openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Remove now empty/unused ext_dat.h	tb	2023-04-16	1	-67/+0
\|
*	Merge ext_dat.h back into x509_lib.c	tb	2023-04-16	1	-76/+1
\| \| \| \| \| \|	There is no point in having this in a separate internal header. discussed with jsing
*	Drop support for the ProxyCertInfo extension	tb	2023-04-16	1	-3/+2
\| \| \| \| \| \| \| \|	This removes the ProxyCertInfo extension from RFC 3820 from the list of supported extensions. Since it is a critical extension, this means that certificates containing it will no longer be considered valid by default. ok jsing
*	Add certificate transparency methods to the standard extensions.	tb	2021-11-24	1	-1/+7
\| \| \| \| \| \| \| \|	This way, CT extensions in certs will be parsed by the new CT code when they are encountered. This gets rid of a lot of gibberish when looking at a cert with 'openssl x509 -text -noout -in server.pem' ok beck jsing
*	Make v3_addr and v3_asid extern const	job	2021-09-02	1	-2/+2
\| \| \| \|	OK tb@
*	Lay groundwork to support X.509 v3 extensions for IP Addresses and AS ↵	job	2021-09-02	1	-1/+5
\| \| \| \| \| \| \| \| \| \| \|	Identifiers These extensions are defined in RFC 3779 and used in the RPKI (RFC 6482, RFC 8360). Imported from OpenSSL 1.1.1j (aaf2fcb575cdf6491b98ab4829abf78a3dec8402b8b81efc8f23c00d443981bf) This changeset is a no-op, as there are 10+ issues and at least 2 security issues. Work will continue in-tree. OK tb@, discussed with beck@
*	Collapse the x509v3 directory into x509.	jsing	2020-06-04	1	-0/+133
	This avoids the need to grep across directories to find functions and prepares for further rototilling and chainsawing. Discussed with tb@ (who also tested the release build)