summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--neon/neon-config.in5
-rw-r--r--neon/src/.splintrc4
-rw-r--r--neon/src/ne_alloc.h23
-rw-r--r--neon/src/ne_openssl.c22
-rw-r--r--neon/src/ne_request.c3
-rw-r--r--neon/src/ne_session.h2
-rw-r--r--neon/src/ne_socket.c10
-rw-r--r--neon/src/ne_socket.h4
-rw-r--r--neon/src/ne_ssl.h16
-rw-r--r--neon/test/ca1.pem8
-rw-r--r--neon/test/ca2.pem8
-rw-r--r--neon/test/ca3.pem6
-rw-r--r--neon/test/ca4.pem6
-rw-r--r--neon/test/calist.pem28
-rw-r--r--neon/test/chain.pem28
15 files changed, 104 insertions, 69 deletions
diff --git a/neon/neon-config.in b/neon/neon-config.in
index 8db113cc5..764f57c16 100644
--- a/neon/neon-config.in
+++ b/neon/neon-config.in
@@ -71,11 +71,6 @@ while test $# -gt 0; do
--libs)
LIBS="-lneon @NEON_LIBS@"
- # Don't add standard library paths
- case "${libdir}" in
- /usr/lib|/lib) ;;
- *) LIBS="-L${libdir} ${LIBS}" ;;
- esac
echo @user_LDFLAGS@ ${LIBS}
;;
diff --git a/neon/src/.splintrc b/neon/src/.splintrc
index 89328bdcd..b8cf4cca6 100644
--- a/neon/src/.splintrc
+++ b/neon/src/.splintrc
@@ -1,4 +1,4 @@
--I. -I.. -I../../expat/lib -I../../zlib -DHAVE_CONFIG_H -D_LARGFILE_SOURCE
+-I. -I.. -I../../expat/lib -I../../zlib -DHAVE_CONFIG_H -D_LARGFILE_SOURCE -D__i386__ -DINT_MAX=0x7fffffffL -DSHRT_MAX=0x7fff
+partial
+forcehints
@@ -31,6 +31,7 @@
-infloops # 1
-infloopsuncon # 1
-initallelements # 3
+-matchfields
-mayaliasunique # 4
-modfilesys # 12
-modnomods # 1
@@ -56,6 +57,7 @@
-immediatetrans # 5
-kepttrans # 5
-observertrans # 5
+-onlytrans
-readonlytrans # 1
-statictrans # 1
-temptrans # 46
diff --git a/neon/src/ne_alloc.h b/neon/src/ne_alloc.h
index 64e7e0612..19fdb062a 100644
--- a/neon/src/ne_alloc.h
+++ b/neon/src/ne_alloc.h
@@ -42,11 +42,24 @@ void ne_oom_callback(void (*callback)(void))
* neon will abort(); calling an OOM callback beforehand if one is
* registered. The C library will only ever return NULL if the
* operating system does not use optimistic memory allocation. */
-void *ne_malloc(size_t size) ne_attribute_malloc;
-void *ne_calloc(size_t size) ne_attribute_malloc;
-void *ne_realloc(void *ptr, size_t s) ne_attribute_malloc;
-char *ne_strdup(const char *s) ne_attribute_malloc;
-char *ne_strndup(const char *s, size_t n) ne_attribute_malloc;
+/*@mayexit@*/ /*@only@*/ /*@out@*/
+void *ne_malloc(size_t size) ne_attribute_malloc
+ /*@globals errno @*/
+ /*@ensures maxSet(result) == (size - 1) @*/
+ /*@modifies errno @*/;
+/*@mayexit@*/ /*@only@*/
+void *ne_calloc(size_t size) ne_attribute_malloc
+ /*@*/;
+/*@mayexit@*/ /*@only@*/
+void *ne_realloc(void *ptr, size_t size) ne_attribute_malloc
+ /*@ensures maxSet(result) == (size - 1) @*/
+ /*@modifies *ptr @*/;
+/*@mayexit@*/ /*@only@*/
+char *ne_strdup(const char *s) ne_attribute_malloc
+ /*@*/;
+/*@mayexit@*/ /*@only@*/
+char *ne_strndup(const char *s, size_t n) ne_attribute_malloc
+ /*@*/;
#define ne_free free
#endif
diff --git a/neon/src/ne_openssl.c b/neon/src/ne_openssl.c
index 99ee32811..8b43376e5 100644
--- a/neon/src/ne_openssl.c
+++ b/neon/src/ne_openssl.c
@@ -142,9 +142,11 @@ void ne_ssl_clicert_free(ne_ssl_client_cert *cc)
/* Map a server cert verification into a string. */
static void verify_err(ne_session *sess, int failures)
+ /*@modifies sess @*/
{
struct {
int bit;
+/*@observer@*/
const char *str;
} reasons[] = {
{ NE_SSL_NOTYETVALID, N_("certificate is not yet valid") },
@@ -170,6 +172,7 @@ static void verify_err(ne_session *sess, int failures)
/* Format an ASN1 time to a string. 'buf' must be at least of size
* 'NE_SSL_VDATELEN'. */
static void asn1time_to_string(ASN1_TIME *tm, char *buf)
+ /*@modifies buf @*/
{
BIO *bio;
@@ -197,6 +200,7 @@ void ne_ssl_cert_validity(const ne_ssl_certificate *cert,
* used for session (hostname). (Wildcard matching is no longer
* mandated by RFC3280, but certs are deployed which use wildcards) */
static int match_hostname(char *cn, const char *hostname)
+ /*@modifies cn @*/
{
const char *dot;
NE_DEBUG(NE_DBG_SSL, "Match %s on %s...\n", cn, hostname);
@@ -219,7 +223,9 @@ static int match_hostname(char *cn, const char *hostname)
* identity does not match, or <0 if the certificate had no identity.
