projects / platform / core / security / security-manager.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 307df57) | patch
Fix app-defined privileges certificate verification 79/297979/1
authorDariusz Michaluk <d.michaluk@samsung.com>
Tue, 29 Aug 2023 09:30:50 +0000 (11:30 +0200)
committerDariusz Michaluk <d.michaluk@samsung.com>
Tue, 29 Aug 2023 10:10:18 +0000 (12:10 +0200)
commitf8b013590dea435e41b178c0e28138c535ac37db
tree0389622b3a0bdbecf7b3e217aa65e4dea517c6batree | snapshot
parent307df57ad6034721f514d16b70e79eca4d8294a4commit | diff
Fix app-defined privileges certificate verification

Since OpenSSL 3.0 a number of additional checks introduced to X509_verify_cert()
according to requirements in RFC 5280 in case X509_V_FLAG_X509_STRICT is set.
For example, the basicConstraints of CA certificates must be marked critical.

This checks cause verification failure for not well-formed certificates.
Having backward compatibility in mind, it's better to disable strict checking
than replacing all broken certificates in applications.

Change-Id: I8c6cb50be7c36ff7ef3d5c221dd4f066c2626be6
src/license-manager/agent/agent_logic.cpp diff | blob | history
Domain: Security / Access Control;