summaryrefslogtreecommitdiff
path: root/lib/libcrypto/x509
AgeCommit message (Expand)Author
2021-04-15Switch back to the legacy verifier for the release.Theo Buehler
2021-04-05Don't leak param->name in x509_verify_param_zero()Theo Buehler
2021-03-31Provide missing prototype for d2i_DSAPrivateKey_fp(3)Theo Buehler
2021-03-19Fix copy-paste error in previousTheo Buehler
2021-03-13Use EXFLAG_INVALID to handle out of memory and parse errors intobhe
2021-03-12Zap a useless variable.Theo Buehler
2021-03-12Missing void in function definitionTheo Buehler
2021-03-12Fix checks of memory caps of constraints namesTheo Buehler
2021-02-26Set is_trusted in x509_verify_ctx_add_chain()Theo Buehler
2021-02-25Fix two bugs in the legacy verifierTheo Buehler
2021-02-25Rename depth to num_untrusted so it identifies what it actually represents.Joel Sing
2021-02-25Avoid passing last and depth to x509_verify_cert_error() on ENOMEM.Joel Sing
2021-02-24Fix comment explaining last_untrusted. This should really be calledTheo Buehler
2021-02-24Make the new validator check for EXFLAG_CRITICALTheo Buehler
2021-02-11KNFTheo Buehler
2021-01-09Set chain on xsc on chain build failure.Joel Sing
2021-01-09Bail out early after finding an single chain if we are have been called fromBob Beck
2021-01-08search the intermediates only after searching the root certs, clarifyBob Beck
2021-01-05Handle X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE in new verifier.Joel Sing
2021-01-05Gracefully handle root certificates being both trusted and untrusted.Joel Sing
2020-12-16Remove two reduntat memset calls.Theo Buehler
2020-12-16Fix some KNF issuesTheo Buehler
2020-12-08Fix a NULL dereference in GENERAL_NAME_cmp()Theo Buehler
2020-11-25Avoid undefined behavior due to memcpy(NULL, NULL, 0)Theo Buehler
2020-11-18Plug leak in x509_verify_chain_dup()Theo Buehler
2020-11-18Plug a big memory leak in the new validatorTheo Buehler
2020-11-18zap ugly empty line before closing braceTheo Buehler
2020-11-18Move freeing of the verify context to its natural place instead ofTheo Buehler
2020-11-18KNF (whitespace)Theo Buehler
2020-11-16Use X509_V_OK instead of 0.Joel Sing
2020-11-16Add back an X509_STORE_CTX error code assignment.Joel Sing
2020-11-15Return the specific failure for a "self signed certificate" in the chainBob Beck
2020-11-11Handle additional certificate error cases in new X.509 verifier.Joel Sing
2020-11-03Fix bad indent.Joel Sing
2020-11-03Hook X509_STORE_CTX get_issuer() callback from new X509 verifier.Joel Sing
2020-10-26Add a safety net to ensure that we set an error on the store context.Theo Buehler
2020-10-26If x509_verify() fails, ensure that the error is also set on the storeTheo Buehler
2020-10-26Make sure that x509_vfy_check_id() failure also sets ctx->error, not onlyTheo Buehler
2020-09-26Ensure leaf is set up on X509_STORE_CTX before verification.Joel Sing
2020-09-26jumping into the x509 fray with a bunch of whitespace repairTheo de Raadt
2020-09-23Ensure chain is set on the X509_STORE_CTX before triggering callback.Joel Sing
2020-09-21Fix some line wrapping and other whitespace issues.Theo Buehler
2020-09-21Move freeing and zeroing up to right after the while loop.Theo Buehler
2020-09-20Avoid memleak caused by shadowingTheo Buehler
2020-09-20KNF/whitespace nitsTheo Buehler
2020-09-20Correct a 1 byte read overflow in x509_contraints_uri and addBob Beck
2020-09-20Fix a memory leak in x509_constraints_extract_namesTheo Buehler
2020-09-19remove superfluous NULL checkBob Beck
2020-09-18Fix potential overflow in CN subject line parsing, thanks toBob Beck
2020-09-16revert my putting this on a diet. sadly the NAME_CONSTRAINTS_checkBob Beck