summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509/x509_verify.c (follow)
Commit message (Expand)AuthorAgeFilesLines
* When calling the legacy callback, ensure we catch the case where itbeck2021-09-091-2/+5
* Call the callback on success in new verifier in a compatible waybeck2021-09-031-10/+36
* Revert previous change that changed our default return for unable tobeck2021-08-301-11/+5
* Fix Jan's regress in openssl/x509 to do what it says it does,beck2021-08-301-5/+11
* Don't call the verify callback twice on success.beck2021-08-291-2/+1
* Get rid of historical code to extract the roots in the legacy case.beck2021-08-281-26/+29
* Remove the "dump_chain" flag and code. This was a workaround for a problem wherebeck2021-08-281-14/+3
* Pull roots out of the trust store in the legacy xsc when building chainsbeck2021-08-191-6/+14
* Add a check_trust call to the legacy chain validation on chain add, rememberingbeck2021-08-181-2/+10
* Refactor the legacy chain validation from the chain adding code into itsbeck2021-08-181-52/+70
* Use the x509_verify_cert_cache_extensions fuction instead of manuallybeck2021-07-121-9/+4
* Add a bunch of workarond in the verifier to support partial chains andbeck2021-07-101-15/+131
* Revert "Handle X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE in newtb2021-04-281-4/+1
* Use EXFLAG_INVALID to handle out of memory and parse errors intobhe2021-03-131-1/+5
* Fix checks of memory caps of constraints namestb2021-03-121-4/+7
* Set is_trusted in x509_verify_ctx_add_chain()tb2021-02-261-2/+2
* Rename depth to num_untrusted so it identifies what it actually represents.jsing2021-02-251-6/+6
* Avoid passing last and depth to x509_verify_cert_error() on ENOMEM.jsing2021-02-251-3/+2
* Make the new validator check for EXFLAG_CRITICALtb2021-02-241-8/+15
* Set chain on xsc on chain build failure.jsing2021-01-091-1/+3
* Bail out early after finding an single chain if we are have been called frombeck2021-01-091-1/+9
* search the intermediates only after searching the root certs, clarifybeck2021-01-081-11/+15
* Handle X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE in new verifier.jsing2021-01-051-1/+4
* Gracefully handle root certificates being both trusted and untrusted.jsing2021-01-051-3/+14
* Remove two reduntat memset calls.tb2020-12-161-3/+1
* Plug leak in x509_verify_chain_dup()tb2020-11-181-2/+2
* zap ugly empty line before closing bracetb2020-11-181-2/+1
* Use X509_V_OK instead of 0.jsing2020-11-161-4/+3
* Add back an X509_STORE_CTX error code assignment.jsing2020-11-161-2/+3
* Return the specific failure for a "self signed certificate" in the chainbeck2020-11-151-1/+14
* Handle additional certificate error cases in new X.509 verifier.jsing2020-11-111-11/+77
* Fix bad indent.jsing2020-11-031-7/+6
* Hook X509_STORE_CTX get_issuer() callback from new X509 verifier.jsing2020-11-031-3/+17
* Add a safety net to ensure that we set an error on the store context.tb2020-10-261-1/+3
* If x509_verify() fails, ensure that the error is also set on the storetb2020-10-261-10/+15
* Make sure that x509_vfy_check_id() failure also sets ctx->error, not onlytb2020-10-261-3/+8
* Ensure leaf is set up on X509_STORE_CTX before verification.jsing2020-09-261-9/+7
* Ensure chain is set on the X509_STORE_CTX before triggering callback.jsing2020-09-231-12/+39
* remove superfluous NULL checkbeck2020-09-191-2/+2
* Make check in x509_verify_ctx_set_max_signatures() consistent with others.jsing2020-09-161-4/+2
* Dedup code in x509_verify_ctx_new_from_xsc().jsing2020-09-161-14/+7
* set error_depth and current_cert to make more legacy callbacks that don't checkbeck2020-09-151-1/+3
* Deduplicate the time validation code between the legacy and newbeck2020-09-151-2/+2
* Set error if we are given an NULL ctx in x509_verify, and set errorbeck2020-09-141-5/+3
* nuke a stray spacetb2020-09-141-2/+2
* remove unneded variable "time"beck2020-09-141-3/+2
* fix bug introduced on review where refactor made it possible tobeck2020-09-141-2/+2
* Correctly fix double free introduced on review.beck2020-09-141-2/+1
* Add new x509 certificate chain validator in x509_verify.cbeck2020-09-131-0/+914
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-31 07:15:15 +0000