public/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto
History
Ivan Stanković e599893a9f x509: allow SAN URIs to contain userinfo 
The way we're currently handling SAN URIs does not allow for userinfo,
meaning the name constraint check on such URIs will fail. Fix this by
skipping over the userinfo component:

      authority   = [ userinfo "@" ] host [ ":" port ]

(per RFC 3986).

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25861)
2025-03-04 17:30:34 +01:00
..
aes fix windows calling convention in aesni-xts-avx512 2025-02-27 08:31:16 -05:00
aria Change loops conditions to make zero loop risk more obvious. 2022-05-24 14:11:20 +10:00
asn1 SLH-DSA: Remove legacy ASN1 method tables for SLH-DSA. Update to use 2025-02-18 10:17:29 +01:00
async one more empty line for code style consistency 2024-12-06 15:27:51 +01:00
bf Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
bio Fix read out of buffer bounds when dealing with BIO_ADDR 2025-02-25 15:55:46 +01:00
bn Fix the checks of factor_size/modulus_bitsize 2025-02-10 15:14:33 +08:00
buffer Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
camellia Copyright year updates 2024-09-05 09:35:49 +02:00
cast Copyright year updates 2023-09-07 09:59:15 +01:00
chacha LoongArch: Fix output file name detection for Perl scripts 2025-02-14 11:35:23 +01:00
cmac Add FIPS indicator to CMAC. 2024-07-31 09:04:17 +10:00
cmp Fix potential leak in error path in cert_response() 2025-02-25 15:48:50 +01:00
cms Fix libctx passing for CMS PWRI use 2025-03-03 09:26:44 +01:00
comp Copyright year updates 2023-09-07 09:59:15 +01:00
conf Check returns of various sk_*_push functions 2025-01-08 11:11:00 +01:00
crmf CMP: add support for central key generation 2025-01-27 08:56:46 +01:00
ct Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
des Copyright year updates 2024-09-05 09:35:49 +02:00
dh Fix potential use-after-free in REF_PRINT_COUNT 2024-12-10 14:58:08 +01:00
dsa Fix potential use-after-free in REF_PRINT_COUNT 2024-12-10 14:58:08 +01:00
dso Fix potential use-after-free in REF_PRINT_COUNT 2024-12-10 14:58:08 +01:00
ec Fix memory leak in ecdsa_keygen_knownanswer_test 2025-02-19 09:30:25 -05:00
encode_decode Further decoder tuning possibly better perf 2025-03-02 02:04:09 +11:00
engine Open pem files in binary mode 2025-01-28 20:57:14 +01:00
err Move ssl_err.c into libcrypto 2025-03-01 14:46:03 -05:00
ess Copyright year updates 2024-09-05 09:35:49 +02:00
evp Fix libctx passing for CMS PWRI use 2025-03-03 09:26:44 +01:00
ffc ffc: change FIPS zeroization to use the OPENSSL_PEDANTIC_ZEROIZATION define 2024-11-28 15:13:35 +01:00
hashtable Rename fnv1a_hash() to ossl_fnv1a_hash() 2025-02-25 15:45:42 +01:00
hmac s390x: Disable HMAC hardware acceleration when an engine is used for the digest 2024-09-03 21:15:00 +02:00
hpke Fix potential memory leak in OSSL_HPKE_CTX_new() 2024-10-30 11:58:16 +00:00
http x509: allow SAN URIs to contain userinfo 2025-03-04 17:30:34 +01:00
idea Copyright year updates 2024-09-05 09:35:49 +02:00
kdf
lhash Copyright year updates 2024-04-09 13:43:26 +02:00
md2 Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
md4 Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
md5 LoongArch: Fix output file name detection for Perl scripts 2025-02-14 11:35:23 +01:00
mdc2 Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
ml_dsa More seed and private key checks for ML-DSA 2025-02-25 12:49:49 +11:00
ml_kem Configurable import-time PCT for ML-KEM 2025-02-20 18:21:40 +11:00
modes Allow 0 length plaintext and aad for aes-siv 2025-02-26 12:21:08 +01:00
objects SLH_DSA: Make apps.c do_X509_REQ_verify() call work correctly. 2025-02-18 10:17:29 +01:00
ocsp Check returns of various sk_*_push functions 2025-01-08 11:11:00 +01:00
pem Further decoder tuning possibly better perf 2025-03-02 02:04:09 +11:00
perlasm SPARC assembly: Don't file aes-cbc on T4 with small sizes. 2025-02-14 11:42:35 +01:00
pkcs7 Adds missing checks of return from XXX_up_ref(). 2025-02-18 16:32:59 +01:00
pkcs12 Fix potential memory leak in PKCS12_add_key_ex() 2025-01-06 21:32:50 +01:00
