summaryrefslogtreecommitdiff
path: root/lib/libcrypto/x509
AgeCommit message (Expand)Author
2022-11-29Add missing X509_V_ERR_UNSPECIFIED caseTheo Buehler
2022-11-29Fix some KNF issuesTheo Buehler
2022-11-29Make X509_verify_cert_error_string() thread safeTheo Buehler
2022-11-28Fix NULL dereference in x509_constraints_uri_host()Theo Buehler
2022-11-26Make header guards of internal headers consistentTheo Buehler
2022-11-26Make internal header file names consistentTheo Buehler
2022-11-17Revert "Check certificate extensions in trusted certificates"Bob Beck
2022-11-14Hide public symbols in libcrypto/x509 .c filesBob Beck
2022-11-13Fix comment styleTheo Buehler
2022-11-13Check certificate extensions in trusted certificates.Bob Beck
2022-11-12Hide symbols in libcrypto/pkcs7Bob Beck
2022-11-11Start CBS-ifying the name constraints code.Bob Beck
2022-11-10Allow explicit cert trusts or distrusts for EKU anyBob Beck
2022-11-07White space KNF, no code change:Ingo Schwarze
2022-10-17Store errors that result from leaf certificate verification.Joel Sing
2022-09-03Prepare to provide OPENSSL_cleanup.Joel Sing
2022-08-31Switch loop bounds from size_t to int in check_hosts()Theo Buehler
2022-08-18Allow empty attribute sets in CSRsTheo Buehler
2022-08-15Add missing RCS tag and zap a trailing spaceTheo Buehler
2022-08-05Remove overly aggressive trust check in legacy verifier that breaksBob Beck
2022-07-30Untangle two logic chains in x509_asid.c into something more readable.Theo Buehler
2022-07-24Plug leak in X509V3_add1_i2d()Theo Buehler
2022-07-12Remove mkerr.pl remnants from LibreSSLKlemens Nanni
2022-07-07Expose new API in headers.Theo Buehler
2022-07-05Add missing X509_V_ERR_ strings using the ones from OpenSSL.Theo Buehler
2022-07-04Prepare to provide X509_VERIFY_PARAM_get_time()Theo Buehler
2022-06-28Take away bogus error assignment before callback call.Bob Beck
2022-06-28Fix the legacy verifier callback behaviour for untrusted certs.Bob Beck
2022-06-27Correct misleading comment for URI parsingBob Beck
2022-06-27Add function to free all of the issuer cache.Bob Beck
2022-06-27Allow security_level to mestastasize into the verifierTheo Buehler
2022-06-27Prepare to provide X509_VERIFY_PARAM_set_auth_level()Theo Buehler
2022-06-26Fix URI name constraints, allow for URI's with no host part.Bob Beck
2022-06-26whitespaceTheo Buehler
2022-06-25Move leaf certificate checks to the last thing after chain validation.Bob Beck
2022-05-25Remove an unnecessary XXX comment. The suggested check is part ofTheo Buehler
2022-05-20Don't pass uninitialized pointer to ASN1_STRING_to_UTF8()Theo Buehler
2022-05-17Rewrite make_addressRange() using CBSTheo Buehler
2022-05-17Simplify make_addressPrefix()Theo Buehler
2022-05-12Small readability tweak suggested by jsingTheo Buehler
2022-05-12Rewrite and fix X509v3_asid_subset()Theo Buehler
2022-05-10X509_check_ca() has 5 return values but still can't failTheo Buehler
2022-05-09Simplify X509_ATTRIBUTE ASN.1 encoding.Joel Sing
2022-04-21Clarify comments at the start of {asid,addr}_validate_path_internal()Theo Buehler
2022-04-21Avoid expensive RFC 3779 checks during cert verificationTheo Buehler
2022-04-21Fix X509_get_extension_flags()Theo Buehler
2022-04-12KNF for a brace and zap trailing blank lineTheo Buehler
2022-03-26name constraints: be more careful with NULsTheo Buehler
2022-03-16Make gcc 4 happier about x509_addr.cTheo Buehler
2022-03-14Allow constraints of the form @domain.comTheo Buehler