* If 'identity' is non-NULL, store the malloc-allocated identity in
* *identity. */
+/*@-modunconnomods@*/
static int check_identity(const char *hostname, X509 *cert, char **identity)
+ /*@modifies *identity @*/
{
STACK_OF(GENERAL_NAME) *names;
int match = 0, found = 0;
@@ -300,9 +306,12 @@ static int check_identity(const char *hostname, X509 *cert, char **identity)
match ? "good" : "bad");
return match ? 0 : 1;
}
+/*@=modunconnomods@*/
/* Populate an ne_ssl_certificate structure from an X509 object. */
+/*@-modunconnomods@*/
static ne_ssl_certificate *populate_cert(ne_ssl_certificate *cert, X509 *x5)
+ /*@modifies cert @*/
{
cert->subj_dn.dn = X509_get_subject_name(x5);
cert->issuer_dn.dn = X509_get_issuer_name(x5);
@@ -313,9 +322,12 @@ static ne_ssl_certificate *populate_cert(ne_ssl_certificate *cert, X509 *x5)
check_identity("", x5, &cert->identity);
return cert;
}
+/*@=modunconnomods@*/
/* Return a linked list of certificate objects from an OpenSSL chain. */
+/*@-modunconnomods@*/
static ne_ssl_certificate *make_chain(STACK_OF(X509) *chain)
+ /*@*/
{
int n, count = sk_X509_num(chain);
ne_ssl_certificate *top = NULL, *current = NULL;
@@ -341,9 +353,12 @@ static ne_ssl_certificate *make_chain(STACK_OF(X509) *chain)
return top;
}
+/*@=modunconnomods@*/
/* Verifies an SSL server certificate. */
+/*@-modunconnomods@*/
static int check_certificate(ne_session *sess, SSL *ssl, ne_ssl_certificate *chain)
+ /*@modifies sess @*/
{
X509 *cert = chain->subject;
ASN1_TIME *notBefore = X509_get_notBefore(cert);
@@ -413,9 +428,11 @@ static int check_certificate(ne_session *sess, SSL *ssl, ne_ssl_certificate *cha
return ret;
}
+/*@=modunconnomods@*/
/* Duplicate a client certificate, which must be in the decrypted state. */
static ne_ssl_client_cert *dup_client_cert(const ne_ssl_client_cert *cc)
+ /*@modifies cc @*/
{
ne_ssl_client_cert *newcc = ne_calloc(sizeof *newcc);
@@ -432,7 +449,9 @@ static ne_ssl_client_cert *dup_client_cert(const ne_ssl_client_cert *cc)
}
/* Callback invoked when the SSL server requests a client certificate. */
+/*@-modunconnomods@*/
static int provide_client_cert(SSL *ssl, X509 **cert, EVP_PKEY **pkey)
+ /*@modifies *cert, *pkey @*/
{
ne_ssl_context *ctx = SSL_get_app_data(ssl);
ne_session *sess = SSL_CTX_get_app_data(ctx->ctx);
@@ -476,6 +495,7 @@ static int provide_client_cert(SSL *ssl, X509 **cert, EVP_PKEY **pkey)
return 0;
}
}
+/*@=modunconnomods@*/
void ne_ssl_set_clicert(ne_session *sess, const ne_ssl_client_cert *cc)
{
@@ -659,6 +679,7 @@ void ne_ssl_trust_default_ca(ne_session *sess)
/* Find a friendly name in a PKCS12 structure the hard way, without
* decrypting the parts which are encrypted.. */
+/*@-modunconnomods@*/
static char *find_friendly_name(PKCS12 *p12)
{
STACK_OF(PKCS7) *safes = PKCS12_unpack_authsafes(p12);
@@ -690,6 +711,7 @@ static char *find_friendly_name(PKCS12 *p12)
sk_PKCS7_pop_free(safes, PKCS7_free);
return name;
}
+/*@=modunconnomods@*/
ne_ssl_client_cert *ne_ssl_clicert_read(const char *filename)
{
diff --git a/neon/src/ne_request.c b/neon/src/ne_request.c
index 5c1a64746..7ca535398 100644
--- a/neon/src/ne_request.c
+++ b/neon/src/ne_request.c
@@ -1374,7 +1374,8 @@ ne_session *ne_get_session(const ne_request *req)
/* Create a CONNECT tunnel through the proxy server.
