aboutsummaryrefslogtreecommitdiff
path: root/crypto/x509/x509_vfy.c
AgeCommit message (Expand)AuthorFilesLines
2016-08-23Add some sanity checks when checking CRL scoresMatt Caswell1-2/+2
2016-08-19Constify certificate and CRL time routines.Dr. Stephen Henson1-9/+9
2016-08-05spelling fixes, just comments and readme.klemens1-1/+1
2016-08-03Don't check any revocation info on proxy certificatesRichard Levitte1-0/+3
2016-07-29Fix CRL time comparison.Dr. Stephen Henson1-1/+5
2016-07-26Remove current_method from X509_STORE_CTXDr. Stephen Henson1-1/+0
2016-07-25Add setter and getter for X509_STORE's check_policyRichard Levitte1-2/+5
2016-07-25Add getters / setters for the X509_STORE_CTX and X509_STORE functionsRichard Levitte1-14/+58
2016-07-22Use newest CRL.Dr. Stephen Henson1-6/+14
2016-07-12Perform DANE-EE(3) name checks by defaultViktor Dukhovni1-0/+4
2016-07-11Add nameConstraints commonName checking.Dr. Stephen Henson1-0/+4
2016-06-30Remove the envvar hack to enable proxy cert processingRichard Levitte1-6/+0
2016-06-29Whitespace cleanup in cryptoFdaSilvaYY1-1/+1
2016-06-20Fix proxy certificate pathlength verificationRichard Levitte1-4/+18
2016-06-20Check that the subject name in a proxy cert complies to RFC 3820Richard Levitte1-0/+73
2016-05-18Ensure verify error is set when X509_verify_cert() failsViktor Dukhovni1-9/+38
2016-05-17X509_STORE_CTX accessors.Rich Salz1-2/+2
2016-05-17Copyright consolidation 09/10Rich Salz1-54/+6
2016-05-09fix tab-space mixed indentationFdaSilvaYY1-3/+3
2016-05-03Drop duplicate ctx->verify_cb assignmentViktor Dukhovni1-4/+3
2016-04-28Implement X509_STORE_CTX_set_current_cert() accessorViktor Dukhovni1-0/+5
2016-04-27Future proof build_chain() in x509_vfy.cViktor Dukhovni1-1/+14
2016-04-25Added missing X509_STORE_CTX_set_error_depth() accessorViktor Dukhovni1-0/+5
2016-04-18Rename some lowercase API'sRich Salz1-2/+2
2016-04-16Add X509_STORE_CTX_set0_untrusted function.Dr. Stephen Henson1-0/+5
2016-04-15Make many X509_xxx types opaque.Rich Salz1-9/+35
2016-04-08Add SSL_DANE typedef for consistency.Rich Salz1-9/+9
2016-04-03Move peer chain security checks into x509_vfy.cViktor Dukhovni1-26/+134
2016-04-03Tidy up x509_vfy callback handlingViktor Dukhovni1-286/+217
2016-03-29Require intermediate CAs to have basicConstraints CA:true.Viktor Dukhovni1-1/+2
2016-03-20Add a comment on dane_verify() logicViktor Dukhovni1-1/+13
2016-03-08Convert CRYPTO_LOCK_X509_* to new multi-threading APIAlessandro Ghedini1-1/+2
2016-02-10Deprecate the -issuer_checks debugging optionViktor Dukhovni1-10/+1
2016-02-08Suppress DANE TLSA reflection when verification failsViktor Dukhovni1-5/+3
2016-02-05GH601: Various spelling fixes.FdaSilvaYY1-2/+2
2016-02-05Ensure correct chain depth for policy checks with DANE bare key TAViktor Dukhovni1-0/+19
2016-02-05Long overdue cleanup of X509 policy tree verificationViktor Dukhovni1-3/+7
2016-01-31Compat self-signed trust with reject-only aux dataViktor Dukhovni1-7/+19
2016-01-31Check chain extensions also for trusted certificatesViktor Dukhovni1-33/+85
2016-01-26Remove /* foo.c */ commentsRich Salz1-1/+0
2016-01-20Check Suite-B constraints with EE DANE recordsViktor Dukhovni1-24/+31
2016-01-18Drop cached certificate signature validity flagViktor Dukhovni1-5/+1
2016-01-15Add lookup_certs for a trusted stack.Dr. Stephen Henson1-0/+21
2016-01-14Cosmetic polish for last-resort depth 0 checkViktor Dukhovni1-5/+5
2016-01-14Fix last-resort depth 0 check when the chain has multiple certificatesViktor Dukhovni1-4/+9
2016-01-14Always initialize X509_STORE_CTX get_crl pointerViktor Dukhovni1-0/+2
2016-01-07DANE support for X509_verify_cert()Viktor Dukhovni1-9/+399
2016-01-05DANE support structures, constructructors and accessorsViktor Dukhovni1-0/+7
2016-01-03Fix X509_STORE_CTX_cleanup()Viktor Dukhovni1-17/+21
2016-01-03X509_verify_cert() cleanupViktor Dukhovni1-343/+396
generated by cgit v1.1 at 2024-07-13 02:35:51 +0000