summaryrefslogtreecommitdiff
path: root/lib/libcrypto
AgeCommit message (Expand)Author
2020-09-25Move variable declaration to the top of UI_set_result and ditchTheo Buehler
2020-09-25The default branch of a switch somehow got moved inside of a pointlessTheo Buehler
2020-09-25Simplify call to ERR_print_errors_cb()Theo Buehler
2020-09-24Error out if ok_chars and cancel_chars overlapTheo Buehler
2020-09-24Fix a number of leaks in the UI_dup_* functionsTheo Buehler
2020-09-24Push ERR_R_MALLOC_FAILURE onto the error stackTheo Buehler
2020-09-24Make free_strings() NULL safeTheo Buehler
2020-09-24KNF and grammar tweaks for comments; wrap a few overlong prototypes.Theo Buehler
2020-09-23Ensure chain is set on the X509_STORE_CTX before triggering callback.Joel Sing
2020-09-21Fix some line wrapping and other whitespace issues.Theo Buehler
2020-09-21Move freeing and zeroing up to right after the while loop.Theo Buehler
2020-09-20Avoid memleak caused by shadowingTheo Buehler
2020-09-20KNF/whitespace nitsTheo Buehler
2020-09-20Correct a 1 byte read overflow in x509_contraints_uri and addBob Beck
2020-09-20Fix a memory leak in x509_constraints_extract_namesTheo Buehler
2020-09-19remove superfluous NULL checkBob Beck
2020-09-18Fix potential overflow in CN subject line parsing, thanks toBob Beck
2020-09-17Add a comment saying that the public function NAME_CONSTRAINTS_check(3)Ingo Schwarze
2020-09-17Install the new page SSL_set1_host(3), link to it from relevant places,Ingo Schwarze
2020-09-16revert my putting this on a diet. sadly the NAME_CONSTRAINTS_checkBob Beck
2020-09-16noop NAME_CONSTRAINTS_check stubKinichiro Inoguchi
2020-09-16Make check in x509_verify_ctx_set_max_signatures() consistent with others.Joel Sing
2020-09-16Dedup code in x509_verify_ctx_new_from_xsc().Joel Sing
2020-09-15set error_depth and current_cert to make more legacy callbacks that don't checkBob Beck
2020-09-15Deduplicate the time validation code between the legacy and newBob Beck
2020-09-15ifdef out code that is no longer used in here. once we are certainBob Beck
2020-09-14simplify RETURN VALUES for x509_verify(3) after beck@ made the rulesIngo Schwarze
2020-09-14Add initial man page for new x509_verify chain validatorBob Beck
2020-09-14Set error if we are given an NULL ctx in x509_verify, and set errorBob Beck
2020-09-14nuke a stray spaceTheo Buehler
2020-09-14Fix potential leak when tmpext fails to be added toBob Beck
2020-09-14remove unneeded variable "type".Bob Beck
2020-09-14Don't leak names on successBob Beck
2020-09-14remove unneded variable "time1"Bob Beck
2020-09-14remove unneded variable "time"Bob Beck
2020-09-14fix bug introduced on review where refactor made it possible toBob Beck
2020-09-14re-enable new x509 chain verifier as the defaultBob Beck
2020-09-14Correctly fix double free introduced on review.Bob Beck
2020-09-14Fix double free - review moved the pop_free of roots to x509_verify_ctx_freeBob Beck
2020-09-14revert previous, need to fix a problemBob Beck
2020-09-14Enable the use of the new x509 chain validator by default.Bob Beck
2020-09-13Add new x509 certificate chain validator in x509_verify.cBob Beck
2020-09-12Unindent a bit of code that performs a few too many checks toTheo Buehler
2020-09-12Avoid an out-of-bounds access in BN_rand()Theo Buehler
2020-09-12Change over to use the new x509 name constraints verification.Bob Beck
2020-09-12Include machine/endian.h in gost2814789.cKinichiro Inoguchi
2020-09-11Add x509_constraints.c - a new implementation of x509 name constraints, withBob Beck
2020-09-11Add issuer cache, to be used by upcoming changes to validation code.Bob Beck
2020-09-09Import latest OPENSSL_NO_* flags from OpenSSL 1.1.1gKinichiro Inoguchi
2020-09-08Mention that EC_KEY_get0_public_key returns a public key.Theo Buehler