summaryrefslogtreecommitdiffstats
path: root/crypto/x509/x509_vfy.c
AgeCommit message (Expand)Author
2016-05-19Ensure verify error is set when X509_verify_cert() failsViktor Dukhovni
2016-02-05Fix missing ok=0 with locally blacklisted CAsViktor Dukhovni
2016-01-02Fix X509_STORE_CTX_cleanup()Viktor Dukhovni
2015-09-02Better handling of verify param id peername fieldViktor Dukhovni
2015-08-28GH354: Memory leak fixesAlessandro Ghedini
2015-08-14Fix 1.0.2 build breakRich Salz
2015-08-13GH364: Free memory on an error pathIsmo Puustinen
2015-07-07Reject calls to X509_verify_cert that have not been reinitialisedMatt Caswell
2015-07-07Fix alternate chains certificate forgery issueMatt Caswell
2015-06-11Fix length checks in X509_cmp_time to avoid out-of-bounds reads.Emilia Kasper
2015-05-13Add NULL checks from masterRich Salz
2015-04-29Revert "Fix verify algorithm."Matt Caswell
2015-04-20Fix verify algorithm.Dr. Stephen Henson
2015-04-20Add flag to inhibit checking for alternate certificate chains. Setting thisMatt Caswell
2015-04-20In certain situations the server provided certificate chain may no longer beMatt Caswell
2015-01-22Re-align some comments after running the reformat script.OpenSSL_1_0_2-post-reformatMatt Caswell
2015-01-22Run util/openssl-format-source -v -c .Matt Caswell
2015-01-22Additional comment changes for reformat of 1.0.2Matt Caswell
2015-01-22Further comment amendments to preserve formatting prior to source reformatMatt Caswell
2014-09-08RT2841: Extra return in check_issuedPaul Suhler
2014-07-07Update API to use (char *) for email addresses and hostnamesViktor Dukhovni
2014-07-07Set optional peername when X509_check_host() succeeds.Viktor Dukhovni
2014-07-07One more typo when changing !result to result <= 0Viktor Dukhovni
2014-07-07Fix typo in last commitViktor Dukhovni
2014-07-07Multiple verifier reference identities.Viktor Dukhovni
2014-06-25X509_check_mumble() failure is <= 0, not just 0Viktor Dukhovni
2014-06-25Drop hostlen from X509_VERIFY_PARAM_ID.Viktor Dukhovni
2014-05-21Fixes to host checking.Viktor Dukhovni
2014-03-03For self signed root only indicate one error.Dr. Stephen Henson
2014-02-14Include TA in checks/callback with partial chains.Dr. Stephen Henson
2014-02-14Add cert_self_signed function to simplify verifyDr. Stephen Henson
2014-02-14Simplify X509_STORE_CTX_get1_chain (from master).Dr. Stephen Henson
2014-01-09Fix bug in X509_V_FLAG_IGNORE_CRITICAL CRL handling.Dr. Stephen Henson
2013-12-13Add opaque ID structure.Dr. Stephen Henson
2013-12-13Fix for partial chain notification.Dr. Stephen Henson
2013-09-08Partial path fix.Dr. Stephen Henson
2013-08-06Fix verify loop with CRL checking.Dr. Stephen Henson
2013-01-17initial support for delta CRL generations by diffing two full CRLsDr. Stephen Henson
2013-01-06Fix warning.Ben Laurie
2012-12-26add suite B chain validation flags and associated verify errorsDr. Stephen Henson
2012-12-26Revert incompatible OCSP_basic_verify changes.Dr. Stephen Henson
2012-12-19Integrate host, email and IP address checks into X509_verify.Dr. Stephen Henson
2012-12-14New verify flag to return success if we have any certificate in the trustedDr. Stephen Henson
2012-12-14Backport OCSP fixes.Ben Laurie
2012-12-06Fix two bugs which affect delta CRL handling:Dr. Stephen Henson
2012-09-26add -trusted_first option and verify flag (backport from HEAD)Dr. Stephen Henson
2011-09-23PR: 2606Dr. Stephen Henson
2011-09-06Initialise X509_STORE_CTX properly so CRLs with nextUpdate date in the pastDr. Stephen Henson
2011-06-09Fix warnings.Ben Laurie
2010-11-02Submitted by: Jonathan Dixon <joth@chromium.org>Dr. Stephen Henson
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-04 02:40:47 +0000