artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7afcfc7) | patch
Drop policy printing from openssl
authortb <tb@openbsd.org>
Fri, 14 Apr 2023 15:27:13 +0000 (15:27 +0000)
committertb <tb@openbsd.org>
Fri, 14 Apr 2023 15:27:13 +0000 (15:27 +0000)
commitd8c45d2137234a476f4bce17bdca3ae5ca8b133b
tree396edbdde56d779500cf393ea15eb9b478d9a2a6tree | snapshot
parent7afcfc7d2a073532a6dfc81e3916d1f86dc73456commit | diff
Drop policy printing from openssl

Nothing really uses the policy tree. It's desgined with built-in DoS
capabilities directly from the RFC. It will be removed from the attack
surface and replaced with something equivalent that doesn't grow
exponentially with the depth.

This removes the only reason the policy tree itself ever leaked out of
the library.

ok jsing
usr.bin/openssl/apps.c diff | blob | history
usr.bin/openssl/apps.h diff | blob | history
usr.bin/openssl/cms.c diff | blob | history
usr.bin/openssl/s_cb.c diff | blob | history
usr.bin/openssl/smime.c diff | blob | history
usr.bin/openssl/verify.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim