summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509 (follow)
Commit message (Expand)AuthorAgeFilesLines
* Enable X509_V_FLAG_TRUSTED_FIRST by default in the legacy verifier.deraadt2021-09-301-1/+2
* Avoid a potential overread in x509_constraints_parse_mailbox()deraadt2021-09-261-5/+9
* This is errata/6.8/013_libressl.patch.siglibressl-v3.2.4tb2021-02-033-5/+10
* Fix a NULL dereference in GENERAL_NAME_cmp()libressl-v3.2.3tb2020-12-081-6/+46
* Ensure leaf is set up on X509_STORE_CTX before verification.jsing2020-09-261-9/+7
* jumping into the x509 fray with a bunch of whitespace repairderaadt2020-09-261-6/+6
* Ensure chain is set on the X509_STORE_CTX before triggering callback.jsing2020-09-231-12/+39
* Fix some line wrapping and other whitespace issues.tb2020-09-211-45/+34
* Move freeing and zeroing up to right after the while loop.tb2020-09-211-5/+5
* Avoid memleak caused by shadowingtb2020-09-201-2/+5
* KNF/whitespace nitstb2020-09-202-6/+7
* Correct a 1 byte read overflow in x509_contraints_uri and addbeck2020-09-201-4/+9
* Fix a memory leak in x509_constraints_extract_namestb2020-09-201-6/+6
* remove superfluous NULL checkbeck2020-09-191-2/+2
* Fix potential overflow in CN subject line parsing, thanks tobeck2020-09-181-4/+5
* revert my putting this on a diet. sadly the NAME_CONSTRAINTS_checkbeck2020-09-161-7/+1
* noop NAME_CONSTRAINTS_check stubinoguchi2020-09-161-4/+5
* Make check in x509_verify_ctx_set_max_signatures() consistent with others.jsing2020-09-161-4/+2
* Dedup code in x509_verify_ctx_new_from_xsc().jsing2020-09-161-14/+7
* set error_depth and current_cert to make more legacy callbacks that don't checkbeck2020-09-151-1/+3
* Deduplicate the time validation code between the legacy and newbeck2020-09-153-27/+8
* ifdef out code that is no longer used in here. once we are certainbeck2020-09-151-2/+5
* Set error if we are given an NULL ctx in x509_verify, and set errorbeck2020-09-141-5/+3
* nuke a stray spacetb2020-09-141-2/+2
* Fix potential leak when tmpext fails to be added tobeck2020-09-141-2/+6
* remove unneeded variable "type".beck2020-09-141-6/+5
* Don't leak names on successbeck2020-09-141-1/+2
* remove unneded variable "time1"beck2020-09-141-6/+6
* remove unneded variable "time"beck2020-09-141-3/+2
* fix bug introduced on review where refactor made it possible tobeck2020-09-141-2/+2
* re-enable new x509 chain verifier as the defaultbeck2020-09-141-3/+1
* Correctly fix double free introduced on review.beck2020-09-142-3/+3
* Fix double free - review moved the pop_free of roots to x509_verify_ctx_freebeck2020-09-141-2/+1
* revert previous, need to fix a problembeck2020-09-141-1/+3
* Enable the use of the new x509 chain validator by default.beck2020-09-141-3/+1
* Add new x509 certificate chain validator in x509_verify.cbeck2020-09-139-57/+1188
* Change over to use the new x509 name constraints verification.beck2020-09-121-28/+7
* Add x509_constraints.c - a new implementation of x509 name constraints, withbeck2020-09-112-0/+1270
* Add issuer cache, to be used by upcoming changes to validation code.beck2020-09-112-0/+214
* Remove remaining error *_str_functs[]jsing2020-06-051-66/+2
* One error file per directory is plenty.jsing2020-06-052-227/+155
* Collapse the x509v3 directory into x509.jsing2020-06-0437-0/+13636
* When building a chain look for non-expired certificates first.jsing2020-05-311-8/+29
* add stdlib.h for reallocarraybcook2019-05-231-1/+2
* Fix a number of ASN1_INTEGER vs ASN1_STRING mixups coming from thetb2019-03-131-2/+2
* Typo in comment.tb2019-03-061-2/+2
* Add const to EVP_PKCS82PKEY().tb2018-08-241-2/+2
* After removing support for broken PKCS#8 formats (it was high time),tb2018-08-241-8/+5
* Remove EVP_PKEY2PKCS8_broken() and PKCS8_set_broken()tb2018-08-241-13/+8
* Provide X509_get0_serialNumber()tb2018-08-242-2/+9
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 11:09:18 +0000