Unify X.509v3 extension methods

Use C99 initializers for all structs (some were forgotten).
Make all the structs static, call them x509v3_ext_* matching NID_*.
Add accessors called x509v3_ext_method

Unify X.509v3 extension methods

Use C99 initializers for all structs (some were forgotten).
Make all the structs static, call them x509v3_ext_* matching NID_*.
Add accessors called x509v3_ext_method_* and use these to implement
X509V3_EXT_get_nid().

This adds consistency and avoids a few contortions like grouping
a few extensions in arrays to save a couple externs.

ok beck jsing

show more ...

Replace x with x509_exts in X509V3_add1_i2d() and X509V3_get_d2i()

requested by jsing on review

Rewrite X509V3_get_d2i()

This API is wrapped by nine *_get{,1}_ext_d2i() functions and they all
have the same defect: if an idx variable is passed in, multiple extensions
are handled incorrectly.

C

Rewrite X509V3_get_d2i()

This API is wrapped by nine *_get{,1}_ext_d2i() functions and they all
have the same defect: if an idx variable is passed in, multiple extensions
are handled incorrectly.

Clean up the mess that was the current implementation by replacing the
reimplementation of X509v3_get_ext_by_NID() with extra twists by actual
calls to the real thing. This way the madness is implemented explicitly
and can be explained in comments. The code still gets shorter.

In brief: always call this API with a known nid, pass crit, and a NULL idx.
If NULL is returned, crit != -1 is an error (malformed cert or allocation
failure).

ok jsing

show more ...

Clean up and fix X509V3_EXT_add1_i2d()

When looking at this code I noticed a few leaks. Fixing those leaks
was straightforward, but following the code was really hard.

This attempts to make the log

Clean up and fix X509V3_EXT_add1_i2d()

When looking at this code I noticed a few leaks. Fixing those leaks
was straightforward, but following the code was really hard.

This attempts to make the logic a bit clearer. In short, there are
6 mutually exclusive modes for this function (passed in the variable
aptly called flags). The default mode is to append the extension of
type nid and to error if such an extension already exists. Then there
are other modes with varying degree of madness.

The existing code didn't make X509V3_ADD_REPLACE explicit, which is
confusing. Operations 6-15 would all be treated like X509V3_ADD_REPLACE
due to the way the function was written. Handle the supported operations
via a switch and error for operations 6-15. This and the elimination
of leaks are the only changes of behavior, as validated by relatively
extensive test coverage.

ok jsing

show more ...

Move X509V3_add_standard_extensions out of the way

This function is only used by OpenLDAP and it's been a noop since
forever. It has no business to be squeezed in between a number of
other, quite un

Move X509V3_add_standard_extensions out of the way

This function is only used by OpenLDAP and it's been a noop since
forever. It has no business to be squeezed in between a number of
other, quite unrelated functions. It's distracting.

show more ...

Make two NULL checks more explicit

Unwrap a line

Remove X509V3_EXT extensibility API

You used to be able to define your own X.509 extension handlers. Great.
Even greater: the verifier would ignore any custom extensions. So this
was only ever usefu

Remove X509V3_EXT extensibility API

You used to be able to define your own X.509 extension handlers. Great.
Even greater: the verifier would ignore any custom extensions. So this
was only ever useful for serialization and deserialization. In other
words, almost entirely pointless. The API was also unused except for
a hack in kore-acme, which was fixed recently.

ok jsing

show more ...

This table no longer needs to be sorted

Remove the custom X509v3 extensions stack

This is essentially unused. The only consumer, www/kore,-acme is in the
process of being fixed. It is also incomplete: in particular, the verifier
doesn't l

Remove the custom X509v3 extensions stack

This is essentially unused. The only consumer, www/kore,-acme is in the
process of being fixed. It is also incomplete: in particular, the verifier
doesn't learn about extensions added to the list, making the entire
exercise rather pointless. So let's ditch that crap.

This was the last consumer of the horror that is OBJ_bsearch_().
The even worse OBJ_bsearch_ex_() is still being "used" by M2Crypto...

This prepares the removal of X509V3_EXT_{add{,_list,_alias},cleanup}().
and removes another piece of thread-unsafe global state.

ok jsing

show more ...

Remove v3_sxnet from the standard extensions

Add missing const qualifiers to the v3_* externs

ok jsing

Shuffle ext_cmp() and ext_list_free() up a bit

Remove unnecessary prototypes in the middle of the code

In addition, ext_cmp() was already prototyped earlier...

Use more usual version of inlined nitems(). No binary change.

Fix comment formatting and grammar, drop usless and outdated comment

Merge ext_dat.h back into x509_lib.c

There is no point in having this in a separate internal header.

discussed with jsing

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h

fix suggested by & ok jsing

show more ...

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_l

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

show more ...

Hide public symbols in libcrypto/x509 .c files

ok tb@

Plug leak in X509V3_add1_i2d()

Do not leak the extension that was deleted from the stack.

via OpenSSL c3efe5c9.

ok jsing

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of un

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

show more ...

Fix potential leak when tmpext fails to be added to
the extension list.

found by llvm static analyzer
ok tb@

Collapse the x509v3 directory into x509.

This avoids the need to grep across directories to find functions and
prepares for further rototilling and chainsawing.

Discussed with tb@ (who also tested

Collapse the x509v3 directory into x509.

This avoids the need to grep across directories to find functions and
prepares for further rototilling and chainsawing.

Discussed with tb@ (who also tested the release build)

show more ...