x509 .c files

ok tb@

Check certificate extensions in trusted certificates.

Historically the standards let the implementation decide to
either check or ignore the certificate properties of trust anchors.
You could either use them simply as a source of a public key which
was trusted for everything, or you were also permitted to check the
certificate properties and fully enforce them. Hooray for freedumb.

OpenSSL changed to checking these with :
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Author: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Thu Jan 28 03:01:45 2016 -0500

BoringSSL currently does not check them, as it also inherited
the previous OpenSSL behaviour. It will change to check them in
the future.
(https://bugs.chromium.org/p/boringssl/issues/detail?id=533)

Allow explicit cert trusts or distrusts for EKU any

This matches the current OpenSSL behaviour introduced
in their commit:
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Date: Thu Jan 28 03:01:45 2016 -0500

ok jsing@ tb@

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Similar to x509/x509_purp.c rev. 1.5:
Delete some code from X509_TRUST_cleanup(3) that had no effect:
it called a function on static objects that returns right away
unless the argument is dynamically allocated.
Pointed out by tb@.

This commit is identical to:

OpenSSL commit 5e6e650d62af09f47d63bfdd6c92e3b16e9da644
Author: Kurt Cancemi <kurt at x64architecture dot com>
Date: Thu Jun 9 21:57:36 2016 -0400

Add const qualifiers to the name and xp arguments of X509_TRUST_add(3),
X509_TRUST_get0_name(3), X509_TRUST_get_flags(3), and X509_TRUST_get_trust(3).

tested in a bulk build by sthen
ok jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

The upcoming x509 alt chains diff tightens the trust requirements
for certificates. This (from OpenSSL) ensures that the current
"default" behaviour remains the same. We should revisit this
later
ok jsing@

Remove more IMPLEMENT_STACK_OF noops that have been hiding for the last
15 years.

Avoid modifying input on failure in X509_(TRUST|PURPOSE)_add.

If X509_TRUST_add() or X509_PURPOSE_add() fail, they will leave the
object in an inconsistent state since the name is already freed.
This commit avoids changing the original name unless the *_add() call
will succeed.

Based on BoringSSL's commit: ab2815eaff6219ef57aedca2f7b1b72333c27fd0

ok miod@

further BUF_strdup conversion: these places should be safe to rely on
the function argument not being NULL

Get rid of the last remaining BUF_strdup and BUF_strlcpy and friends, use
intrinsic functions everywhere, and wrap these functions in an
#ifndef LIBRESSL_INTERNAL to make sure we don't bring their use back.

X509_TRUST_add(): check X509_TRUST_get0() return value before dereferencing it,
for it may be NULL. Do not leak memory upon error.

ok bcook@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

More KNF.

KNF.

blunt force knf

Change library to use intrinsic memory allocation functions instead of
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7c; minor bugsfixes;
API addition: ERR_release_err_state_table
[make includes before you build libssl/libcrypto]

OpenSSL 0.9.7 stable 2002 05 08 merge

merge openssl 0.9.6b-engine

Note that this is a maintenence release, API's appear *not* to have changed.
As such, I have only increased the minor number on these libraries

openssl-engine-0.9.6 merge

OpenSSL 0.9.5a merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook