projects
/
oweals
/
openssl.git
/ history
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
Ensure RSA PSS correctly returns the right default digest
[oweals/openssl.git]
/
crypto
/
x509
/
x509_vfy.c
2018-12-20
Ken Goldman
Admit unknown pkey types at security level 0
blob
|
commitdiff
|
raw
2018-10-18
Viktor Dukhovni
Apply self-imposed path length also to root CAs
blob
|
commitdiff
|
raw
|
diff to current
2018-10-18
Viktor Dukhovni
Only CA certificates can be self-issued
blob
|
commitdiff
|
raw
|
diff to current
2018-05-23
Viktor Dukhovni
Skip CN DNS name constraint checks when not needed
blob
|
commitdiff
|
raw
|
diff to current
2018-05-01
Matt Caswell
Update copyright year
blob
|
commitdiff
|
raw
|
diff to current
2018-04-24
FdaSilvaYY
X509: add more error codes on malloc or sk_TYP_push...
blob
|
commitdiff
|
raw
|
diff to current
2017-09-28
Pauli
Remove unnecessary #include <openssl/lhash.h> directives.
blob
|
commitdiff
|
raw
|
diff to current
2017-09-22
David Benjamin
Guard against DoS in name constraints handling.
blob
|
commitdiff
|
raw
|
diff to current
2017-08-22
Rich Salz
Use "" not <> for internal/ includes
blob
|
commitdiff
|
raw
|
diff to current
2017-08-21
Pauli
This has been added to avoid the situation where some...
blob
|
commitdiff
|
raw
|
diff to current
2017-08-21
Matt Caswell
Remove OPENSSL_assert() from crypto/x509
blob
|
commitdiff
|
raw
|
diff to current
2017-04-25
Dr. Stephen Henson
Use X509_get_signature_info() when checking security...
blob
|
commitdiff
|
raw
|
diff to current
2017-02-24
Emilia Kasper
X509 time: tighten validation per RFC 5280
blob
|
commitdiff
|
raw
|
diff to current
2016-12-03
Viktor Dukhovni
Restore last-resort expired untrusted intermediate...
blob
|
commitdiff
|
raw
|
diff to current
2016-08-24
Viktor Dukhovni
Un-delete still documented X509_STORE_CTX_set_verify
blob
|
commitdiff
|
raw
|
diff to current
2016-08-22
Matt Caswell
Add some sanity checks when checking CRL scores
blob
|
commitdiff
|
raw
|
diff to current
2016-08-19
Dr. Stephen Henson
Constify certificate and CRL time routines.
blob
|
commitdiff
|
raw
|
diff to current
2016-08-05
klemens
spelling fixes, just comments and readme.
blob
|
commitdiff
|
raw
|
diff to current
2016-08-03
Richard Levitte
Don't check any revocation info on proxy certificates
blob
|
commitdiff
|
raw
|
diff to current
2016-07-29
Dr. Stephen Henson
Fix CRL time comparison.
blob
|
commitdiff
|
raw
|
diff to current
2016-07-26
Dr. Stephen Henson
Remove current_method from X509_STORE_CTX
blob
|
commitdiff
|
raw
|
diff to current
2016-07-25
Richard Levitte
Add setter and getter for X509_STORE's check_policy
blob
|
commitdiff
|
raw
|
diff to current
2016-07-25
Richard Levitte
Add getters / setters for the X509_STORE_CTX and X509_S...
blob
|
commitdiff
|
raw
|
diff to current
2016-07-22
Dr. Stephen Henson
Use newest CRL.
blob
|
commitdiff
|
raw
|
diff to current
2016-07-12
Viktor Dukhovni
Perform DANE-EE(3) name checks by default
blob
|
commitdiff
|
raw
|
diff to current
2016-07-11
Dr. Stephen Henson
Add nameConstraints commonName checking.
blob
|
commitdiff
|
raw
|
diff to current
2016-06-29
Richard Levitte
Remove the envvar hack to enable proxy cert processing
blob
|
commitdiff
|
raw
|
diff to current
2016-06-29
FdaSilvaYY
Whitespace cleanup in crypto
blob
|
commitdiff
|
raw
|
diff to current
2016-06-20
Richard Levitte
Fix proxy certificate pathlength verification
blob
|
commitdiff
|
raw
|
diff to current
2016-06-20
Richard Levitte
Check that the subject name in a proxy cert complies...
blob
|
commitdiff
|
raw
|
diff to current
2016-05-18
Viktor Dukhovni
Ensure verify error is set when X509_verify_cert()...
blob
|
commitdiff
|
raw
|
diff to current
2016-05-17
Rich Salz
X509_STORE_CTX accessors.
blob
|
commitdiff
|
raw
|
diff to current
2016-05-17
Rich Salz
Copyright consolidation 09/10
blob
|
commitdiff
|
raw
|
diff to current
2016-05-09
FdaSilvaYY
fix tab-space mixed indentation
blob
|
commitdiff
|
raw
|
diff to current
2016-05-03
Viktor Dukhovni
Drop duplicate ctx->verify_cb assignment
blob
|
commitdiff
|
raw
|
diff to current
2016-04-28
Viktor Dukhovni
Implement X509_STORE_CTX_set_current_cert() accessor
blob
|
commitdiff
|
raw
|
diff to current
2016-04-27
Viktor Dukhovni
Future proof build_chain() in x509_vfy.c
blob
|
commitdiff
|
raw
|
diff to current
2016-04-25
Viktor Dukhovni
Added missing X509_STORE_CTX_set_error_depth() accessor
blob
|
commitdiff
|
raw
|
diff to current
2016-04-18
Rich Salz
Rename some lowercase API's
blob
|
commitdiff
|
raw
|
diff to current
2016-04-16
Dr. Stephen Henson
Add X509_STORE_CTX_set0_untrusted function.
blob
|
commitdiff
|
raw
|
diff to current
2016-04-15
Rich Salz
Make many X509_xxx types opaque.
blob
|
commitdiff
|
raw
|
diff to current
2016-04-08
Rich Salz
Add SSL_DANE typedef for consistency.
blob
|
commitdiff
|
raw
|
diff to current
2016-04-03
Viktor Dukhovni
Move peer chain security checks into x509_vfy.c
blob
|
commitdiff
|
raw
|
diff to current
2016-04-03
Viktor Dukhovni
Tidy up x509_vfy callback handling
blob
|
commitdiff
|
raw
|
diff to current
2016-03-30
Viktor Dukhovni
Require intermediate CAs to have basicConstraints CA...
blob
|
commitdiff
|
raw
|
diff to current
2016-03-21
Viktor Dukhovni
Add a comment on dane_verify() logic
blob
|
commitdiff
|
raw
|
diff to current
2016-03-08
Alessandro Ghedini
Convert CRYPTO_LOCK_X509_* to new multi-threading API
blob
|
commitdiff
|
raw
|
diff to current
2016-02-10
Viktor Dukhovni
Deprecate the -issuer_checks debugging option
blob
|
commitdiff
|
raw
|
diff to current
2016-02-08
Viktor Dukhovni
Suppress DANE TLSA reflection when verification fails
blob
|
commitdiff
|
raw
|
diff to current
2016-02-05
FdaSilvaYY
GH601: Various spelling fixes.
blob
|
commitdiff
|
raw
|
diff to current
2016-02-05
Viktor Dukhovni
Ensure correct chain depth for policy checks with DANE...
blob
|
commitdiff
|
raw
|
diff to current
2016-02-05
Viktor Dukhovni
Long overdue cleanup of X509 policy tree verification
blob
|
commitdiff
|
raw
|
diff to current
2016-02-01
Viktor Dukhovni
Compat self-signed trust with reject-only aux data
blob
|
commitdiff
|
raw
|
diff to current
2016-02-01
Viktor Dukhovni
Check chain extensions also for trusted certificates
blob
|
commitdiff
|
raw
|
diff to current
2016-01-26
Rich Salz
Remove /* foo.c */ comments
blob
|
commitdiff
|
raw
|
diff to current
2016-01-20
Viktor Dukhovni
Check Suite-B constraints with EE DANE records
blob
|
commitdiff
|
raw
|
diff to current
2016-01-18
Viktor Dukhovni
Drop cached certificate signature validity flag
blob
|
commitdiff
|
raw
|
diff to current
2016-01-15
Dr. Stephen Henson
Add lookup_certs for a trusted stack.
blob
|
commitdiff
|
raw
|
diff to current
2016-01-14
Viktor Dukhovni
Cosmetic polish for last-resort depth 0 check
blob
|
commitdiff
|
raw
|
diff to current
2016-01-14
Viktor Dukhovni
Fix last-resort depth 0 check when the chain has multip...
blob
|
commitdiff
|
raw
|
diff to current
2016-01-14
Viktor Dukhovni
Always initialize X509_STORE_CTX get_crl pointer
blob
|
commitdiff
|
raw
|
diff to current
2016-01-07
Viktor Dukhovni
DANE support for X509_verify_cert()
blob
|
commitdiff
|
raw
|
diff to current
2016-01-06
Viktor Dukhovni
DANE support structures, constructructors and accessors
blob
|
commitdiff
|
raw
|
diff to current
2016-01-03
Viktor Dukhovni
Fix X509_STORE_CTX_cleanup()
blob
|
commitdiff
|
raw
|
diff to current
2016-01-03
Viktor Dukhovni
X509_verify_cert() cleanup
blob
|
commitdiff
|
raw
|
diff to current
2015-12-14
Dr. Stephen Henson
New function X509_get0_pubkey
blob
|
commitdiff
|
raw
|
diff to current
2015-12-01
Rich Salz
ex_data part 2: doc fixes and CRYPTO_free_ex_index.
blob
|
commitdiff
|
raw
|
diff to current
2015-11-26
Dr. Stephen Henson
Remove X509_VERIFY_PARAM_ID
blob
|
commitdiff
|
raw
|
diff to current
2015-11-09
Matt Caswell
Continue standardising malloc style for libcrypto
blob
|
commitdiff
|
raw
|
diff to current
2015-10-15
Dr. Stephen Henson
embed CRL serial number and signature fields
blob
|
commitdiff
|
raw
|
diff to current
2015-09-05
mrpre
In X509_STORE_CTX_init, cleanup on failure
blob
|
commitdiff
|
raw
|
diff to current
2015-09-05
David Woodhouse
RT3951: Add X509_V_FLAG_NO_CHECK_TIME to suppress time...
blob
|
commitdiff
|
raw
|
diff to current
2015-09-03
David Woodhouse
Revert "OPENSSL_NO_xxx cleanup: RFC3779"
blob
|
commitdiff
|
raw
|
diff to current
2015-09-03
Rich Salz
Add and use OPENSSL_zalloc
blob
|
commitdiff
|
raw
|
diff to current
2015-09-02
Dr. Stephen Henson
make X509_CRL opaque
blob
|
commitdiff
|
raw
|
diff to current
2015-09-02
Viktor Dukhovni
Better handling of verify param id peername field
blob
|
commitdiff
|
raw
|
diff to current
2015-08-31
Dr. Stephen Henson
Add X509_up_ref function.
blob
|
commitdiff
|
raw
|
diff to current
2015-08-31
Dr. Stephen Henson
Add X509_CRL_up_ref function
blob
|
commitdiff
|
raw
|
diff to current
2015-08-28
Alessandro Ghedini
GH354: Memory leak fixes
blob
|
commitdiff
|
raw
|
diff to current
2015-08-13
Ismo Puustinen
GH364: Free memory on an error path
blob
|
commitdiff
|
raw
|
diff to current
2015-08-10
Rich Salz
RT3999: Remove sub-component version strings
blob
|
commitdiff
|
raw
|
diff to current
2015-07-07
Matt Caswell
Extend -show_chain option to verify to show more info
blob
|
commitdiff
|
raw
|
diff to current
2015-07-07
Matt Caswell
Reject calls to X509_verify_cert that have not been...
blob
|
commitdiff
|
raw
|
diff to current
2015-07-07
Matt Caswell
Fix alternate chains certificate forgery issue
blob
|
commitdiff
|
raw
|
diff to current
2015-06-11
Emilia Kasper
Fix length checks in X509_cmp_time to avoid out-of...
blob
|
commitdiff
|
raw
|
diff to current
2015-05-14
Richard Levitte
Identify and move common internal libcrypto header...
blob
|
commitdiff
|
raw
|
diff to current
2015-05-06
Gunnar Kudrjavets
Initialize potentially uninitialized local variables
blob
|
commitdiff
|
raw
|
diff to current
2015-05-06
Rich Salz
memset, memcpy, sizeof consistency fixes
blob
|
commitdiff
|
raw
|
diff to current
2015-05-04
Rich Salz
Use safer sizeof variant in malloc
blob
|
commitdiff
|
raw
|
diff to current
2015-05-01
Rich Salz
free NULL cleanup -- coda
blob
|
commitdiff
|
raw
|
diff to current
2015-05-01
Rich Salz
Remove goto inside an if(0) block
blob
|
commitdiff
|
raw
|
diff to current
2015-04-30
Rich Salz
free NULL cleanup 5a
blob
|
commitdiff
|
raw
|
diff to current
2015-04-28
Rich Salz
remove malloc casts
blob
|
commitdiff
|
raw
|
diff to current
2015-03-28
Rich Salz
free NULL cleanup
blob
|
commitdiff
|
raw
|
diff to current
2015-03-24
Dr. Stephen Henson
Fix verify algorithm.
blob
|
commitdiff
|
raw
|
diff to current
2015-02-25
Matt Caswell
Add flag to inhibit checking for alternate certificate...
blob
|
commitdiff
|
raw
|
diff to current
2015-02-25
Matt Caswell
In certain situations the server provided certificate...
blob
|
commitdiff
|
raw
|
diff to current
2015-02-09
Dr. Stephen Henson
Remove obsolete IMPLEMENT_ASN1_SET_OF
blob
|
commitdiff
|
raw
|
diff to current
2015-02-08
Rich Salz
Final (for me, for now) dead code cleanup
blob
|
commitdiff
|
raw
|
diff to current
2015-02-06
Rich Salz
util/mkstack.pl now generates entire safestack.h
blob
|
commitdiff
|
raw
|
diff to current
next