summaryrefslogtreecommitdiffstats
path: root/ssl/ssl_cert.c
AgeCommit message (Expand)Author
2022-04-27Add SSL_(CTX_)?get0_(verify|chain)_cert_store functionsHugo Landau
2022-03-15Update copyright yearMatt Caswell
2022-03-02[ssl] Add SSL_kDHEPSK and SSL_kECDHEPSK as PFS ciphersuites for SECLEVEL >= 3Nicola Tuveri
2022-03-02[ssl] Prefer SSL_k(EC)?DHE to the SSL_kE(EC)?DH aliasNicola Tuveri
2021-12-14Fix invalid handling of verify errors in libsslMatt Caswell
2021-11-16BIO_read_filename: fix return checkPeiwei Hu
2021-06-23cross-reference the DH and RSA SECLEVEL to level of security mappingsHubert Kario
2021-06-19ssl: do not choose auto DH groups that are weaker than the security levelPauli
2021-03-03Fix NULL access in ssl_build_cert_chain() when ctx is NULL.Shane Lontis
2021-02-05Remove OPENSSL_NO_DH guards from libsslMatt Caswell
2021-01-28Update copyright yearRichard Levitte
2021-01-13Add X509_NAME_hash_ex() to be able to check if it failed due to unsupported SHA1Dr. David von Oheimb
2020-11-18Only disabled what we need to in a no-dh buildMatt Caswell
2020-11-11SSL: refactor all SSLfatal() callsRichard Levitte
2020-11-11Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() callRichard Levitte
2020-10-15Rename OPENSSL_CTX prefix to OSSL_LIB_CTXDr. Matthias St. Pierre
2020-10-01Run the withlibctx.pl scriptMatt Caswell
2020-09-13Fix safestack issues in x509.hMatt Caswell
2020-07-24Add X509 related libctx changes.Shane Lontis
2020-05-15SSL: refactor ssl_cert_lookup_by_pkey() to work with provider side keysRichard Levitte
2020-04-30coverity 1462581 Dereference after null checkPauli
2020-04-24In OpenSSL builds, declare STACK for datatypes ...Rich Salz
2020-04-23Update copyright yearMatt Caswell
2020-04-08Use X509_STORE_CTX_new_with_libctx() in libsslMatt Caswell
2020-03-30Explicitly cache X509v3 extensions in libsslMatt Caswell
2019-11-12SSL: Document SSL_add_{file,dir,store}_cert_subjects_to_stack()Richard Levitte
2019-11-03X509_LOOKUP_store: new X509_LOOKUP_METHOD that works by OSSL_STORE URIRichard Levitte
2019-09-28Reorganize local header filesDr. Matthias St. Pierre
2019-08-02Replace FUNCerr with ERR_raise_dataRich Salz
2019-07-22Deprecate SYSerr, add new FUNCerr macroRich Salz
2019-07-22Add ERR_put_func_error, and use it.Rich Salz
2019-06-26Move 'shared_sigalgs' from cert_st to ssl_stBenjamin Kaduk
2019-04-29Collapse ssl3_state_st (s3) into ssl_stTodd Short
2018-12-06Following the license change, modify the boilerplates in ssl/Richard Levitte
2018-11-12Separate ca_names handling for client and serverMatt Caswell
2018-11-10Unbreak SECLEVEL 3 regression causing it to not accept any ciphers.Tomas Mraz
2018-09-03Rename SSL[_CTX]_add1_CA_list -> SSL[_CTX]_add1_to_CA_listRichard Levitte
2018-08-22Allow TLS-1.3 ciphersuites in @SECLEVEL=3 and aboveTomas Mraz
2018-07-18Check that the public key OID matches the sig algMatt Caswell
2018-03-27Allow NULL for some _free routines.Rich Salz
2018-03-27Remove some code for a contributor that we cannot findMatt Caswell
2018-01-09Update copyright years on all files merged since Jan 1st 2018Richard Levitte
2018-01-08Avoid only exact duplicates when creating the accepted CA names listTomas Mraz
2017-12-07Consistent formatting for sizeof(foo)Rich Salz
2017-10-26Simplify the stack reservationPaul Yang
2017-10-20Various clean-upsKaoruToda
2017-10-18Remove parentheses of return.KaoruToda
2017-10-10crypto/x509v3/v3_utl.c, ssl/ssl_cert.c: fix Coverity problems.Andy Polyakov
2017-09-29Remove unnecessary #include <openssl/lhash.h> directives.Pauli
2017-09-28Add stack space reservations.Pauli