summaryrefslogtreecommitdiffstats
path: root/ssl/ssl_cert.c
AgeCommit message (Expand)Author
2023-11-27Make ssl_cert_info read-onlyHugo Landau
2023-07-01tls: update to structure based atomicsPauli
2023-04-25Fix regression of no-posix-io buildsTomas Mraz
2023-03-28RFC7250 (RPK) supportTodd Short
2023-03-15Coverity 1521490: resource leakPauli
2023-02-24first cut at sigalg loadingMichael Baentsch
2023-02-23Skip subdirectories in SSL_add_dir_cert_subjects_to_stack()olszomal
2022-10-18Add support for compressed certificates (RFC8879)Todd Short
2022-10-05Stop raising ERR_R_MALLOC_FAILURE in most placesRichard Levitte
2022-07-28SSL object refactoring using SSL_CONNECTION objectTomas Mraz
2022-05-08tls: ban SSL3, TLS1, TLS1.1 and DTLS1.0 at security level one and abovePauli
2022-05-03Update copyright yearMatt Caswell
2022-04-06Add SSL_(CTX_)?get0_(verify|chain)_cert_store functionsHugo Landau
2022-03-01[ssl] Add SSL_kDHEPSK and SSL_kECDHEPSK as PFS ciphersuites for SECLEVEL >= 3Nicola Tuveri
2022-03-01[ssl] Prefer SSL_k(EC)?DHE to the SSL_kE(EC)?DH aliasNicola Tuveri
2021-12-21add OSSL_STACK_OF_X509_free() for commonly used patternDr. David von Oheimb
2021-12-14Fix invalid handling of verify errors in libsslMatt Caswell
2021-11-16BIO_read_filename: fix return checkPeiwei Hu
2021-09-23Change TLS RC4 cipher strength check to be data driven.slontis
2021-06-23cross-reference the DH and RSA SECLEVEL to level of security mappingsHubert Kario
2021-06-19ssl: do not choose auto DH groups that are weaker than the security levelPauli
2021-03-03Fix NULL access in ssl_build_cert_chain() when ctx is NULL.Shane Lontis
2021-02-05Remove OPENSSL_NO_DH guards from libsslMatt Caswell
2021-01-28Update copyright yearRichard Levitte
2021-01-13Add X509_NAME_hash_ex() to be able to check if it failed due to unsupported SHA1Dr. David von Oheimb
2020-11-18Only disabled what we need to in a no-dh buildMatt Caswell
2020-11-11SSL: refactor all SSLfatal() callsRichard Levitte
2020-11-11Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() callRichard Levitte
2020-10-15Rename OPENSSL_CTX prefix to OSSL_LIB_CTXDr. Matthias St. Pierre
2020-10-01Run the withlibctx.pl scriptMatt Caswell
2020-09-13Fix safestack issues in x509.hMatt Caswell
2020-07-24Add X509 related libctx changes.Shane Lontis
2020-05-15SSL: refactor ssl_cert_lookup_by_pkey() to work with provider side keysRichard Levitte
2020-04-30coverity 1462581 Dereference after null checkPauli
2020-04-24In OpenSSL builds, declare STACK for datatypes ...Rich Salz
2020-04-23Update copyright yearMatt Caswell
2020-04-08Use X509_STORE_CTX_new_with_libctx() in libsslMatt Caswell
2020-03-30Explicitly cache X509v3 extensions in libsslMatt Caswell
2019-11-12SSL: Document SSL_add_{file,dir,store}_cert_subjects_to_stack()Richard Levitte
2019-11-03X509_LOOKUP_store: new X509_LOOKUP_METHOD that works by OSSL_STORE URIRichard Levitte
2019-09-28Reorganize local header filesDr. Matthias St. Pierre
2019-08-02Replace FUNCerr with ERR_raise_dataRich Salz
2019-07-22Deprecate SYSerr, add new FUNCerr macroRich Salz
2019-07-22Add ERR_put_func_error, and use it.Rich Salz
2019-06-26Move 'shared_sigalgs' from cert_st to ssl_stBenjamin Kaduk
2019-04-29Collapse ssl3_state_st (s3) into ssl_stTodd Short
2018-12-06Following the license change, modify the boilerplates in ssl/Richard Levitte
2018-11-12Separate ca_names handling for client and serverMatt Caswell
2018-11-10Unbreak SECLEVEL 3 regression causing it to not accept any ciphers.Tomas Mraz
2018-09-03Rename SSL[_CTX]_add1_CA_list -> SSL[_CTX]_add1_to_CA_listRichard Levitte
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-22 13:07:42 +0000