summaryrefslogtreecommitdiffstats
path: root/crypto/x509/x509_vfy.c
AgeCommit message (Expand)Author
2015-03-24Fix verify algorithm.Dr. Stephen Henson
2015-02-25Add flag to inhibit checking for alternate certificate chains. Setting thisMatt Caswell
2015-02-25In certain situations the server provided certificate chain may no longer beMatt Caswell
2015-02-09Remove obsolete IMPLEMENT_ASN1_SET_OFDr. Stephen Henson
2015-02-08Final (for me, for now) dead code cleanupRich Salz
2015-02-06util/mkstack.pl now generates entire safestack.hRich Salz
2015-01-27OPENSSL_NO_xxx cleanup: RFC3779Rich Salz
2015-01-27OPENSSL_NO_xxx cleanup: many removalsRich Salz
2015-01-22More comment realignmentmaster-post-reformatMatt Caswell
2015-01-22Run util/openssl-format-source -v -c .Matt Caswell
2015-01-22Further comment changes for reformat (master)Matt Caswell
2015-01-06Further comment amendments to preserve formatting prior to source reformatMatt Caswell
2014-09-08RT2841: Extra return in check_issuedPaul Suhler
2014-08-15RT2751: Declare get_issuer_sk() earlier.Rich Salz
2014-07-07Update API to use (char *) for email addresses and hostnamesViktor Dukhovni
2014-07-06Set optional peername when X509_check_host() succeeds.Viktor Dukhovni
2014-06-23One more typo when changing !result to result <= 0Viktor Dukhovni
2014-06-22Fix typo in last commitViktor Dukhovni
2014-06-22Multiple verifier reference identities.Viktor Dukhovni
2014-06-22X509_check_mumble() failure is <= 0, not just 0Viktor Dukhovni
2014-06-22Drop hostlen from X509_VERIFY_PARAM_ID.Viktor Dukhovni
2014-05-25Don't use expired certificates if possible.Dr. Stephen Henson
2014-05-25Rename vpm_int.h to x509_lcl.hDr. Stephen Henson
2014-05-21Fixes to host checking.Viktor Dukhovni
2014-03-03For self signed root only indicate one error.Dr. Stephen Henson
2014-02-14Include TA in checks/callback with partial chains.Dr. Stephen Henson
2014-02-14Don't do loop detection for self signed check.Dr. Stephen Henson
2014-01-09Fix bug in X509_V_FLAG_IGNORE_CRITICAL CRL handling.Dr. Stephen Henson
2013-12-13Add opaque ID structure.Dr. Stephen Henson
2013-12-13Fix for partial chain notification.Dr. Stephen Henson
2013-09-08Partial path fix.Dr. Stephen Henson
2013-07-12Fix verify loop with CRL checking.Dr. Stephen Henson
2013-01-06Fix warning.Ben Laurie
2012-12-21Make partial chain checking work if we only have the EE certificate inDr. Stephen Henson
2012-12-13New verify flag to return success if we have any certificate in theDr. Stephen Henson
2012-12-06Fix two bugs which affect delta CRL handling:Dr. Stephen Henson
2012-12-05Integrate host, email and IP address checks into X509_verify.Dr. Stephen Henson
2012-12-04initial support for delta CRL generations by diffing two full CRLsDr. Stephen Henson
2012-08-03Rename Suite B functions for consistency.Dr. Stephen Henson
2012-08-03add suite B chain validation flags and associated verify errorsDr. Stephen Henson
2012-03-05don't do loop check for single self signed certificateDr. Stephen Henson
2011-09-23PR: 2606Dr. Stephen Henson
2011-09-06Initialise X509_STORE_CTX properly so CRLs with nextUpdate date in the pastDr. Stephen Henson
2010-12-25avoid verification loops in trusted store when path buildingDr. Stephen Henson
2010-11-02Submitted by: Jonathan Dixon <joth@chromium.org>Dr. Stephen Henson
2010-02-25add -trusted_first option and verify flagDr. Stephen Henson
2010-02-25tidy verify code. xn not used any more and check for self signed more efficie...Dr. Stephen Henson
2010-02-25Experimental support for partial chain verification: if an intermediateDr. Stephen Henson
2009-11-17PR: 2103Dr. Stephen Henson
2009-10-31Add missing functions to allow access to newer X509_STORE_CTX statusDr. Stephen Henson
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-21 19:55:52 +0000