index
:
openbsd
OPENBSD_2_0
OPENBSD_2_1
OPENBSD_2_2
OPENBSD_2_3
OPENBSD_2_4
OPENBSD_2_5
OPENBSD_2_6
OPENBSD_2_7
OPENBSD_2_8
OPENBSD_2_9
OPENBSD_3_0
OPENBSD_3_1
OPENBSD_3_2
OPENBSD_3_3
OPENBSD_3_4
OPENBSD_3_5
OPENBSD_3_6
OPENBSD_3_7
OPENBSD_3_8
OPENBSD_3_9
OPENBSD_4_0
OPENBSD_4_1
OPENBSD_4_2
OPENBSD_4_3
OPENBSD_4_4
OPENBSD_4_5
OPENBSD_4_6
OPENBSD_4_7
OPENBSD_4_8
OPENBSD_4_9
OPENBSD_5_0
OPENBSD_5_1
OPENBSD_5_2
OPENBSD_5_3
OPENBSD_5_4
OPENBSD_5_5
OPENBSD_5_6
OPENBSD_5_7
OPENBSD_5_8
OPENBSD_5_9
OPENBSD_6_0
OPENBSD_6_1
OPENBSD_6_2
OPENBSD_6_3
OPENBSD_6_4
OPENBSD_6_5
OPENBSD_6_6
OPENBSD_6_7
OPENBSD_6_8
OPENBSD_6_9
OPENBSD_7_0
OPENBSD_7_1
OPENBSD_7_2
OPENBSD_7_3
OPENBSD_7_4
OPENBSD_7_5
OPENBSD_7_6
OPENBSD_7_7
master
A mirror of https://github.com/libressl/openbsd.git
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
src
/
lib
/
libcrypto
/
x509
/
x509_verify.c
(
follow
)
Commit message (
Expand
)
Author
Age
Files
Lines
*
Use EXFLAG_INVALID to handle out of memory and parse errors in
tobhe
2021-03-13
1
-1
/
+5
*
Fix checks of memory caps of constraints names
tb
2021-03-12
1
-4
/
+7
*
Set is_trusted in x509_verify_ctx_add_chain()
tb
2021-02-26
1
-2
/
+2
*
Rename depth to num_untrusted so it identifies what it actually represents.
jsing
2021-02-25
1
-6
/
+6
*
Avoid passing last and depth to x509_verify_cert_error() on ENOMEM.
jsing
2021-02-25
1
-3
/
+2
*
Make the new validator check for EXFLAG_CRITICAL
tb
2021-02-24
1
-8
/
+15
*
Set chain on xsc on chain build failure.
jsing
2021-01-09
1
-1
/
+3
*
Bail out early after finding an single chain if we are have been called from
beck
2021-01-09
1
-1
/
+9
*
search the intermediates only after searching the root certs, clarify
beck
2021-01-08
1
-11
/
+15
*
Handle X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE in new verifier.
jsing
2021-01-05
1
-1
/
+4
*
Gracefully handle root certificates being both trusted and untrusted.
jsing
2021-01-05
1
-3
/
+14
*
Remove two reduntat memset calls.
tb
2020-12-16
1
-3
/
+1
*
Plug leak in x509_verify_chain_dup()
tb
2020-11-18
1
-2
/
+2
*
zap ugly empty line before closing brace
tb
2020-11-18
1
-2
/
+1
*
Use X509_V_OK instead of 0.
jsing
2020-11-16
1
-4
/
+3
*
Add back an X509_STORE_CTX error code assignment.
jsing
2020-11-16
1
-2
/
+3
*
Return the specific failure for a "self signed certificate" in the chain
beck
2020-11-15
1
-1
/
+14
*
Handle additional certificate error cases in new X.509 verifier.
jsing
2020-11-11
1
-11
/
+77
*
Fix bad indent.
jsing
2020-11-03
1
-7
/
+6
*
Hook X509_STORE_CTX get_issuer() callback from new X509 verifier.
jsing
2020-11-03
1
-3
/
+17
*
Add a safety net to ensure that we set an error on the store context.
tb
2020-10-26
1
-1
/
+3
*
If x509_verify() fails, ensure that the error is also set on the store
tb
2020-10-26
1
-10
/
+15
*
Make sure that x509_vfy_check_id() failure also sets ctx->error, not only
tb
2020-10-26
1
-3
/
+8
*
Ensure leaf is set up on X509_STORE_CTX before verification.
jsing
2020-09-26
1
-9
/
+7
*
Ensure chain is set on the X509_STORE_CTX before triggering callback.
jsing
2020-09-23
1
-12
/
+39
*
remove superfluous NULL check
beck
2020-09-19
1
-2
/
+2
*
Make check in x509_verify_ctx_set_max_signatures() consistent with others.
jsing
2020-09-16
1
-4
/
+2
*
Dedup code in x509_verify_ctx_new_from_xsc().
jsing
2020-09-16
1
-14
/
+7
*
set error_depth and current_cert to make more legacy callbacks that don't check
beck
2020-09-15
1
-1
/
+3
*
Deduplicate the time validation code between the legacy and new
beck
2020-09-15
1
-2
/
+2
*
Set error if we are given an NULL ctx in x509_verify, and set error
beck
2020-09-14
1
-5
/
+3
*
nuke a stray space
tb
2020-09-14
1
-2
/
+2
*
remove unneded variable "time"
beck
2020-09-14
1
-3
/
+2
*
fix bug introduced on review where refactor made it possible to
beck
2020-09-14
1
-2
/
+2
*
Correctly fix double free introduced on review.
beck
2020-09-14
1
-2
/
+1
*
Add new x509 certificate chain validator in x509_verify.c
beck
2020-09-13
1
-0
/
+914
