summaryrefslogtreecommitdiffstats
path: root/crypto/x509/x509_vfy.c
AgeCommit message (Expand)Author
2016-06-29Whitespace cleanup in cryptoFdaSilvaYY
2016-06-20Fix proxy certificate pathlength verificationRichard Levitte
2016-06-20Check that the subject name in a proxy cert complies to RFC 3820Richard Levitte
2016-05-18Ensure verify error is set when X509_verify_cert() failsViktor Dukhovni
2016-05-17X509_STORE_CTX accessors.Rich Salz
2016-05-17Copyright consolidation 09/10Rich Salz
2016-05-09fix tab-space mixed indentationFdaSilvaYY
2016-05-03Drop duplicate ctx->verify_cb assignmentViktor Dukhovni
2016-04-28Implement X509_STORE_CTX_set_current_cert() accessorViktor Dukhovni
2016-04-27Future proof build_chain() in x509_vfy.cViktor Dukhovni
2016-04-25Added missing X509_STORE_CTX_set_error_depth() accessorViktor Dukhovni
2016-04-18Rename some lowercase API'sRich Salz
2016-04-16Add X509_STORE_CTX_set0_untrusted function.Dr. Stephen Henson
2016-04-15Make many X509_xxx types opaque.Rich Salz
2016-04-08Add SSL_DANE typedef for consistency.Rich Salz
2016-04-03Move peer chain security checks into x509_vfy.cViktor Dukhovni
2016-04-03Tidy up x509_vfy callback handlingViktor Dukhovni
2016-03-29Require intermediate CAs to have basicConstraints CA:true.Viktor Dukhovni
2016-03-20Add a comment on dane_verify() logicViktor Dukhovni
2016-03-08Convert CRYPTO_LOCK_X509_* to new multi-threading APIAlessandro Ghedini
2016-02-10Deprecate the -issuer_checks debugging optionViktor Dukhovni
2016-02-08Suppress DANE TLSA reflection when verification failsViktor Dukhovni
2016-02-05GH601: Various spelling fixes.FdaSilvaYY
2016-02-05Ensure correct chain depth for policy checks with DANE bare key TAViktor Dukhovni
2016-02-05Long overdue cleanup of X509 policy tree verificationViktor Dukhovni
2016-01-31Compat self-signed trust with reject-only aux dataViktor Dukhovni
2016-01-31Check chain extensions also for trusted certificatesViktor Dukhovni
2016-01-26Remove /* foo.c */ commentsRich Salz
2016-01-20Check Suite-B constraints with EE DANE recordsViktor Dukhovni
2016-01-18Drop cached certificate signature validity flagViktor Dukhovni
2016-01-15Add lookup_certs for a trusted stack.Dr. Stephen Henson
2016-01-14Cosmetic polish for last-resort depth 0 checkViktor Dukhovni
2016-01-14Fix last-resort depth 0 check when the chain has multiple certificatesViktor Dukhovni
2016-01-14Always initialize X509_STORE_CTX get_crl pointerViktor Dukhovni
2016-01-07DANE support for X509_verify_cert()Viktor Dukhovni
2016-01-05DANE support structures, constructructors and accessorsViktor Dukhovni
2016-01-03Fix X509_STORE_CTX_cleanup()Viktor Dukhovni
2016-01-03X509_verify_cert() cleanupViktor Dukhovni
2015-12-14New function X509_get0_pubkeyDr. Stephen Henson
2015-12-01ex_data part 2: doc fixes and CRYPTO_free_ex_index.Rich Salz
2015-11-26Remove X509_VERIFY_PARAM_IDDr. Stephen Henson
2015-11-09Continue standardising malloc style for libcryptoMatt Caswell
2015-10-15embed CRL serial number and signature fieldsDr. Stephen Henson
2015-09-05In X509_STORE_CTX_init, cleanup on failuremrpre
2015-09-05RT3951: Add X509_V_FLAG_NO_CHECK_TIME to suppress time checkDavid Woodhouse
2015-09-03Revert "OPENSSL_NO_xxx cleanup: RFC3779"David Woodhouse
2015-09-02Add and use OPENSSL_zallocRich Salz
2015-09-02make X509_CRL opaqueDr. Stephen Henson
2015-09-02Better handling of verify param id peername fieldViktor Dukhovni
2015-08-31Add X509_up_ref function.Dr. Stephen Henson
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-23 04:52:23 +0000