index
:
src
cvs/HEAD
kms/intel
kms/radeon
master
OpenBSD base system
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
lib
/
libcrypto
/
x509
/
x509_verify.c
Age
Commit message (
Expand
)
Author
2023-05-07
Remove a misplaced empty line
Theo Buehler
2023-04-28
Enable policy checking by default now that we are DAG implementation based.
Bob Beck
2023-04-16
Remove some dead code from the new verifier
Theo Buehler
2023-01-20
Refactor x509v3_cache_extensions
Job Snijders
2023-01-17
Don't do policy checking unless we were asked to do so.
Bob Beck
2022-10-17
Store errors that result from leaf certificate verification.
Joel Sing
2022-08-05
Remove overly aggressive trust check in legacy verifier that breaks
Bob Beck
2022-06-28
Take away bogus error assignment before callback call.
Bob Beck
2022-06-28
Fix the legacy verifier callback behaviour for untrusted certs.
Bob Beck
2022-06-27
Allow security_level to mestastasize into the verifier
Theo Buehler
2022-06-25
Move leaf certificate checks to the last thing after chain validation.
Bob Beck
2022-04-12
KNF for a brace and zap trailing blank line
Theo Buehler
2021-11-24
In some situations, the verifier would discard the error on an unvalidated
Bob Beck
2021-11-14
Put curly brace on the correct line.
Joel Sing
2021-11-07
In X509_STORE_CTX rename the misnamed last_untrusted to num_untrusted
Theo Buehler
2021-11-04
Cache sha512 hash and parsed not_before and not_after with X509 cert.
Bob Beck
2021-10-26
Add RFC 3779 checks to both legacy and new verifier
Job Snijders
2021-09-09
When calling the legacy callback, ensure we catch the case where it
Bob Beck
2021-09-03
Call the callback on success in new verifier in a compatible way
Bob Beck
2021-08-30
Revert previous change that changed our default return for unable to
Bob Beck
2021-08-30
Fix Jan's regress in openssl/x509 to do what it says it does,
Bob Beck
2021-08-29
Don't call the verify callback twice on success.
Bob Beck
2021-08-28
Get rid of historical code to extract the roots in the legacy case.
Bob Beck
2021-08-28
Remove the "dump_chain" flag and code. This was a workaround for a problem where
Bob Beck
2021-08-19
Pull roots out of the trust store in the legacy xsc when building chains
Bob Beck
2021-08-18
Add a check_trust call to the legacy chain validation on chain add, remembering
Bob Beck
2021-08-18
Refactor the legacy chain validation from the chain adding code into its
Bob Beck
2021-07-12
Use the x509_verify_cert_cache_extensions fuction instead of manually
Bob Beck
2021-07-10
Add a bunch of workarond in the verifier to support partial chains and
Bob Beck
2021-04-28
Revert "Handle X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE in new
Theo Buehler
2021-03-13
Use EXFLAG_INVALID to handle out of memory and parse errors in
tobhe
2021-03-12
Fix checks of memory caps of constraints names
Theo Buehler
2021-02-26
Set is_trusted in x509_verify_ctx_add_chain()
Theo Buehler
2021-02-25
Rename depth to num_untrusted so it identifies what it actually represents.
Joel Sing
2021-02-25
Avoid passing last and depth to x509_verify_cert_error() on ENOMEM.
Joel Sing
2021-02-24
Make the new validator check for EXFLAG_CRITICAL
Theo Buehler
2021-01-09
Set chain on xsc on chain build failure.
Joel Sing
2021-01-09
Bail out early after finding an single chain if we are have been called from
Bob Beck
2021-01-08
search the intermediates only after searching the root certs, clarify
Bob Beck
2021-01-05
Handle X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE in new verifier.
Joel Sing
2021-01-05
Gracefully handle root certificates being both trusted and untrusted.
Joel Sing
2020-12-16
Remove two reduntat memset calls.
Theo Buehler
2020-11-18
Plug leak in x509_verify_chain_dup()
Theo Buehler
2020-11-18
zap ugly empty line before closing brace
Theo Buehler
2020-11-16
Use X509_V_OK instead of 0.
Joel Sing
2020-11-16
Add back an X509_STORE_CTX error code assignment.
Joel Sing
2020-11-15
Return the specific failure for a "self signed certificate" in the chain
Bob Beck
2020-11-11
Handle additional certificate error cases in new X.509 verifier.
Joel Sing
2020-11-03
Fix bad indent.
Joel Sing
2020-11-03
Hook X509_STORE_CTX get_issuer() callback from new X509 verifier.
Joel Sing
[next]