* Returns HTTP_* */
static int proxy_tunnel(ne_session *sess)
- /*@*/
+ /*@globals internalState @*/
+ /*@modifies sess, internalState @*/
{
/* Hack up an HTTP CONNECT request... */
ne_request *req;
diff --git a/neon/src/ne_session.h b/neon/src/ne_session.h
index 56469e0ad..53de58639 100644
--- a/neon/src/ne_session.h
+++ b/neon/src/ne_session.h
@@ -142,7 +142,7 @@ void ne_ssl_set_verify(ne_session *sess, ne_ssl_verify_fn fn, void *userdata)
/* Use the given client certificate for the session. The client cert
* MUST be in the decrypted state, otherwise behaviour is undefined. */
void ne_ssl_set_clicert(ne_session *sess, const ne_ssl_client_cert *clicert)
- /*@modifies sess @*/;
+ /*@modifies sess, clicert @*/;
/* Indicate that the certificate 'cert' is trusted; 'cert' is
* duplicated internally and may be destroyed at will. */
diff --git a/neon/src/ne_socket.c b/neon/src/ne_socket.c
index 0503c302f..2157c193c 100644
--- a/neon/src/ne_socket.c
+++ b/neon/src/ne_socket.c
@@ -525,7 +525,7 @@ static const struct iofns iofns_raw = { read_raw, write_raw, readable_raw };
#ifdef HAVE_OPENSSL
/* OpenSSL I/O function implementations. */
static int readable_ossl(ne_socket *sock, int secs)
- /*@*/
+ /*@modifies sock @*/
{
if (SSL_pending(sock->ssl))
return 0;
@@ -534,7 +534,7 @@ static int readable_ossl(ne_socket *sock, int secs)
/* SSL error handling, according to SSL_get_error(3). */
static int error_ossl(ne_socket *sock, int sret)
- /*@*/
+ /*@modifies sock @*/
{
int err = SSL_get_error(sock->ssl, sret), ret = NE_SOCK_ERROR;
const char *str;
@@ -576,8 +576,9 @@ static int error_ossl(ne_socket *sock, int sret)
* accidentally passing a negative number, etc. */
#define CAST2INT(n) (((n) > INT_MAX) ? INT_MAX : (n))
+/*@-mustmod@*/
static ssize_t read_ossl(ne_socket *sock, char *buffer, size_t len)
- /*@*/
+ /*@modifies sock, buffer @*/
{
int ret;
@@ -590,9 +591,10 @@ static ssize_t read_ossl(ne_socket *sock, char *buffer, size_t len)
return ret;
}
+/*@=mustmod@*/
static ssize_t write_ossl(ne_socket *sock, const char *data, size_t len)
- /*@*/
+ /*@modifies sock @*/
{
int ret, ilen = CAST2INT(len);
ret = SSL_write(sock->ssl, data, ilen);
diff --git a/neon/src/ne_socket.h b/neon/src/ne_socket.h
index eeb244974..a306c9a2f 100644
--- a/neon/src/ne_socket.h
+++ b/neon/src/ne_socket.h
@@ -212,12 +212,12 @@ int ne_service_lookup(const char *name)
/* Negotiate an SSL connection on socket as an SSL server, using given
* SSL context. */
int ne_sock_accept_ssl(ne_socket *sock, ne_ssl_context *ctx)
- /*@*/;
+ /*@modifies sock, ctx @*/;
/* Negotiate an SSL connection on socket as an SSL client, using given
* SSL context. */
int ne_sock_connect_ssl(ne_socket *sock, ne_ssl_context *ctx)
- /*@*/;
+ /*@modifies sock, ctx @*/;
END_NEON_DECLS
diff --git a/neon/src/ne_ssl.h b/neon/src/ne_ssl.h
index 11fa4e539..3094b061a 100644
--- a/neon/src/ne_ssl.h
+++ b/neon/src/ne_ssl.h
@@ -106,7 +106,7 @@ int ne_ssl_cert_digest(const ne_ssl_certificate *cert, char *digest)
* least NE_SSL_VDATELEN bytes in length. */
void ne_ssl_cert_validity(const ne_ssl_certificate *cert,
char *from, char *until)
- /*@*/;
+ /*@modifies from, until @*/;
/* Returns zero if 'c1' and 'c2' refer to the same certificate, or
* non-zero otherwise. */
@@ -115,8 +115,8 @@ int ne_ssl_cert_cmp(const ne_ssl_certificate *c1,
/*@*/;
/* Deallocate memory associated with certificate. */
-void ne_ssl_cert_free(ne_ssl_certificate *cert)
- /*@*/;
+void ne_ssl_cert_free(/*@only@*/ ne_ssl_certificate *cert)
+ /*@modifies cert @*/;
/* A client certificate (and private key). */
typedef struct ne_ssl_client_cert_s ne_ssl_client_cert;
@@ -142,7 +142,7 @@ int ne_ssl_clicert_encrypted(const ne_ssl_client_cert *ccert)
* again with a different password. For a ccert on which _encrypted()
* returns 0, calling _decrypt results in undefined behaviour. */
int ne_ssl_clicert_decrypt(ne_ssl_client_cert *ccert, const char *password)
- /*@*/;
+ /*@modifies ccert @*/;
/* Return the actual certificate part of the client certificate (never
* returns NULL). */
@@ -150,8 +150,8 @@ const ne_ssl_certificate *ne_ssl_clicert_owner(const ne_ssl_client_cert *ccert)
/*@*/;
/* Deallocate memory associated with a client certificate. */
-void ne_ssl_clicert_free(ne_ssl_client_cert *ccert)
- /*@*/;
+void ne_ssl_clicert_free(/*@only@*/ ne_ssl_client_cert *ccert)
+ /*@modifies ccert @*/;
/* SSL context object. The interfaces to manipulate an SSL context
@@ -184,8 +184,8 @@ int ne_ssl_context_set_verify(ne_ssl_context *ctx, int required,
/*@*/;
/* Destroy an SSL context. */
-void ne_ssl_context_destroy(ne_ssl_context *ctx)
- /*@*/;
+void ne_ssl_context_destroy(/*@only@*/ ne_ssl_context *ctx)
+ /*@modifies ctx @*/;
END_NEON_DECLS
diff --git a/neon/test/ca1.pem b/neon/test/ca1.pem
index a52ebe44b..32f25291a 100644
--- a/neon/test/ca1.pem
+++ b/neon/test/ca1.pem
@@ -3,13 +3,13 @@ MIICQTCCAeugAwIBAgIBADANBgkqhkiG9w0BAQQFADCBnzELMAkGA1UEBhMCR0Ix
FTATBgNVBAgTDExpbmNvbG5zaGlyZTEQMA4GA1UEBxMHTGluY29sbjERMA8GA1UE
ChMIQ0FzIEx0ZC4xGDAWBgNVBAsTD0ZpcnN0IFJhbmRvbSBDQTEaMBgGA1UEAxMR
Zmlyc3QuZXhhbXBsZS5jb20xHjAcBgkqhkiG9w0BCQEWD25lb25Ad2ViZGF2Lm9y
-ZzAeFw0wNDEwMjkxMzEzNDdaFw0wNzA0MTcxMzEzNDdaMIGfMQswCQYDVQQGEwJH
+ZzAeFw0wNDExMDExNTAzMTNaFw0wNzA0MjAxNTAzMTNaMIGfMQswCQYDVQQGEwJH
QjEVMBMGA1UECBMMTGluY29sbnNoaXJlMRAwDgYDVQQHEwdMaW5jb2xuMREwDwYD
VQQKEwhDQXMgTHRkLjEYMBYGA1UECxMPRmlyc3QgUmFuZG9tIENBMRowGAYDVQQD
ExFmaXJzdC5leGFtcGxlLmNvbTEeMBwGCSqGSIb3DQEJARYPbmVvbkB3ZWJkYXYu
b3JnMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAPNFTmxnz4JZA+8+SonD0qWgSBPY
WrNlH1FP+psm5EGZGmGJGvSDsk6HkyvstdopKF50UuEaJ263IorAhkmdGG0CAwEA
-AaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAANBAOvtDu4Cs6nj5DG1
-NG5gqCkrVWqvjSd1jzsxOJBoN9gk/d87rAzNCvK4dTkFf9btdRZwv5OZFJzKLcU8
-f7qzMnM=
+AaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAANBAAqqk1T3oQdI5Wqy
+W3chgRhhIbbIs7t5pmhqKgsGuDajJf5SVwrKfm7UY9TRI9L0P8KiECoh3OvzxbsG
+txt298w=
-----END CERTIFICATE-----
diff --git a/neon/test/ca2.pem b/neon/test/ca2.pem
index d0708b993..3060b1464 100644
--- a/neon/test/ca2.pem
+++ b/neon/test/ca2.pem
@@ -3,13 +3,13 @@ MIICPzCCAemgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBnjELMAkGA1UEBhMCR0Ix
ETAPBgNVBAgTCENvcm53YWxsMREwDwYDVQQHEwhGYWxtb3V0aDERMA8GA1UEChMI
Q0FzIEx0ZC4xGTAXBgNVBAsTEFNlY29uZCBSYW5kb20gQ0ExGzAZBgNVBAMTEnNl
Y29uZC5leGFtcGxlLmNvbTEeMBwGCSqGSIb3DQEJARYPbmVvbkB3ZWJkYXYub3Jn
-MB4XDTA0MTAyOTEzMTM0N1oXDTA3MDQxNzEzMTM0N1owgZ4xCzAJBgNVBAYTAkdC
+MB4XDTA0MTEwMTE1MDMxM1oXDTA3MDQyMDE1MDMxM1owgZ4xCzAJBgNVBAYTAkdC
MREwDwYDVQQIEwhDb3Jud2FsbDERMA8GA1UEBxMIRmFsbW91dGgxETAPBgNVBAoT
CENBcyBMdGQuMRkwFwYDVQQLExBTZWNvbmQgUmFuZG9tIENBMRswGQYDVQQDExJz
ZWNvbmQuZXhhbXBsZS5jb20xHjAcBgkqhkiG9w0BCQEWD25lb25Ad2ViZGF2Lm9y
ZzBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDzRU5sZ8+CWQPvPkqJw9KloEgT2Fqz
ZR9RT/qbJuRBmRphiRr0g7JOh5Mr7LXaKShedFLhGidutyKKwIZJnRhtAgMBAAGj
-EDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADQQANIBQyploOs1JrmzZu
-TATbjH6wsoEWdAUKs+UMuigRHskqK4j6PutoPWYFB+Ebxfh1miiaWS/KwFzWmPte
-iNeK
+EDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADQQBp0fpX6RKUfZ58TAAp
+w0JHXYgWHOcz7VpxAxh95lHM5dZiFXWLfisrugIjMInpvQZuoP/Cem0XA2vj89Af
+d+zA
-----END CERTIFICATE-----
diff --git a/neon/test/ca3.pem b/neon/test/ca3.pem
index c445e497a..99b0fd918 100644
--- a/neon/test/ca3.pem
+++ b/neon/test/ca3.pem
@@ -3,12 +3,12 @@ MIICNzCCAeGgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBmjELMAkGA1UEBhMCR0Ix
EDAOBgNVBAgTB1N1ZmZvbGsxEDAOBgNVBAcTB0lwc3dpY2gxETAPBgNVBAoTCENB
cyBMdGQuMRgwFgYDVQQLEw9UaGlyZCBSYW5kb20gQ0ExGjAYBgNVBAMTEXRoaXJk
LmV4YW1wbGUuY29tMR4wHAYJKoZIhvcNAQkBFg9uZW9uQHdlYmRhdi5vcmcwHhcN
-MDQxMDI5MTMxMzQ3WhcNMDcwNDE3MTMxMzQ3WjCBmjELMAkGA1UEBhMCR0IxEDAO
+MDQxMTAxMTUwMzEzWhcNMDcwNDIwMTUwMzEzWjCBmjELMAkGA1UEBhMCR0IxEDAO
BgNVBAgTB1N1ZmZvbGsxEDAOBgNVBAcTB0lwc3dpY2gxETAPBgNVBAoTCENBcyBM
dGQuMRgwFgYDVQQLEw9UaGlyZCBSYW5kb20gQ0ExGjAYBgNVBAMTEXRoaXJkLmV4
YW1wbGUuY29tMR4wHAYJKoZIhvcNAQkBFg9uZW9uQHdlYmRhdi5vcmcwXDANBgkq
hkiG9w0BAQEFAANLADBIAkEA80VObGfPglkD7z5KicPSpaBIE9has2UfUU/6mybk
QZkaYYka9IOyToeTK+y12ikoXnRS4RonbrciisCGSZ0YbQIDAQABoxAwDjAMBgNV
-HRMEBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAwL7CNh2/1USUCHz55X/5BmySC1UJ
-mImoh0DD0LocIQJUjGsScm3M8HXarGxl6Vfkklt/k2TMAy6YCTv+1/dazw==
+HRMEBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAS9S1VrowKJt9GIozWcsq1hD9XX+F
+h0m7o7WudpVzjMhhbU97DJ7p2XFz5sKNpyPwRhkFTJ4Zm5XSTEc8WcsWBw==
-----END CERTIFICATE-----
diff --git a/neon/test/ca4.pem b/neon/test/ca4.pem
index d08509a2e..a88f1383e 100644
--- a/neon/test/ca4.pem
+++ b/neon/test/ca4.pem
@@ -3,12 +3,12 @@ MIICOzCCAeWgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBnDELMAkGA1UEBhMCR0Ix
EDAOBgNVBAgTB05vcmZvbGsxEDAOBgNVBAcTB05vcndpY2gxETAPBgNVBAoTCENB
cyBMdGQuMRkwFwYDVQQLExBGb3VydGggUmFuZG9tIENBMRswGQYDVQQDExJmb3Vy
dGguZXhhbXBsZS5jb20xHjAcBgkqhkiG9w0BCQEWD25lb25Ad2ViZGF2Lm9yZzAe
-Fw0wNDEwMjkxMzEzNDdaFw0wNzA0MTcxMzEzNDdaMIGcMQswCQYDVQQGEwJHQjEQ
