summaryrefslogtreecommitdiff
path: root/lib/libcrypto/x509
AgeCommit message (Expand)Author
2020-11-18Move freeing of the verify context to its natural place instead ofTheo Buehler
2020-11-18KNF (whitespace)Theo Buehler
2020-11-16Use X509_V_OK instead of 0.Joel Sing
2020-11-16Add back an X509_STORE_CTX error code assignment.Joel Sing
2020-11-15Return the specific failure for a "self signed certificate" in the chainBob Beck
2020-11-11Handle additional certificate error cases in new X.509 verifier.Joel Sing
2020-11-03Fix bad indent.Joel Sing
2020-11-03Hook X509_STORE_CTX get_issuer() callback from new X509 verifier.Joel Sing
2020-10-26Add a safety net to ensure that we set an error on the store context.Theo Buehler
2020-10-26If x509_verify() fails, ensure that the error is also set on the storeTheo Buehler
2020-10-26Make sure that x509_vfy_check_id() failure also sets ctx->error, not onlyTheo Buehler
2020-09-26Ensure leaf is set up on X509_STORE_CTX before verification.Joel Sing
2020-09-26jumping into the x509 fray with a bunch of whitespace repairTheo de Raadt
2020-09-23Ensure chain is set on the X509_STORE_CTX before triggering callback.Joel Sing
2020-09-21Fix some line wrapping and other whitespace issues.Theo Buehler
2020-09-21Move freeing and zeroing up to right after the while loop.Theo Buehler
2020-09-20Avoid memleak caused by shadowingTheo Buehler
2020-09-20KNF/whitespace nitsTheo Buehler
2020-09-20Correct a 1 byte read overflow in x509_contraints_uri and addBob Beck
2020-09-20Fix a memory leak in x509_constraints_extract_namesTheo Buehler
2020-09-19remove superfluous NULL checkBob Beck
2020-09-18Fix potential overflow in CN subject line parsing, thanks toBob Beck
2020-09-16revert my putting this on a diet. sadly the NAME_CONSTRAINTS_checkBob Beck
2020-09-16noop NAME_CONSTRAINTS_check stubKinichiro Inoguchi
2020-09-16Make check in x509_verify_ctx_set_max_signatures() consistent with others.Joel Sing
2020-09-16Dedup code in x509_verify_ctx_new_from_xsc().Joel Sing
2020-09-15set error_depth and current_cert to make more legacy callbacks that don't checkBob Beck
2020-09-15Deduplicate the time validation code between the legacy and newBob Beck
2020-09-15ifdef out code that is no longer used in here. once we are certainBob Beck
2020-09-14Set error if we are given an NULL ctx in x509_verify, and set errorBob Beck
2020-09-14nuke a stray spaceTheo Buehler
2020-09-14Fix potential leak when tmpext fails to be added toBob Beck
2020-09-14remove unneeded variable "type".Bob Beck
2020-09-14Don't leak names on successBob Beck
2020-09-14remove unneded variable "time1"Bob Beck
2020-09-14remove unneded variable "time"Bob Beck
2020-09-14fix bug introduced on review where refactor made it possible toBob Beck
2020-09-14re-enable new x509 chain verifier as the defaultBob Beck
2020-09-14Correctly fix double free introduced on review.Bob Beck
2020-09-14Fix double free - review moved the pop_free of roots to x509_verify_ctx_freeBob Beck
2020-09-14revert previous, need to fix a problemBob Beck
2020-09-14Enable the use of the new x509 chain validator by default.Bob Beck
2020-09-13Add new x509 certificate chain validator in x509_verify.cBob Beck
2020-09-12Change over to use the new x509 name constraints verification.Bob Beck
2020-09-11Add x509_constraints.c - a new implementation of x509 name constraints, withBob Beck
2020-09-11Add issuer cache, to be used by upcoming changes to validation code.Bob Beck
2020-06-05Remove remaining error *_str_functs[]Joel Sing
2020-06-05One error file per directory is plenty.Joel Sing
2020-06-04Collapse the x509v3 directory into x509.Joel Sing
2020-05-31When building a chain look for non-expired certificates first.Joel Sing
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-22 16:55:09 +0000