summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509/x509_vfy.c (follow)
Commit message (Expand)AuthorAgeFilesLines
...
* Fix a bug in check_crl_time() that could result in incompleteschwarze2021-11-131-8/+8
* In X509_STORE_CTX, rename the X509_STORE store rather than ctx.tb2021-11-071-6/+6
* In X509_STORE_CTX rename the misnamed last_untrusted to num_untrustedtb2021-11-071-13/+13
* Cache sha512 hash and parsed not_before and not_after with X509 cert.beck2021-11-041-21/+35
* Move the now internal X.509-related structs into x509_lcl.h.tb2021-11-011-3/+1
* Add RFC 3779 checks to both legacy and new verifierjob2021-10-261-1/+11
* Prepare to provide a number of X509_STORE_CTX_* setters.tb2021-10-241-1/+38
* Prepare to provide X509_STORE_CTX_get_num_untrusted()tb2021-10-241-1/+7
* Call the callback on success in new verifier in a compatible waybeck2021-09-031-5/+17
* Get rid of historical code to extract the roots in the legacy case.beck2021-08-281-49/+2
* Pull roots out of the trust store in the legacy xsc when building chainsbeck2021-08-191-1/+10
* Fix two bugs in the legacy verifiertb2021-02-251-6/+10
* KNFtb2021-02-111-4/+7
* Plug a big memory leak in the new validatortb2020-11-181-1/+6
* Move freeing of the verify context to its natural place instead oftb2020-11-181-2/+2
* KNF (whitespace)tb2020-11-181-2/+2
* jumping into the x509 fray with a bunch of whitespace repairderaadt2020-09-261-6/+6
* KNF/whitespace nitstb2020-09-201-4/+5
* Deduplicate the time validation code between the legacy and newbeck2020-09-151-24/+2
* remove unneded variable "time1"beck2020-09-141-6/+6
* Correctly fix double free introduced on review.beck2020-09-141-1/+2
* Fix double free - review moved the pop_free of roots to x509_verify_ctx_freebeck2020-09-141-2/+1
* Add new x509 certificate chain validator in x509_verify.cbeck2020-09-131-48/+180
* Change over to use the new x509 name constraints verification.beck2020-09-121-28/+7
* When building a chain look for non-expired certificates first.jsing2020-05-311-8/+29
* Typo in comment.tb2019-03-061-2/+2
* Don't leak sktmp in X509_verify_cert().tb2018-08-191-5/+5
* Fail early if an X509_VERIFY_PARAM is poisoned - don't allowbeck2018-04-081-8/+10
* poison for X509_VERIFY_PARAM'sbeck2018-04-061-3/+10
* Provide X509_STORE_CTX_get0_chain() and X509_STORE_CTX_get0_store().jsing2018-02-221-3/+17
* Provide X509_STORE_CTX_get0_{cert,untrusted}() andjsing2018-02-141-1/+25
* Make the symbol for ASN1_time_tm_clamp_notafter visible so libtlsbeck2017-08-271-1/+3
* Add ability to clamp a notafter to values representable in a 32 bit time_tbeck2017-08-131-5/+21
* Revert previous change that forced consistency between return value andbeck2017-04-281-10/+2
* revert previous accidental commitbeck2017-04-281-2/+10
* *** empty log message ***beck2017-04-281-10/+2
* Kill leak introduced with refactorbeck2017-02-051-3/+6
* Send the function codes from the error functions to the bit bucket,beck2017-01-291-29/+19
* fix bogus commentbeck2017-01-211-2/+2
* Make return value of X509_verify_cert be consistent with the error code,beck2017-01-211-2/+10
* Rework internal_verify, mostly from OpenSSL. so we can progressbeck2017-01-201-102/+102
* Add and remove some blank lines, in order to make X509_verify_cert()jsing2017-01-071-6/+4
* Revert part of r1.54 as there are at least two situations where we are stilljsing2017-01-071-4/+2
* Add a small bit of belt and suspenders around ERR_V_OK with X509_STORE_ctxbeck2017-01-031-2/+20
* bring in boring's internal check_trust function to fix a bug introducedbeck2017-01-031-24/+79
* Rework X509_verify_cert to support alt chains on certificate verification,beck2016-11-061-117/+265
* make public ASN1_time_parse and ASN1_time_tm_cmp to replace former hiddenbeck2016-11-041-3/+3
* In X509_cmp_time(), pass asn1_time_parse() the tag of the field beingguenther2016-10-021-2/+3
* X509_free(3) is NULL-safe, so remove NULL checks before its calls.mmcc2016-03-111-3/+2
* initialize ok to 0beck2015-12-141-2/+2
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 20:03:48 +0000