artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8b753e6) | patch
Improve certificate version checks in x509v3_cache_extensions()
authortb <tb@openbsd.org>
Tue, 20 Jun 2023 14:21:19 +0000 (14:21 +0000)
committertb <tb@openbsd.org>
Tue, 20 Jun 2023 14:21:19 +0000 (14:21 +0000)
commite857c54f12ffaa162a0e320c14c1e5771611d383
treec8e2621344f4b59db9b3f4e94fdb12f8f63a9619tree | snapshot
parent8b753e6b20ccac03bd28e47adebd2ff0ffd1c425commit | diff
Improve certificate version checks in x509v3_cache_extensions()

Only allow version v1-v3, disallow issuerUID and subjectUID in v1 certs
and require that if X509v3 extensions are present that the cert be v3.

Initial diff from job

ok job jsing
lib/libcrypto/x509/x509_purp.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim