index
:
openssl
OpenSSL-engine-0_9_6-stable
OpenSSL-fips-0_9_7-stable
OpenSSL-fips-0_9_8-stable
OpenSSL-fips-1_2-stable
OpenSSL-fips-2_0-dev
OpenSSL-fips-2_0-stable
OpenSSL-fips2-0_9_7-stable
OpenSSL_0_9_6-stable
OpenSSL_0_9_7-stable
OpenSSL_0_9_8-stable
OpenSSL_0_9_8fg-stable
OpenSSL_1_0_0-stable
OpenSSL_1_0_1-stable
OpenSSL_1_0_2-stable
OpenSSL_1_1_0-stable
OpenSSL_1_1_1-stable
SSLeay
feature/dtls-1.3
feature/ech
feature/quic-server
master
openssl-3.0
openssl-3.1
openssl-3.2
openssl-3.3
tls1.3-draft-18
tls1.3-draft-19
Mirror of https://github.com/openssl/openssl
matthias
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
crypto
/
x509
/
x509_vfy.c
Age
Commit message (
Expand
)
Author
2021-02-18
chain_build(): Call verify_cb_cert() if a preliminary error has become final
Dr. David von Oheimb
2021-02-17
x509_vfy: fix mem leaks in chain_build() on malloc error Coverify CID 1473068
Dr. David von Oheimb
2021-02-15
x509_vfy: remove redundant stack allocation
Benjamin Kaduk
2021-02-11
X509_STORE_CTX_cleanup(): Use internally so no need to call explicitly
Dr. David von Oheimb
2021-02-11
x509_vfy.c: Make chain_build() error diagnostics to the point
Dr. David von Oheimb
2021-02-09
x509_vfy.c: Sort out return values 0 vs. -1 (failure/internal error)
Dr. David von Oheimb
2021-02-09
X509_get_pubkey_parameters(): Correct failure behavior and its use
Dr. David von Oheimb
2021-02-09
x509_vfy.c: Fix various coding style and documentation style nits
Dr. David von Oheimb
2021-02-06
Add X509_STORE_CTX_verify(), which takes the first untrusted cert as default ...
Dr. David von Oheimb
2021-02-04
x509_vfy.c: Improve coding style and comments all over the file
Dr. David von Oheimb
2021-02-04
Allow NULL arg to OPENSSL_sk_{dup,deep_copy} returning empty stack
Dr. David von Oheimb
2021-01-28
Update copyright year
Richard Levitte
2021-01-26
Deprecate EC_KEY + Update ec apps to use EVP_PKEY
Shane Lontis
2021-01-20
x509_vfy.c: Rename CHECK_CB() to the more intuitively readable CB_FAIL_IF()
Dr. David von Oheimb
2021-01-14
find_issuer(): When returning an expired issuer, take the most recently expir...
Dr. David von Oheimb
2021-01-13
x509_vfy.c: Fix a regression in find_issuer()
Dr. David von Oheimb
2021-01-13
Add X509_NAME_hash_ex() to be able to check if it failed due to unsupported SHA1
Dr. David von Oheimb
2020-12-04
x509_vfy.c: Improve comments (correcting typos etc.)
Dr. David von Oheimb
2020-12-03
x509_vfy.c: Restore rejection of expired trusted (root) certificate
Dr. David von Oheimb
2020-12-03
remove unused assignments
Pauli
2020-11-22
x509_vfy.c: Remove superfluous assignment to 'ret' in check_chain()
Ankita Shetty
2020-11-13
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call
Richard Levitte
2020-11-06
x509_vfy.c: Call verification callback individually per strict check in check...
David von Oheimb
2020-11-06
x509_vfy.c: Introduce CHECK_CB macro simplifying use of cert verification cb ...
David von Oheimb
2020-10-15
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX
Dr. Matthias St. Pierre
2020-10-08
Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE
André Klitzing
2020-10-01
Run the withlibctx.pl script
Matt Caswell
2020-09-17
Rename check_chain_extensions to check_chain
Tomas Mraz
2020-09-17
Disallow certs with explicit curve in verification chain
Tomas Mraz
2020-09-16
free memory use on error in cert verify
Pauli
2020-09-13
Ignore unused return values from some sk_*() macros
Matt Caswell
2020-09-13
Fix stacks of OPENSSL_STRING, OPENSSL_CSTRING and OPENSSL_BLOCK
Matt Caswell
2020-09-13
Fix safestack issues in x509v3.h
Matt Caswell
2020-09-13
Fix safestack issues in x509.h
Matt Caswell
2020-09-11
check_chain_extensions(): Require X.509 v3 if extensions are present
Dr. David von Oheimb
2020-09-11
check_chain_extensions(): Change exclusion condition w.r.t. RFC 6818 section 2
Dr. David von Oheimb
2020-09-11
x509_vfy.c: Make sure that strict checks are not done for self-issued EE certs
Dr. David von Oheimb
2020-09-11
check_chain_extensions(): Add check that CA cert includes key usage extension
Dr. David von Oheimb
2020-09-11
check_chain_extensions(): Add check that on empty Subject the SAN must be mar...
Dr. David von Oheimb
2020-09-11
check_chain_extensions(): Add check that AKID and SKID are not marked critical
Dr. David von Oheimb
2020-09-11
check_chain_extensions(): Add check that Basic Constraints of CA cert are mar...
Dr. David von Oheimb
2020-09-11
Extend X509 cert checks and error reporting in v3_{purp,crld}.c and x509_{set...
Dr. David von Oheimb
2020-08-12
Introduce X509_add_cert[s] simplifying various additions to cert lists
Dr. David von Oheimb
2020-07-24
Add X509 related libctx changes.
Shane Lontis
2020-07-16
x509_vfy.c: Improve key usage checks in internal_verify() of cert chains
Dr. David von Oheimb
2020-07-01
Add X509_self_signed(), extending and improving documenation and tests
Dr. David von Oheimb
2020-07-01
Fix issue 1418 by moving check of KU_KEY_CERT_SIGN and weakening check_issued()
Dr. David von Oheimb
2020-07-01
Optimization and safety precaution in find_issuer() of x509_vfy.c:
Dr. David von Oheimb
2020-07-01
Refactor (without semantic changes) crypto/x509/{v3_purp.c,x509_vfy.c}
Dr. David von Oheimb
2020-07-01
Improve documentation, layout, and code comments regarding self-issued certs ...
Dr. David von Oheimb
[next]