| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Plug memleak | tb | 2021-12-29 | 1 | -2/+7 |
| | | | | | CID 345156 | ||||
| * | Relax SAN DNSname validation and constraints to permit non leading * | beck | 2021-04-27 | 1 | -8/+4 |
| | | | | | | | | | | | | wildcards. While we may choose not to support them the standards appear to permit them optionally so we can't declare a certificate containing them invalid. Noticed by jeremy@, and Steffan Ulrich and others. Modify the regression tests to test these cases and not check the SAN DNSnames as "hostnames" anymore (which don't support wildcards). ok jsing@, tb@ | ||||
| * | move a misplaced 'goto done;' so that all invalid uris are tested | tb | 2020-09-21 | 1 | -1/+1 |
| | | |||||
| * | add a few short invalid URIs in test_constraints1() that cause early | tb | 2020-09-21 | 1 | -0/+4 |
| | | | | | failure of x509_constraints_uri_host() in x509_constraints_uri() | ||||
| * | Correct a 1 byte read overflow in x509_contraints_uri and add | beck | 2020-09-20 | 1 | -0/+4 |
| | | | | | | | | | regress to catch it in the future. found by Guido Vranken's cryptofuzzer ok tb@ | ||||
| * | move variable declaration up to top to make this compile and pass | tb | 2020-09-18 | 1 | -1/+1 |
| | | | | | on sparc64 | ||||
| * | Use void function argument to appease gcc 4.2.1 | tb | 2020-09-18 | 1 | -1/+1 |
| | | |||||
| * | remove unused include that breaks regress | beck | 2020-09-12 | 1 | -1/+0 |
| | | |||||
| * | Add x509_constraints.c - a new implementation of x509 name constraints, with | beck | 2020-09-11 | 1 | -0/+485 |
| regression tests. The use of the new name constraints is not yet activated in x509_vfy.c and will be activated in a follow on commit ok jsing@ | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |