projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 29eb7d9) | patch
*BIG* verify code reorganisation.
authorDr. Stephen Henson <steve@openssl.org>
Tue, 5 Sep 2000 17:53:58 +0000 (17:53 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 5 Sep 2000 17:53:58 +0000 (17:53 +0000)
commit2f043896d14f5b1ced08bcc8bec3e38e7a18d96f
tree30c91e35a2b02dadc58fc56355894b4345142e51tree | snapshot
parent29eb7d9ce0488690cca532d0ecb4075b5ca59209commit | diff
*BIG* verify code reorganisation.

The old code was painfully primitive and couldn't handle
distinct certificates using the same subject name.

The new code performs several tests on a candidate issuer
certificate based on certificate extensions.

It also adds several callbacks to X509_VERIFY_CTX so its
behaviour can be customised.

Unfortunately some hackery was needed to persuade X509_STORE
to tolerate this. This should go away when X509_STORE is
replaced, sometime...

This must have broken something though :-(
13 files changed:
CHANGES diff | blob | history
Configure diff | blob | history
apps/verify.c diff | blob | history
crypto/asn1/x_x509.c diff | blob | history
crypto/stack/safestack.h diff | blob | history
crypto/x509/by_dir.c diff | blob | history
crypto/x509/x509.h diff | blob | history
crypto/x509/x509_lu.c diff | blob | history
crypto/x509/x509_txt.c diff | blob | history
crypto/x509/x509_vfy.c diff | blob | history
crypto/x509/x509_vfy.h diff | blob | history
crypto/x509v3/v3_purp.c diff | blob | history
crypto/x509v3/x509v3.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.