tls: Call SSL_CTX_set_default_verify_paths by default - libretls - libtls for OpenSSL

summary refs log tree commit diff

path: root/include/compat

diff options

author	June McEnroe <june@causal.agency>	2020-07-31 22:53:27 -0400
committer	June McEnroe <june@causal.agency>	2020-07-31 23:10:51 -0400
commit	a6df11f2bbd2c9cdf4a8f16d93d8a56c8f41c68d (patch)
tree	aa5fe01a11fa67f1dea2f3116f41a1684219542d /include/compat
parent	tls_config: Replace constant with X509_get_default_cert_file() (diff)
download	libretls-a6df11f2bbd2c9cdf4a8f16d93d8a56c8f41c68d.tar.gz libretls-a6df11f2bbd2c9cdf4a8f16d93d8a56c8f41c68d.zip

tls: Call SSL_CTX_set_default_verify_paths by default

This removes the hard dependency on a CA bundle file existing in the
default path (which seems to not be the case on Debian, for example),
but results in a subtle behaviour change: if the CA bundle file does not
exist, the CA directory will be used instead, rather than failing hard.

I believe the only reason libtls insists on loading a CA bundle file
itself is so that it can be sandboxed afterwards, given that a file is
loaded all at once while a directory is only loaded as needed. If the
default CA bundle file exists, SSL_CTX_set_default_verify_paths will
still immediately load it, so sandboxing will still work. If it doesn't
exist, then the CA directory will be used, which will work well for
unsandboxed applications, but will likely fail during verification as it
tries to search the directory. Either way, if the CA bundle file does
not exist, a sandboxed application will not work. Enabling the use of
the CA directory, however, will allow more unsandboxed applications to
work.

Finally, to restore the original behaviour, an application can call
tls_config_set_ca_file(3) with the path returned by
tls_default_ca_cert_file(3).

Diffstat (limited to '')

0 files changed, 0 insertions, 0 deletions

='2013-04-08 15:43:17 +0200'>2013-04-08Makefile: re-include cgit.conf in cgit.mkJohn Keeping This avoids needed to export every variable that might be used in cgit.mk from the top-level Makefile. Signed-off-by: John Keeping <john@keeping.me.uk> 2013-04-08Do not unnecessarily strdup() environment variablesLukas Fleischer This reverts the memory duplication introduced in commit 60a2627, while keeping everything else that has been cleaned up. The environment variables are never modified, so we do not need to call xstrdupn() here. Also, remove xstrdupn() which is no longer needed. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2013-04-08Maŕk cgit_environment members constLukas Fleischer These reflect the values of environment variables and should never be changed. Add another xstrdup() when we assign environment variables to strings that are potentially non-constant. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2013-04-08Return const char * in cgit_{httpscheme, hosturl, rooturl}()Lukas Fleischer The return values of these functions are essentially constant and should never be modified. Note that this will introduce a compiler warning when we try to free the return value of any of these functions. However, given that all of these currently return statically allocated strings in some cases, they need to be refactored before this can be done anyway. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2013-04-08Update git to v1.8.2.1John Keeping This requires a small change to how we handle notes, but otherwise just works. Note that we can't use anything from v1.8.0 until v1.8.2.1 because some of the symbols that we need for graph drawing were made private in v1.8.0 and this was not reverted until v1.8.2.1. Signed-off-by: John Keeping <john@keeping.me.uk> 2013-04-07ui-blob: don't segfault when no path is givenJohn Keeping It it possible to inspect blobs by specifying only the SHA-1, and CGit provides links to do so, for example if a tag points directly at a blob. In this case the path_items structure is never used, but creating it still causes strlen to be run on a null pointer. Fix this. This error was introduced by commit c1633c6 (Update git to v1.7.6.5 - 2013-03-02). Signed-off-by: John Keeping <john@keeping.me.uk> 2013-03-20Convert pager navigation into a unordered listLukas Fleischer It is common practice and semantically appropriate to use unordered lists for long navigation lists. This also fixes the layout of very long pager navigations in Webkit-based browsers. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2013-03-20Makefile: remove CGIT-CFLAGS files in clean stageJason A. Donenfeld 2013-03-20ui-summary.c: Move urls variable into print_urls()Lukas Fleischer There's no need for this variable to be global. Printing the header in print_urls() instead of print_url() allows for moving this variable into print_urls() without having to pass any status to print_url(). Note that this only works as long as we don't call print_urls() more than once. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2013-03-20Fix colspan valuesLukas Fleischer This fixes a couple of minor oversights in previous commits and adjusts all cells using colspan to use the correct width. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2013-03-20html: check return value of writeJason A. Donenfeld This squelches a gcc warning. It's also correct that we check to see if there are any partial or failed writes. For now, we just print a warning to stderr. In the future, perhaps it will prove wise to exit(1) on partial writes. 2013-03-20ui-shared: squelch compiler warning.Jason A. Donenfeld Since tail is initialized to 0, we will never get a warning on the last if statement, but recent gcc complains anyway. So, we initialize len as well. Future gcc versions should be able to optimize this out anyway. 2013-03-20cgit.mk: Use SHELL_PATH_SQ to run gen-version.shJohn Keeping On some platforms (notably Solaris) /bin/sh doesn't support enough of POSIX for gen-version.sh to run. Git's Makefile provides SHELL_PATH_SQ to address this issue so we just have to use it. Signed-off-by: John Keeping <john@keeping.me.uk> 2013-03-20cgit.mk: don't rebuild everything if CGIT_VERSION changesJohn Keeping If CGIT_VERSION is in CGIT_CFLAGS then a change in version (for example because you have committed your changes) causes all of the CGit objects to be rebuilt. Avoid this by using EXTRA_CPPFLAGS to add the version for only those files that are affected and make them depend on VERSION. Signed-off-by: John Keeping <john@keeping.me.uk> 2013-03-20ui-patch: use cgit_version not CGIT_VERSIONJohn Keeping We already have a global cgit_version which is set from the #define'd CGIT_VERSION in cgit.c. Change ui-patch.c to use this so that we only need to rebuild cgit.o when the version changes. Signed-off-by: John Keeping <john@keeping.me.uk> 2013-03-20Makefile: re-use Git's Makefile where possibleJohn Keeping