+Fw0wNDExMDExNTAzMTNaFw0wNzA0MjAxNTAzMTNaMIGcMQswCQYDVQQGEwJHQjEQ
MA4GA1UECBMHTm9yZm9sazEQMA4GA1UEBxMHTm9yd2ljaDERMA8GA1UEChMIQ0Fz
IEx0ZC4xGTAXBgNVBAsTEEZvdXJ0aCBSYW5kb20gQ0ExGzAZBgNVBAMTEmZvdXJ0
aC5leGFtcGxlLmNvbTEeMBwGCSqGSIb3DQEJARYPbmVvbkB3ZWJkYXYub3JnMFww
DQYJKoZIhvcNAQEBBQADSwAwSAJBAPNFTmxnz4JZA+8+SonD0qWgSBPYWrNlH1FP
+psm5EGZGmGJGvSDsk6HkyvstdopKF50UuEaJ263IorAhkmdGG0CAwEAAaMQMA4w
-DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAANBAMxApCvWUMkO47bO/Cpy6ow2
-BTb8BQW+NeSXV3EIlu1IPVJ9e1pcfTtVP5z5bseeUQSMcRWwEbV3Aie+a5xsT9Y=
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAANBADZrHP9K8nS2WFiVBQgzljbN
+aeP00s2BF/fBZjhqi94FmP07SHEcLBRuN+cK4J3ThuDOqc6C6cFjP/o+dfF1T2M=
-----END CERTIFICATE-----
diff --git a/neon/test/calist.pem b/neon/test/calist.pem
index 2ea2e13dd..b8d26539f 100644
--- a/neon/test/calist.pem
+++ b/neon/test/calist.pem
@@ -3,56 +3,56 @@ MIICQTCCAeugAwIBAgIBADANBgkqhkiG9w0BAQQFADCBnzELMAkGA1UEBhMCR0Ix
FTATBgNVBAgTDExpbmNvbG5zaGlyZTEQMA4GA1UEBxMHTGluY29sbjERMA8GA1UE
ChMIQ0FzIEx0ZC4xGDAWBgNVBAsTD0ZpcnN0IFJhbmRvbSBDQTEaMBgGA1UEAxMR
Zmlyc3QuZXhhbXBsZS5jb20xHjAcBgkqhkiG9w0BCQEWD25lb25Ad2ViZGF2Lm9y
-ZzAeFw0wNDEwMjkxMzEzNDdaFw0wNzA0MTcxMzEzNDdaMIGfMQswCQYDVQQGEwJH
+ZzAeFw0wNDExMDExNTAzMTNaFw0wNzA0MjAxNTAzMTNaMIGfMQswCQYDVQQGEwJH
QjEVMBMGA1UECBMMTGluY29sbnNoaXJlMRAwDgYDVQQHEwdMaW5jb2xuMREwDwYD
VQQKEwhDQXMgTHRkLjEYMBYGA1UECxMPRmlyc3QgUmFuZG9tIENBMRowGAYDVQQD
ExFmaXJzdC5leGFtcGxlLmNvbTEeMBwGCSqGSIb3DQEJARYPbmVvbkB3ZWJkYXYu
b3JnMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAPNFTmxnz4JZA+8+SonD0qWgSBPY
WrNlH1FP+psm5EGZGmGJGvSDsk6HkyvstdopKF50UuEaJ263IorAhkmdGG0CAwEA
-AaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAANBAOvtDu4Cs6nj5DG1
-NG5gqCkrVWqvjSd1jzsxOJBoN9gk/d87rAzNCvK4dTkFf9btdRZwv5OZFJzKLcU8
-f7qzMnM=
+AaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAANBAAqqk1T3oQdI5Wqy
+W3chgRhhIbbIs7t5pmhqKgsGuDajJf5SVwrKfm7UY9TRI9L0P8KiECoh3OvzxbsG
+txt298w=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICPzCCAemgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBnjELMAkGA1UEBhMCR0Ix
ETAPBgNVBAgTCENvcm53YWxsMREwDwYDVQQHEwhGYWxtb3V0aDERMA8GA1UEChMI
Q0FzIEx0ZC4xGTAXBgNVBAsTEFNlY29uZCBSYW5kb20gQ0ExGzAZBgNVBAMTEnNl
Y29uZC5leGFtcGxlLmNvbTEeMBwGCSqGSIb3DQEJARYPbmVvbkB3ZWJkYXYub3Jn
-MB4XDTA0MTAyOTEzMTM0N1oXDTA3MDQxNzEzMTM0N1owgZ4xCzAJBgNVBAYTAkdC
+MB4XDTA0MTEwMTE1MDMxM1oXDTA3MDQyMDE1MDMxM1owgZ4xCzAJBgNVBAYTAkdC
MREwDwYDVQQIEwhDb3Jud2FsbDERMA8GA1UEBxMIRmFsbW91dGgxETAPBgNVBAoT
CENBcyBMdGQuMRkwFwYDVQQLExBTZWNvbmQgUmFuZG9tIENBMRswGQYDVQQDExJz
ZWNvbmQuZXhhbXBsZS5jb20xHjAcBgkqhkiG9w0BCQEWD25lb25Ad2ViZGF2Lm9y
ZzBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDzRU5sZ8+CWQPvPkqJw9KloEgT2Fqz
ZR9RT/qbJuRBmRphiRr0g7JOh5Mr7LXaKShedFLhGidutyKKwIZJnRhtAgMBAAGj
-EDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADQQANIBQyploOs1JrmzZu
-TATbjH6wsoEWdAUKs+UMuigRHskqK4j6PutoPWYFB+Ebxfh1miiaWS/KwFzWmPte
-iNeK
+EDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADQQBp0fpX6RKUfZ58TAAp
+w0JHXYgWHOcz7VpxAxh95lHM5dZiFXWLfisrugIjMInpvQZuoP/Cem0XA2vj89Af
+d+zA
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICNzCCAeGgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBmjELMAkGA1UEBhMCR0Ix
EDAOBgNVBAgTB1N1ZmZvbGsxEDAOBgNVBAcTB0lwc3dpY2gxETAPBgNVBAoTCENB
cyBMdGQuMRgwFgYDVQQLEw9UaGlyZCBSYW5kb20gQ0ExGjAYBgNVBAMTEXRoaXJk
LmV4YW1wbGUuY29tMR4wHAYJKoZIhvcNAQkBFg9uZW9uQHdlYmRhdi5vcmcwHhcN
-MDQxMDI5MTMxMzQ3WhcNMDcwNDE3MTMxMzQ3WjCBmjELMAkGA1UEBhMCR0IxEDAO
+MDQxMTAxMTUwMzEzWhcNMDcwNDIwMTUwMzEzWjCBmjELMAkGA1UEBhMCR0IxEDAO
BgNVBAgTB1N1ZmZvbGsxEDAOBgNVBAcTB0lwc3dpY2gxETAPBgNVBAoTCENBcyBM
dGQuMRgwFgYDVQQLEw9UaGlyZCBSYW5kb20gQ0ExGjAYBgNVBAMTEXRoaXJkLmV4
YW1wbGUuY29tMR4wHAYJKoZIhvcNAQkBFg9uZW9uQHdlYmRhdi5vcmcwXDANBgkq
hkiG9w0BAQEFAANLADBIAkEA80VObGfPglkD7z5KicPSpaBIE9has2UfUU/6mybk
QZkaYYka9IOyToeTK+y12ikoXnRS4RonbrciisCGSZ0YbQIDAQABoxAwDjAMBgNV
-HRMEBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAwL7CNh2/1USUCHz55X/5BmySC1UJ
-mImoh0DD0LocIQJUjGsScm3M8HXarGxl6Vfkklt/k2TMAy6YCTv+1/dazw==
+HRMEBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAS9S1VrowKJt9GIozWcsq1hD9XX+F
+h0m7o7WudpVzjMhhbU97DJ7p2XFz5sKNpyPwRhkFTJ4Zm5XSTEc8WcsWBw==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICOzCCAeWgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBnDELMAkGA1UEBhMCR0Ix
EDAOBgNVBAgTB05vcmZvbGsxEDAOBgNVBAcTB05vcndpY2gxETAPBgNVBAoTCENB
cyBMdGQuMRkwFwYDVQQLExBGb3VydGggUmFuZG9tIENBMRswGQYDVQQDExJmb3Vy
dGguZXhhbXBsZS5jb20xHjAcBgkqhkiG9w0BCQEWD25lb25Ad2ViZGF2Lm9yZzAe
-Fw0wNDEwMjkxMzEzNDdaFw0wNzA0MTcxMzEzNDdaMIGcMQswCQYDVQQGEwJHQjEQ
+Fw0wNDExMDExNTAzMTNaFw0wNzA0MjAxNTAzMTNaMIGcMQswCQYDVQQGEwJHQjEQ
MA4GA1UECBMHTm9yZm9sazEQMA4GA1UEBxMHTm9yd2ljaDERMA8GA1UEChMIQ0Fz
IEx0ZC4xGTAXBgNVBAsTEEZvdXJ0aCBSYW5kb20gQ0ExGzAZBgNVBAMTEmZvdXJ0
aC5leGFtcGxlLmNvbTEeMBwGCSqGSIb3DQEJARYPbmVvbkB3ZWJkYXYub3JnMFww
DQYJKoZIhvcNAQEBBQADSwAwSAJBAPNFTmxnz4JZA+8+SonD0qWgSBPYWrNlH1FP
+psm5EGZGmGJGvSDsk6HkyvstdopKF50UuEaJ263IorAhkmdGG0CAwEAAaMQMA4w
-DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAANBAMxApCvWUMkO47bO/Cpy6ow2
-BTb8BQW+NeSXV3EIlu1IPVJ9e1pcfTtVP5z5bseeUQSMcRWwEbV3Aie+a5xsT9Y=
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAANBADZrHP9K8nS2WFiVBQgzljbN
+aeP00s2BF/fBZjhqi94FmP07SHEcLBRuN+cK4J3ThuDOqc6C6cFjP/o+dfF1T2M=
-----END CERTIFICATE-----
diff --git a/neon/test/chain.pem b/neon/test/chain.pem
index fbaf061ac..f2a822fde 100644
--- a/neon/test/chain.pem
+++ b/neon/test/chain.pem
@@ -3,14 +3,14 @@ MIICNzCCAeGgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBmjELMAkGA1UEBhMCVVMx
EzARBgNVBAgTCkNhbGlmb3JuaWExEDAOBgNVBAcTB09ha2xhbmQxEDAOBgNVBAoT
B05lb3NpZ24xFDASBgNVBAsTC1JhbmRvbSBEZXB0MRwwGgYDVQQDExNub3doZXJl
LmV4YW1wbGUuY29tMR4wHAYJKoZIhvcNAQkBFg9uZW9uQHdlYmRhdi5vcmcwHhcN
-MDQxMDI5MTMxMzQ3WhcNMDcwNDE3MTMxMzQ3WjCBmjELMAkGA1UEBhMCVVMxEzAR
+MDQxMTAxMTUwMzEzWhcNMDcwNDIwMTUwMzEzWjCBmjELMAkGA1UEBhMCVVMxEzAR
BgNVBAgTCkNhbGlmb3JuaWExEDAOBgNVBAcTB09ha2xhbmQxEDAOBgNVBAoTB05l
