| Age | Commit message (Expand) | Author |
|---|
| 2019-03-06 | Typo in comment. | Theo Buehler |
| 2018-08-19 | Don't leak sktmp in X509_verify_cert(). | Theo Buehler |
| 2018-04-08 | Fail early if an X509_VERIFY_PARAM is poisoned - don't allow | Bob Beck |
| 2018-04-06 | poison for X509_VERIFY_PARAM's | Bob Beck |
| 2018-02-22 | Provide X509_STORE_CTX_get0_chain() and X509_STORE_CTX_get0_store(). | Joel Sing |
| 2018-02-14 | Provide X509_STORE_CTX_get0_{cert,untrusted}() and | Joel Sing |
| 2017-08-27 | Make the symbol for ASN1_time_tm_clamp_notafter visible so libtls | Bob Beck |
| 2017-08-13 | Add ability to clamp a notafter to values representable in a 32 bit time_t | Bob Beck |
| 2017-04-28 | Revert previous change that forced consistency between return value and | Bob Beck |
| 2017-04-28 | revert previous accidental commit | Bob Beck |
| 2017-04-28 | *** empty log message *** | Bob Beck |
| 2017-02-05 | Kill leak introduced with refactor | Bob Beck |
| 2017-01-29 | Send the function codes from the error functions to the bit bucket, | Bob Beck |
| 2017-01-21 | fix bogus comment | Bob Beck |
| 2017-01-21 | Make return value of X509_verify_cert be consistent with the error code, | Bob Beck |
| 2017-01-20 | Rework internal_verify, mostly from OpenSSL. so we can progress | Bob Beck |
| 2017-01-07 | Add and remove some blank lines, in order to make X509_verify_cert() | Joel Sing |
| 2017-01-07 | Revert part of r1.54 as there are at least two situations where we are still | Joel Sing |
| 2017-01-03 | Add a small bit of belt and suspenders around ERR_V_OK with X509_STORE_ctx | Bob Beck |
| 2017-01-03 | bring in boring's internal check_trust function to fix a bug introduced | Bob Beck |
| 2016-11-06 | Rework X509_verify_cert to support alt chains on certificate verification, | Bob Beck |
| 2016-11-04 | make public ASN1_time_parse and ASN1_time_tm_cmp to replace former hidden | Bob Beck |
| 2016-10-02 | In X509_cmp_time(), pass asn1_time_parse() the tag of the field being | Philip Guenther |
| 2016-03-11 | X509_free(3) is NULL-safe, so remove NULL checks before its calls. | Michael McConville |
| 2015-12-14 | initialize ok to 0 | Bob Beck |
| 2015-10-19 | Stop supporing "legcay" time formats that OpenSSL supports. Rewrite the | Bob Beck |
| 2015-10-02 | Flense the greasy black guts of unreadble string parsing code out of three areas | Bob Beck |
| 2015-09-14 | Add support for disabling certificate and CRL validity checking. | Joel Sing |
| 2015-07-19 | Now that it is safe to invoke X509_STORE_CTX_cleanup() if X509_STORE_CTX_init() | Miod Vallat |
| 2015-07-19 | Simplify X509_STORE_CTX_init and make it safe with stack variables. | Doug Hogan |
| 2015-06-11 | Avoid a potential out-of-bounds read in X509_cmp_time(), due to missing | Joel Sing |
| 2015-04-11 | Remove all getenv() calls, especially those wrapped by issetugid(). | Theo de Raadt |
| 2015-02-11 | More unifdef OPENSSL_NO_RFC3779 that got missed last time around. | Joel Sing |
| 2015-02-10 | The IMPLEMENT_STACK_OF and IMPLEMENT_ASN1_SET_OF macros were turned into | Joel Sing |
| 2014-09-29 | check_cert(): be sure to reset ctx->current_crl to NULL before freeing it. | Miod Vallat |
| 2014-07-17 | Free sktmp when it's no longer needed. By doing so, we fix a bunch of memory ... | Loganaden Velvindron |
| 2014-07-12 | jsing and I are investigating removal of all? most? 'getenv from library' | Theo de Raadt |
| 2014-07-12 | Principle of least surprise: make CMAC_CTX_free(), OCSP_REQ_CTX_free() and | Miod Vallat |
| 2014-07-11 | When looking for the issuer of a certificate, if the current candidate is | Miod Vallat |
| 2014-07-11 | Only import cryptlib.h in the four source files that actually need it. | Joel Sing |
| 2014-07-10 | Explicitly include <openssl/opensslconf.h> in every file that references | Joel Sing |
| 2014-07-10 | Stop including standard headers via cryptlib.h - pull in the headers that | Joel Sing |
| 2014-07-09 | remove unused, private version strings except SSL_version_str | Brent Cook |
| 2014-06-20 | wrap getenv OPENSSL_ALLOW_PROXY_CERTS in an issetugid check, to protect | Theo de Raadt |
| 2014-06-19 | check stack push return and make some effort to clean up. ok beck miod | Ted Unangst |
| 2014-06-12 | tags as requested by miod and tedu | Theo de Raadt |
| 2014-05-25 | calloc instead of malloc/memset. from Benjamin Baier | Ted Unangst |
| 2014-04-20 | KNF. | Joel Sing |
| 2014-04-18 | blunt force knf | Ted Unangst |
| 2014-04-17 | Change library to use intrinsic memory allocation functions instead of | Bob Beck |
