| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
that we know that it only returns 0 or 1. Eliminate the last uses
of X509_LU_{FAIL,RETRY}.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
Initialize stmp.type and stmp.data.ptr so that a user-defined lookup
method need not take responsibility of initializing those. Get rid of
current_method, which was never really used. Stop potentially returning
a negative value since most callers assume Boolean return values already.
In addition, garbage collect the pointless j variable.
ok jsing
|
| |
|
|
|
|
|
|
| |
for a NULL ctx->ctx in the lookup functions using X509_STORE_CTX.
This affects X509_STORE_get1_certs(), X509_STORE_get1_crls(),
X509_STORE_CTX_get1_issuer() and X509_STORE_get_by_subject().
With this X509_verify_cert() no longer crashes with a NULL store.
With and OK tb@
|
| |
|
|
|
|
|
| |
Based on OpenSSL commit c5ebfcab713a82a1d46a51c8c2668c419425b387
tested in a bulk by sthen
ok jsing
|
| |
|
|
|
|
|
| |
X509_LOOKUP_by_fingerprint() 'const unsigned char *bytes'.
tested in a bulk build by sthen
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
| |
(which we don't have) it returns a plain int.
ok jsing
|
| |
|
|
| |
X509_STORE_set_ex_data().
|
| | |
|
| | |
|
| |
|
|
|
|
| |
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@
|
| |
|
|
| |
object in the error path - we don't own it.
|
| |
|
|
|
|
|
| |
to push in that case. While there replace an inline version of
X509_OBJECT_free_contents() by a call to said function.
ok beck@
|
| |
|
|
|
|
|
|
|
| |
Based on this upstream commit: bff9ce4db38b297c72a6d84617d71ae2934450f7
which didn't make it into a release until 1.0.2.
Thanks to william at 25thandclement dot com for reporting this!
ok deraadt@ jsing@ beck@
|
| |
|
|
| |
15 years.
|
| |
|
|
|
|
|
| |
X509_STORE_get1_certs(), X509_STORE_get1_crls(): check the result of
allocations.
ok tedu@
|
| |
|
|
|
|
|
| |
expired or not valid yet, continue looking; only return an expired certificate
if no valid certificates have been found.
OpenSSL PR #3359 via OpenSSL trunk.
|
| |
|
|
|
|
|
|
| |
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.
ok beck@ miod@
|
| | |
|
| |
|
|
| |
ok miod
|
| | |
|
| | |
|
| |
|
|
| |
ok miod@
|
| |
|
|
| |
ok miod@ looks good deraadt@
|
| |
|
|
|
|
|
|
| |
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
| | |
|
|
|
functionality for shared libs.
Note that routines such as sslv2_init and friends that use RSA will
not work due to lack of RSA in this library.
Needs documentation and help from ports for easy upgrade to full
functionality where legally possible.
|