b3NpZ24xFDASBgNVBAsTC1JhbmRvbSBEZXB0MRwwGgYDVQQDExNub3doZXJlLmV4
YW1wbGUuY29tMR4wHAYJKoZIhvcNAQkBFg9uZW9uQHdlYmRhdi5vcmcwXDANBgkq
-hkiG9w0BAQEFAANLADBIAkEAxZZK/iqR8mWCs0u3A4Vz58fik0B2RpVLF8LFmXuu
-XCDNR4bjCwcOJpd+zpHrxb7LKaUYIA9Y3g1i90qylbgJBwIDAQABoxAwDjAMBgNV
-HRMEBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAEGXxwEqcoz3uXP6/7QqmMhxDhrce
-xAGgVRXo546dK9XW3/E6HL7vM+euPnsF/Anhjv5PSRG5pLTy2hDE+r/QuQ==
+hkiG9w0BAQEFAANLADBIAkEAulGu4rv1AMHc4Nbf/Nwi9a5Yi4cOM+hpUpkXQ7Bk
+uAB2r2xlX5F0bQdlItnOHRsCQ5HSFEVXeIr3OFn998cIiQIDAQABoxAwDjAMBgNV
+HRMEBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAJ4/6DGrb1MNN10RtYVc/gG8mEU64
+exTFjqe7lnmkGx/AJJ1oHM+YQ97rQyXppyYSARYO02bWJ3BRWPyy3jt1tg==
-----END CERTIFICATE-----
Certificate:
Data:
@@ -19,8 +19,8 @@ Certificate:
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=California, L=Oakland, O=Neosign, OU=Random Dept, CN=nowhere.example.com/emailAddress=neon@webdav.org
Validity
- Not Before: Oct 29 13:13:48 2004 GMT
- Not After : Apr 17 13:13:48 2007 GMT
+ Not Before: Nov 1 15:03:13 2004 GMT
+ Not After : Apr 20 15:03:13 2007 GMT
Subject: C=GB, ST=Cambridgeshire, L=Cambridge, O=Neon Hackers Ltd, OU=Neon QA Dept, CN=localhost/emailAddress=neon@webdav.org
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -36,21 +36,21 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: md5WithRSAEncryption
- 7e:43:47:e7:a6:40:a3:c0:08:ac:79:15:8b:f3:6f:50:5b:27:
- a4:10:8d:61:b8:17:00:95:1e:bf:93:30:d6:19:99:b1:d6:a2:
- ef:25:b4:c8:c0:06:0b:84:05:af:ae:75:f1:01:6a:83:b9:01:
- 35:01:11:8f:8b:35:5b:dc:3b:09
+ 47:f4:42:07:69:04:84:cd:c8:e2:92:6a:6c:f2:d6:2c:83:27:
+ fd:e1:72:8f:a7:46:90:8f:ce:83:5b:4c:f9:17:a5:dd:2a:cf:
+ e6:6f:b8:f4:98:78:f0:d5:ce:80:4a:68:76:2c:7e:24:c7:a2:
+ 2e:2f:5e:3e:63:6d:8d:c6:ca:ab
-----BEGIN CERTIFICATE-----
MIICOjCCAeSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBmjELMAkGA1UEBhMCVVMx
EzARBgNVBAgTCkNhbGlmb3JuaWExEDAOBgNVBAcTB09ha2xhbmQxEDAOBgNVBAoT
B05lb3NpZ24xFDASBgNVBAsTC1JhbmRvbSBEZXB0MRwwGgYDVQQDExNub3doZXJl
LmV4YW1wbGUuY29tMR4wHAYJKoZIhvcNAQkBFg9uZW9uQHdlYmRhdi5vcmcwHhcN
-MDQxMDI5MTMxMzQ4WhcNMDcwNDE3MTMxMzQ4WjCBoDELMAkGA1UEBhMCR0IxFzAV
+MDQxMTAxMTUwMzEzWhcNMDcwNDIwMTUwMzEzWjCBoDELMAkGA1UEBhMCR0IxFzAV
BgNVBAgTDkNhbWJyaWRnZXNoaXJlMRIwEAYDVQQHEwlDYW1icmlkZ2UxGTAXBgNV
BAoTEE5lb24gSGFja2VycyBMdGQxFTATBgNVBAsTDE5lb24gUUEgRGVwdDESMBAG
A1UEAxMJbG9jYWxob3N0MR4wHAYJKoZIhvcNAQkBFg9uZW9uQHdlYmRhdi5vcmcw
XDANBgkqhkiG9w0BAQEFAANLADBIAkEA80VObGfPglkD7z5KicPSpaBIE9has2Uf
UU/6mybkQZkaYYka9IOyToeTK+y12ikoXnRS4RonbrciisCGSZ0YbQIDAQABow0w
-CzAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBAUAA0EAfkNH56ZAo8AIrHkVi/NvUFsn
-pBCNYbgXAJUev5Mw1hmZsdai7yW0yMAGC4QFr6518QFqg7kBNQERj4s1W9w7CQ==
+CzAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBAUAA0EAR/RCB2kEhM3I4pJqbPLWLIMn
+/eFyj6dGkI/Og1tM+Rel3SrP5m+49Jh48NXOgEpodix+JMeiLi9ePmNtjcbKqw==
-----END CERTIFICATE-----
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 23:32:08 +0000