summaryrefslogtreecommitdiff
path: root/lib/libcrypto
AgeCommit message (Expand)Author
2020-10-12make fixed-sized fixed-value mib[] arrays be constTheo de Raadt
2020-10-09Fix leak or double free with OCSP_request_add0_id()Theo Buehler
2020-09-26Ensure leaf is set up on X509_STORE_CTX before verification.Joel Sing
2020-09-26jumping into the x509 fray with a bunch of whitespace repairTheo de Raadt
2020-09-25bump to LibreSSL 3.2.2 ahead of lockBrent Cook
2020-09-25KNF for a few comments and indent a labelTheo Buehler
2020-09-25Remove some dangling elses for consistency with the rest of the fileTheo Buehler
2020-09-25Simplify UI_new_method()Theo Buehler
2020-09-25Move variable declaration to the top of UI_set_result and ditchTheo Buehler
2020-09-25The default branch of a switch somehow got moved inside of a pointlessTheo Buehler
2020-09-25Simplify call to ERR_print_errors_cb()Theo Buehler
2020-09-24Error out if ok_chars and cancel_chars overlapTheo Buehler
2020-09-24Fix a number of leaks in the UI_dup_* functionsTheo Buehler
2020-09-24Push ERR_R_MALLOC_FAILURE onto the error stackTheo Buehler
2020-09-24Make free_strings() NULL safeTheo Buehler
2020-09-24KNF and grammar tweaks for comments; wrap a few overlong prototypes.Theo Buehler
2020-09-23Ensure chain is set on the X509_STORE_CTX before triggering callback.Joel Sing
2020-09-21Fix some line wrapping and other whitespace issues.Theo Buehler
2020-09-21Move freeing and zeroing up to right after the while loop.Theo Buehler
2020-09-20Avoid memleak caused by shadowingTheo Buehler
2020-09-20KNF/whitespace nitsTheo Buehler
2020-09-20Correct a 1 byte read overflow in x509_contraints_uri and addBob Beck
2020-09-20Fix a memory leak in x509_constraints_extract_namesTheo Buehler
2020-09-19remove superfluous NULL checkBob Beck
2020-09-18Fix potential overflow in CN subject line parsing, thanks toBob Beck
2020-09-17Add a comment saying that the public function NAME_CONSTRAINTS_check(3)Ingo Schwarze
2020-09-17Install the new page SSL_set1_host(3), link to it from relevant places,Ingo Schwarze
2020-09-16revert my putting this on a diet. sadly the NAME_CONSTRAINTS_checkBob Beck
2020-09-16noop NAME_CONSTRAINTS_check stubKinichiro Inoguchi
2020-09-16Make check in x509_verify_ctx_set_max_signatures() consistent with others.Joel Sing
2020-09-16Dedup code in x509_verify_ctx_new_from_xsc().Joel Sing
2020-09-15set error_depth and current_cert to make more legacy callbacks that don't checkBob Beck
2020-09-15Deduplicate the time validation code between the legacy and newBob Beck
2020-09-15ifdef out code that is no longer used in here. once we are certainBob Beck
2020-09-14simplify RETURN VALUES for x509_verify(3) after beck@ made the rulesIngo Schwarze
2020-09-14Add initial man page for new x509_verify chain validatorBob Beck
2020-09-14Set error if we are given an NULL ctx in x509_verify, and set errorBob Beck
2020-09-14nuke a stray spaceTheo Buehler
2020-09-14Fix potential leak when tmpext fails to be added toBob Beck
2020-09-14remove unneeded variable "type".Bob Beck
2020-09-14Don't leak names on successBob Beck
2020-09-14remove unneded variable "time1"Bob Beck
2020-09-14remove unneded variable "time"Bob Beck
2020-09-14fix bug introduced on review where refactor made it possible toBob Beck
2020-09-14re-enable new x509 chain verifier as the defaultBob Beck
2020-09-14Correctly fix double free introduced on review.Bob Beck
2020-09-14Fix double free - review moved the pop_free of roots to x509_verify_ctx_freeBob Beck
2020-09-14revert previous, need to fix a problemBob Beck
2020-09-14Enable the use of the new x509 chain validator by default.Bob Beck
2020-09-13Add new x509 certificate chain validator in x509_verify.cBob Beck