зеркало из https://github.com/mozilla/gecko-dev.git
4401954b60
In bug 1056341 we introduced a search budget to mozilla::pkix to attempt to work around the problem of having an extremely large search space given a set of certificates all with the same subject and issuer distinguished names but different public keys. In the end, though, there is probably no good value to choose for the budget that is small enough to run quickly on the wide range of hardware our users have and yet is large enough that we're confident won't break someone's complicated pki setup (looking at you, the US federal government). To address this, use the observation that as long as an intermediate can't *add* information necessary to build a certificate chain (e.g. stapled SCTs), we should never need a self-signed intermediate (as in, its own key verifies the signature on it and its subject and issuer distinguished names are identical) to build a trusted chain (since the exact same chain without that intermediate should be valid). Given this, we simply skip all self-signed non-trust anchor CA certificates during path building. Differential Revision: https://phabricator.services.mozilla.com/D31368 --HG-- extra : moz-landing-system : lando |
||
|---|---|---|
| .. | ||
| tests/gtest | ||
| BRNameMatchingPolicy.cpp | ||
| BRNameMatchingPolicy.h | ||
| CertVerifier.cpp | ||
| CertVerifier.h | ||
| ExtendedValidation.cpp | ||
| ExtendedValidation.h | ||
| NSSCertDBTrustDomain.cpp | ||
| NSSCertDBTrustDomain.h | ||
| OCSPCache.cpp | ||
| OCSPCache.h | ||
| OCSPVerificationTrustDomain.cpp | ||
| OCSPVerificationTrustDomain.h | ||
| TrustOverride-AppleGoogleDigiCertData.inc | ||
| TrustOverride-GlobalSignData.inc | ||
| TrustOverride-StartComAndWoSignData.inc | ||
| TrustOverride-SymantecData.inc | ||
| TrustOverride-TestImminentDistrustData.inc | ||
| TrustOverrideUtils.h | ||
| moz.build | ||