| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Add a pass using the modern vfy with by_dir roots, code by me, script to | beck | 2021-08-28 | 1 | -14/+30 |
| | | | | | | | generate certdirs by jsing, and make chicken sacrifies by tb. ok tb@ jsing@ | ||||
| * | Add regress test testing having the root cert in the intermediate bundle | beck | 2021-08-27 | 1 | -1/+5 |
| | | |||||
| * | Don't leak verify and store contexts. | tb | 2020-11-18 | 1 | -1/+3 |
| | | |||||
| * | catch unset error when validation fails. | beck | 2020-10-26 | 1 | -1/+4 |
| | | |||||
| * | make this test compile and pass on sparc64 by moving variable declarations | tb | 2020-09-18 | 1 | -4/+9 |
| | | | | | to the beginning of the respective scopes (and out of for loops) | ||||
| * | Add new x509 certificate chain validator in x509_verify.c | beck | 2020-09-13 | 1 | -9/+90 |
| | | | | | | | | | | | | | | | | | | | | The new validator finds multiple validated chains to handle the modern PKI cases which may frequently have multiple paths via different intermediates to different roots. It is loosely based on golang's x509 validator This includes integration so that the new validator can be used via X509_verify_cert() as well as a new api x509_verify() which will return multiple chains (similar to go). The new validator is not enabled by default with this commit, this will be changed in a follow on commit. The new public API is not yet exposed, and will be finalized and exposed with a man page and a library minor bump later. ok tb@ inoguchi@ jsing@ | ||||
| * | Add regress for X509_verify() using the new bundles. | jsing | 2020-07-14 | 1 | -0/+363 |
| A number of these tests are known to fail due to bugs/incorrect verification implementation. | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |