summaryrefslogtreecommitdiff
path: root/lib/libcrypto
AgeCommit message (Expand)Author
2021-02-12Sync cert.pem with Mozilla NSS root CAs, except "GeoTrust Global CA", ok tb@Stuart Henderson
2021-02-11KNFTheo Buehler
2021-02-03Add OID for draft-ietf-opsawg-finding-geofeedsjob
2021-02-02Add a bunch of RPKI OIDsjob
2021-01-09Set chain on xsc on chain build failure.Joel Sing
2021-01-09Bail out early after finding an single chain if we are have been called fromBob Beck
2021-01-08search the intermediates only after searching the root certs, clarifyBob Beck
2021-01-05Handle X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE in new verifier.Joel Sing
2021-01-05Gracefully handle root certificates being both trusted and untrusted.Joel Sing
2021-01-05double word fix; from martin vahlensieckJason McIntyre
2020-12-16Remove two reduntat memset calls.Theo Buehler
2020-12-16Avoid potential use of uninitialized in ASN1_time_parseTheo Buehler
2020-12-16Fix some KNF issuesTheo Buehler
2020-12-08LibreSSL 3.3.1Brent Cook
2020-12-08Fix a NULL dereference in GENERAL_NAME_cmp()Theo Buehler
2020-12-04Move point-on-curve check to set_affine_coordinatesTheo Buehler
2020-12-03grammar fixes from Varik "The Genuine Article!!!" Valefor;Jason McIntyre
2020-11-25Avoid undefined behavior due to memcpy(NULL, NULL, 0)Theo Buehler
2020-11-18Plug leak in x509_verify_chain_dup()Theo Buehler
2020-11-18Plug a big memory leak in the new validatorTheo Buehler
2020-11-18zap ugly empty line before closing braceTheo Buehler
2020-11-18Move freeing of the verify context to its natural place instead ofTheo Buehler
2020-11-18KNF (whitespace)Theo Buehler
2020-11-18bump to 3.3.0Brent Cook
2020-11-16Use X509_V_OK instead of 0.Joel Sing
2020-11-16Add back an X509_STORE_CTX error code assignment.Joel Sing
2020-11-15Return the specific failure for a "self signed certificate" in the chainBob Beck
2020-11-11Handle additional certificate error cases in new X.509 verifier.Joel Sing
2020-11-11Update getentropy on Windows to use Cryptography Next Generation (CNG).Brent Cook
2020-11-03Fix bad indent.Joel Sing
2020-11-03Hook X509_STORE_CTX get_issuer() callback from new X509 verifier.Joel Sing
2020-11-02typo: ASN1_parse_time -> ASN1_time_parseTheo Buehler
2020-10-26Add a safety net to ensure that we set an error on the store context.Theo Buehler
2020-10-26If x509_verify() fails, ensure that the error is also set on the storeTheo Buehler
2020-10-26Make sure that x509_vfy_check_id() failure also sets ctx->error, not onlyTheo Buehler
2020-10-21Stop documenting some functions as macros.Theo Buehler
2020-10-12make fixed-sized fixed-value mib[] arrays be constTheo de Raadt
2020-10-09Fix leak or double free with OCSP_request_add0_id()Theo Buehler
2020-09-26Ensure leaf is set up on X509_STORE_CTX before verification.Joel Sing
2020-09-26jumping into the x509 fray with a bunch of whitespace repairTheo de Raadt
2020-09-25bump to LibreSSL 3.2.2 ahead of lockBrent Cook
2020-09-25KNF for a few comments and indent a labelTheo Buehler
2020-09-25Remove some dangling elses for consistency with the rest of the fileTheo Buehler
2020-09-25Simplify UI_new_method()Theo Buehler
2020-09-25Move variable declaration to the top of UI_set_result and ditchTheo Buehler
2020-09-25The default branch of a switch somehow got moved inside of a pointlessTheo Buehler
2020-09-25Simplify call to ERR_print_errors_cb()Theo Buehler
2020-09-24Error out if ok_chars and cancel_chars overlapTheo Buehler
2020-09-24Fix a number of leaks in the UI_dup_* functionsTheo Buehler
2020-09-24Push ERR_R_MALLOC_FAILURE onto the error stackTheo Buehler