poly1305 [poly1305][aarch64] Extend address range by adrp + add 2025-02-13 09:51:37 +01:00
property Do not call BIO_printf() from FIPS_MODULE 2025-02-18 16:31:45 +01:00
rand rand: avoid property query manipulations 2025-02-14 17:08:42 +01:00
rc2 Copyright year updates 2023-09-07 09:59:15 +01:00
rc4 Copyright year updates 2023-09-07 09:59:15 +01:00
rc5 Copyright year updates 2023-09-07 09:59:15 +01:00
ripemd Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
rsa Fix potential memory leaks in error paths in ossl_rsa_multiprime_derive() 2025-02-25 15:36:43 +01:00
seed Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
sha Make it able to run asm code on OpenBSD (arm64) 2025-01-14 12:14:27 +01:00
siphash crypto/*: Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:01 +11:00
slh_dsa SLH-DSA - restrict keygen seed length to exact value of 3*n 2025-02-22 22:46:44 +11:00
sm2 sm2_sig_verify(): Do not call BN_CTX_end() without BN_CTX_start() 2024-11-21 11:13:56 +01:00
sm3 [sm3][aarch64] Move constant to .rodata section 2025-02-13 09:51:37 +01:00
sm4 [vpsm4_ex][aarch64] Move constant to .rodata section 2025-02-13 09:51:37 +01:00
srp Fix potential double free through SRP_user_pwd_set1_ids() 2024-10-11 14:22:36 +02:00
stack Copyright year updates 2024-04-09 13:43:26 +02:00
store Further decoder tuning possibly better perf 2025-03-02 02:04:09 +11:00
thread Fix no-thread-pool build on Windows 2024-09-10 16:36:39 +02:00
ts Adds missing checks of return from XXX_up_ref(). 2025-02-18 16:32:59 +01:00
txt_db Copyright year updates 2023-09-07 09:59:15 +01:00
ui Fix Edge Cases in Password Callback Handling 2024-09-09 08:58:03 +02:00
whrlpool Copyright year updates 2024-09-05 09:35:49 +02:00
x509 x509: allow SAN URIs to contain userinfo 2025-03-04 17:30:34 +01:00
alphacpuid.pl
arm64cpuid.pl Update copyright year 2022-05-03 13:34:51 +01:00
arm_arch.h Copyright year updates 2024-04-09 13:43:26 +02:00
armcap.c Enable AES and SHA3 optimisations on Apple Silicon M4-based macOS systems 2024-11-22 14:56:04 +01:00
armv4cpuid.pl Mark OPENSSL_armcap_P .hidden in arm asm 2024-11-22 11:22:00 +01:00
asn1_dsa.c Update copyright year 2021-04-08 13:04:41 +01:00
bsearch.c
build.info Move ssl_err.c into libcrypto 2025-03-01 14:46:03 -05:00
c64xpluscpuid.pl
comp_methods.c Move stack of compression methods from libssl to OSSL_LIB_CTX 2024-05-28 08:56:13 +02:00
context.c Expanding trace of providers algorithms fetching/caching/etc 2025-01-27 09:07:48 +01:00
core_algorithm.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
core_fetch.c Expanding trace of providers algorithms fetching/caching/etc 2025-01-27 09:07:48 +01:00
core_namemap.c Optimize ossl_namemap_name2num_n to avoid strndup 2025-02-26 13:32:59 -05:00
cpt_err.c Use the new hashtable for core_namemap 2024-08-21 15:21:26 +02:00
cpuid.c Extension of OPENSSL_ia32cap to accommodate additional CPUID bits 2024-12-13 14:51:22 +01:00
cryptlib.c Copyright year updates 2023-09-07 09:59:15 +01:00
ctype.c Copyright year updates 2023-09-07 09:59:15 +01:00
cversion.c Revert API change of OPENSSL_version() 2024-10-17 13:36:58 +02:00
defaults.c Fix typos found by codespell 2024-08-07 19:09:43 +02:00
der_writer.c der_writer: Use uint32_t instead of long. 2022-06-27 10:58:40 +02:00
deterministic_nonce.c Copyright year updates 2024-09-05 09:35:49 +02:00
dllmain.c Update copyright year 2022-05-03 13:34:51 +01:00
ebcdic.c
ex_data.c Fix error handling in CRYPTO_get_ex_new_index 2023-09-21 14:43:08 +02:00
getenv.c Update copyright year 2022-05-03 13:34:51 +01:00
ia64cpuid.S
indicator_core.c Add FIPS indicator callback. 2024-07-11 08:29:43 +10:00
info.c Extension of OPENSSL_ia32cap to accommodate additional CPUID bits 2024-12-13 14:51:22 +01:00
init.c Move ssl_err.c into libcrypto 2025-03-01 14:46:03 -05:00
initthread.c Recycle the TLS key that holds thread_event_handler 2024-09-05 17:19:53 +02:00
loongarch64cpuid.pl LoongArch: Fix output file name detection for Perl scripts 2025-02-14 11:35:23 +01:00
loongarch_arch.h Copyright year updates 2023-09-07 09:59:15 +01:00
loongarchcap.c Copyright year updates 2023-09-07 09:59:15 +01:00
LPdir_nyi.c
LPdir_unix.c Copyright year updates 2023-09-07 09:59:15 +01:00
LPdir_vms.c
LPdir_win.c
LPdir_win32.c
LPdir_wince.c
mem.c Use static array (length 256) for copy of OPENSSL_MALLOC_FAILURES 2024-11-28 17:01:28 +01:00
mem_clr.c
mem_sec.c Copyright year updates 2024-09-05 09:35:49 +02:00
mips_arch.h
o_dir.c Update copyright year 2022-05-03 13:34:51 +01:00
o_fopen.c Copyright year updates 2024-09-05 09:35:49 +02:00
o_init.c Update copyright year 2022-05-03 13:34:51 +01:00
o_str.c crypto: factorize to hex chars conversion code. 2024-08-07 19:25:10 +02:00
o_time.c Update copyright year 2021-03-11 13:27:36 +00:00
packet.c Copyright year updates 2023-09-07 09:59:15 +01:00
param_build.c params: drop INT_MAX checks 2023-12-29 10:21:10 +01:00
param_build_set.c ossl_param_build_set_multi_key_bn(): Do not set NULL BIGNUMs 2023-10-18 18:07:13 +02:00
params.c Don't promise a non-zero return size in error cases. 2025-01-21 17:21:52 +11:00
params_dup.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
params_from_text.c Make ossl_trace_param_values an official api function 2024-11-19 08:38:25 -05:00
params_idx.c.in params: provide a faster TRIE based param lookup. 2023-06-02 15:13:20 +10:00
pariscid.pl
passphrase.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
ppccap.c Copyright year updates 2024-09-05 09:35:49 +02:00
ppccpuid.pl Update copyright year 2022-05-03 13:34:51 +01:00
provider.c ossl_provider_prov_ctx is redundant 2025-01-28 20:10:44 +11:00
provider_child.c Copyright year updates 2023-09-07 09:59:15 +01:00
provider_conf.c Support CLI and API setting of provider configuration parameters 2025-01-18 03:46:37 +11:00
provider_core.c fips-jitter: Force use jitter entropy in the FIPS 3.0.9 provider callback 2025-02-25 14:45:57 -05:00
provider_local.h make struct provider_info_st a full type 2021-06-24 14:48:15 +01:00
provider_predefined.c make struct provider_info_st a full type 2021-06-24 14:48:15 +01:00
punycode.c Copyright year updates 2023-09-07 09:59:15 +01:00
quic_vlint.c QUIC: Enable building with QUIC support disabled 2023-01-13 13:20:16 +00:00
rcu_internal.h Copyright year updates 2024-04-09 13:43:26 +02:00
README-sparse_array.md
riscv32cpuid.pl Copyright year updates 2024-09-05 09:35:49 +02:00
riscv64cpuid.pl riscv: Add basic vector extension support 2023-10-26 15:55:49 +01:00
riscvcap.c riscv: add dl_hwcap for capability detection 2025-02-25 12:01:59 +01:00
s390x_arch.h s390x: Don't probe crypto cards for ME/CRT offloading during initialization 2024-10-23 15:07:01 +02:00
s390xcap.c s390x: Don't probe crypto cards for ME/CRT offloading during initialization 2024-10-23 15:07:01 +02:00
s390xcpuid.pl Copyright year updates 2024-09-05 09:35:49 +02:00
self_test_core.c Copyright year updates 2024-09-05 09:35:49 +02:00
sleep.c For Unix, refactor OSSL_sleep() to use nanosleep() instead of usleep() 2024-05-22 09:59:32 +02:00
sparccpuid.S
sparcv9cap.c Split bignum code out of the sparcv9cap.c 2021-07-15 09:33:04 +02:00
sparse_array.c Copyright year updates 2024-09-05 09:35:49 +02:00
ssl_err.c Move ssl_err.c into libcrypto 2025-03-01 14:46:03 -05:00
sslerr.h Move ssl_err.c into libcrypto 2025-03-01 14:46:03 -05:00
threads_lib.c Define threads_lib.c functions only for OPENSSL_SYS_UNIX 2022-11-14 07:47:53 +00:00
threads_none.c threads: follow formatting rules 2024-09-05 17:09:50 +02:00
threads_pthread.c Revert wrong macos RCU fix 2025-02-25 10:38:26 +01:00
threads_win.c Don't use __ATOMIC_ACQ_REL on older compilers 2025-02-16 15:09:03 -05:00
time.c crypto: fix missing <winsock.h> indirection inclusion. 2024-09-05 17:02:51 +02:00
trace.c Add a QUERY trace category 2024-11-19 08:36:19 -05:00
uid.c Copyright year updates 2023-09-07 09:59:15 +01:00
vms_rms.h
x86_64cpuid.pl Remove unnecessary flag clearance in crypto/x86_64cpuid.pl 2025-02-10 15:14:33 +08:00
x86cpuid.pl Extension of OPENSSL_ia32cap to accommodate additional CPUID bits 2024-12-13 14:51:22 +01:00