index
:
openssl
OpenSSL-engine-0_9_6-stable
OpenSSL-fips-0_9_7-stable
OpenSSL-fips-0_9_8-stable
OpenSSL-fips-1_2-stable
OpenSSL-fips-2_0-dev
OpenSSL-fips-2_0-stable
OpenSSL-fips2-0_9_7-stable
OpenSSL_0_9_6-stable
OpenSSL_0_9_7-stable
OpenSSL_0_9_8-stable
OpenSSL_0_9_8fg-stable
OpenSSL_1_0_0-stable
OpenSSL_1_0_1-stable
OpenSSL_1_0_2-stable
OpenSSL_1_1_0-stable
OpenSSL_1_1_1-stable
SSLeay
feature/dtls-1.3
feature/ech
feature/quic-server
master
openssl-3.0
openssl-3.1
openssl-3.2
openssl-3.3
tls1.3-draft-18
tls1.3-draft-19
Mirror of https://github.com/openssl/openssl
matthias
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
crypto
/
x509
/
x509_vfy.c
Age
Commit message (
Expand
)
Author
2018-10-18
Apply self-imposed path length also to root CAs
Viktor Dukhovni
2018-10-18
Only CA certificates can be self-issued
Viktor Dukhovni
2018-09-27
Merge 1.0.2 setuid calls to getenv(3) safety.
Pauli
2018-05-05
X509 time: tighten validation per RFC 5280
Emilia Kasper
2018-04-19
X509_cmp_time: only return 1, 0, -1.
Emilia Kasper
2016-09-26
Add some sanity checks when checking CRL scores
Matt Caswell
2016-08-03
Don't check any revocation info on proxy certificates
Richard Levitte
2016-07-29
Fix CRL time comparison.
Dr. Stephen Henson
2016-07-22
Use newest CRL.
Dr. Stephen Henson
2016-06-29
Fix proxy certificate pathlength verification
Richard Levitte
2016-06-29
Check that the subject name in a proxy cert complies to RFC 3820
Richard Levitte
2016-05-19
Ensure verify error is set when X509_verify_cert() fails
Viktor Dukhovni
2016-02-05
Fix missing ok=0 with locally blacklisted CAs
Viktor Dukhovni
2016-01-02
Fix X509_STORE_CTX_cleanup()
Viktor Dukhovni
2015-09-02
Better handling of verify param id peername field
Viktor Dukhovni
2015-08-28
GH354: Memory leak fixes
Alessandro Ghedini
2015-08-14
Fix 1.0.2 build break
Rich Salz
2015-08-13
GH364: Free memory on an error path
Ismo Puustinen
2015-07-07
Reject calls to X509_verify_cert that have not been reinitialised
Matt Caswell
2015-07-07
Fix alternate chains certificate forgery issue
Matt Caswell
2015-06-11
Fix length checks in X509_cmp_time to avoid out-of-bounds reads.
Emilia Kasper
2015-05-13
Add NULL checks from master
Rich Salz
2015-04-29
Revert "Fix verify algorithm."
Matt Caswell
2015-04-20
Fix verify algorithm.
Dr. Stephen Henson
2015-04-20
Add flag to inhibit checking for alternate certificate chains. Setting this
Matt Caswell
2015-04-20
In certain situations the server provided certificate chain may no longer be
Matt Caswell
2015-01-22
Re-align some comments after running the reformat script.
OpenSSL_1_0_2-post-reformat
Matt Caswell
2015-01-22
Run util/openssl-format-source -v -c .
Matt Caswell
2015-01-22
Additional comment changes for reformat of 1.0.2
Matt Caswell
2015-01-22
Further comment amendments to preserve formatting prior to source reformat
Matt Caswell
2014-09-08
RT2841: Extra return in check_issued
Paul Suhler
2014-07-07
Update API to use (char *) for email addresses and hostnames
Viktor Dukhovni
2014-07-07
Set optional peername when X509_check_host() succeeds.
Viktor Dukhovni
2014-07-07
One more typo when changing !result to result <= 0
Viktor Dukhovni
2014-07-07
Fix typo in last commit
Viktor Dukhovni
2014-07-07
Multiple verifier reference identities.
Viktor Dukhovni
2014-06-25
X509_check_mumble() failure is <= 0, not just 0
Viktor Dukhovni
2014-06-25
Drop hostlen from X509_VERIFY_PARAM_ID.
Viktor Dukhovni
2014-05-21
Fixes to host checking.
Viktor Dukhovni
2014-03-03
For self signed root only indicate one error.
Dr. Stephen Henson
2014-02-14
Include TA in checks/callback with partial chains.
Dr. Stephen Henson
2014-02-14
Add cert_self_signed function to simplify verify
Dr. Stephen Henson
2014-02-14
Simplify X509_STORE_CTX_get1_chain (from master).
Dr. Stephen Henson
2014-01-09
Fix bug in X509_V_FLAG_IGNORE_CRITICAL CRL handling.
Dr. Stephen Henson
2013-12-13
Add opaque ID structure.
Dr. Stephen Henson
2013-12-13
Fix for partial chain notification.
Dr. Stephen Henson
2013-09-08
Partial path fix.
Dr. Stephen Henson
2013-08-06
Fix verify loop with CRL checking.
Dr. Stephen Henson
2013-01-17
initial support for delta CRL generations by diffing two full CRLs
Dr. Stephen Henson
2013-01-06
Fix warning.
Ben Laurie
[next]