1. 31 May, 2020 2 commits
    • Daiki Ueno's avatar
      x509: trigger fallback verification path when cert is expired · cdf075e7
      Daiki Ueno authored
      gnutls_x509_trust_list_verify_crt2 use the macro SIGNER_OLD_OR_UNKNOWN
      to trigger the fallback verification path if the signer of the last
      certificate is not in the trust store.  Previously, it doesn't take
      into account of the condition where the certificate is expired.
      Signed-off-by: Daiki Ueno's avatarDaiki Ueno <[email protected]>
      cdf075e7
    • Daiki Ueno's avatar
      _gnutls_pkcs11_verify_crt_status: check validity against system cert · 299bd4f1
      Daiki Ueno authored
      To verify a certificate chain, this function replaces known
      certificates with the ones in the system trust store if possible.
      
      However, if it is found, the function checks the validity of the
      original certificate rather than the certificate found in the trust
      store.  That reveals a problem in a scenario that (1) a certificate is
      signed by multiple issuers and (2) one of the issuers' certificate has
      expired and included in the input chain.
      
      This patch makes it a little robuster by actually retrieving the
      certificate from the trust store and perform check against it.
      Signed-off-by: Daiki Ueno's avatarDaiki Ueno <[email protected]>
      299bd4f1
  2. 30 May, 2020 8 commits
  3. 29 May, 2020 1 commit
    • Daiki Ueno's avatar
      gnulib: update git submodule · 5b4989dc
      Daiki Ueno authored
      This brings in the new fopen-gnu module and the RF_SENSITIVE flag for
      fread_file and read_file.  This also adds the following changes to be
      consistent with the latest changes in Gnulib:
      - the callers of fread_file and read_file to be adjusted for the FLAGS
        argument
      - "attribute.h" needs to be used extensively
      Signed-off-by: Daiki Ueno's avatarDaiki Ueno <[email protected]>
      5b4989dc
  4. 28 May, 2020 1 commit
  5. 27 May, 2020 6 commits
  6. 26 May, 2020 3 commits
  7. 25 May, 2020 2 commits
  8. 24 May, 2020 5 commits
  9. 20 May, 2020 3 commits
  10. 18 May, 2020 1 commit
  11. 17 May, 2020 1 commit
  12. 15 May, 2020 1 commit
  13. 14 May, 2020 6 commits