summaryrefslogtreecommitdiff
path: root/src/regress/lib/libcrypto/x509/expirecallback.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove unwanted trailing newlines from err/warn format strings.anton2024-08-231-2/+2
|
* Switch regress to using x509_verify.h from libcrypto instead of thetb2023-01-281-2/+3
| | | | one in /usr/include/openssl.
* Revise expire callback regress to use chains with expired certificates.jsing2022-10-171-25/+66
| | | | | | | | | | Rather than using X509_STORE_CTX_set_time() (which is resulting all certificates in the chain being treated as expired), use chains that have an expired leaf or expired intermediate. This triggers a different code path, which is currently mishandled (and hence failing). Also ensure that the resulting error and error depth match what we expect them to be.
* Move leaf certificate checks to the last thing after chain validation.beck2022-06-251-0/+279
While seemingly illogical and not what is done in Go's validator, this mimics OpenSSL's behavior so that callback overrides for the expiry of a certificate will not "sticky" override a failure to build a chain. ok jsing@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 11:19:36 +0000