Home Explore Help
Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 0
Files Issues 1 Wiki
Tree: 48cc4e0c20
Branches Tags

Commit History

Author SHA1 Message Date
  Tomas Mraz cccf532fef Disallow certs with explicit curve in verification chain 4 years ago
  Dr. David von Oheimb 82bdd64193 check_chain_extensions(): Require X.509 v3 if extensions are present 4 years ago
  Dr. David von Oheimb bb377c8d6c check_chain_extensions(): Add check that CA cert includes key usage extension 4 years ago
  Dr. David von Oheimb da6c691d6d check_chain_extensions(): Add check that on empty Subject the SAN must be marked critical 4 years ago
  Dr. David von Oheimb 89f13ca434 check_chain_extensions(): Add check that AKID and SKID are not marked critical 4 years ago
  Dr. David von Oheimb 8a639b9d72 check_chain_extensions(): Add check that Basic Constraints of CA cert are marked critical 4 years ago
  Dr. David von Oheimb 1e41dadfa7 Extend X509 cert checks and error reporting in v3_{purp,crld}.c and x509_{set,vfy}.c 4 years ago
  Dr. David von Oheimb 023697870b Refactor (without semantic changes) crypto/x509/{v3_purp.c,x509_vfy.c} 4 years ago
  Dr. David von Oheimb ade08735f9 Improve documentation, layout, and code comments regarding self-issued certs etc. 4 years ago
  Matt Caswell 33388b44b6 Update copyright year 4 years ago
  Rich Salz 21d08b9ee9 Update man3/verify documentation, error text 5 years ago
  Richard Levitte ffd2df135a X509_check_issued: check that signature algo matches signing key algo 6 years ago
  Richard Levitte 3e4b43b9e5 Following the license change, modify the boilerplates in crypto/x509/ 6 years ago
  KaoruToda 26a7d938c9 Remove parentheses of return. 7 years ago
  Pauli f32b0abe26 Remove unnecessary #include <openssl/lhash.h> directives. 7 years ago
  Todd Short 3bb0f989b5 OCSP Updates: error codes and multiple certificates 9 years ago
  Richard Levitte c8223538cb Check that the subject name in a proxy cert complies to RFC 3820 8 years ago
  Viktor Dukhovni f75b34c8c8 When strict SCT fails record verification failure 8 years ago
  Viktor Dukhovni f3e235ed6f Ensure verify error is set when X509_verify_cert() fails 8 years ago
  Rich Salz b1322259d9 Copyright consolidation 09/10 8 years ago
  Viktor Dukhovni fbb82a60dc Move peer chain security checks into x509_vfy.c 8 years ago
  Viktor Dukhovni d33def6624 Deprecate the -issuer_checks debugging option 8 years ago
  Viktor Dukhovni c0a445a9f2 Suppress DANE TLSA reflection when verification fails 8 years ago
  Rich Salz 349807608f Remove /* foo.c */ comments 9 years ago
  Richard Levitte b39fc56061 Identify and move common internal libcrypto header files 9 years ago
  Matt Caswell 0f113f3ee4 Run util/openssl-format-source -v -c . 9 years ago
  Dr. Stephen Henson 3bf15e2974 Integrate host, email and IP address checks into X509_verify. 12 years ago
  Dr. Stephen Henson 3ad344a517 add suite B chain validation flags and associated verify errors 12 years ago
  Dr. Stephen Henson 2b3936e882 avoid verification loops in trusted store when path building 14 years ago
  Dr. Stephen Henson 4b96839f06 Add support for CRLs partitioned by reason code. 16 years ago

Newer Older