git.openssl.org Git - openssl.git/commit

author	Dr. Stephen Henson <steve@openssl.org>
	Tue, 5 Sep 2000 17:53:58 +0000 (17:53 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Tue, 5 Sep 2000 17:53:58 +0000 (17:53 +0000)
commit	2f043896d14f5b1ced08bcc8bec3e38e7a18d96f
tree	30c91e35a2b02dadc58fc56355894b4345142e51	tree \| snapshot
parent	29eb7d9ce0488690cca532d0ecb4075b5ca59209	commit \| diff

*BIG* verify code reorganisation.

The old code was painfully primitive and couldn't handle
distinct certificates using the same subject name.

The new code performs several tests on a candidate issuer
certificate based on certificate extensions.

It also adds several callbacks to X509_VERIFY_CTX so its
behaviour can be customised.

Unfortunately some hackery was needed to persuade X509_STORE
to tolerate this. This should go away when X509_STORE is
replaced, sometime...

This must have broken something though :-(

13 files changed:

CHANGES		diff \| blob \| history
Configure		diff \| blob \| history
apps/verify.c		diff \| blob \| history
crypto/asn1/x_x509.c		diff \| blob \| history
crypto/stack/safestack.h		diff \| blob \| history
crypto/x509/by_dir.c		diff \| blob \| history
crypto/x509/x509.h		diff \| blob \| history
crypto/x509/x509_lu.c		diff \| blob \| history
crypto/x509/x509_txt.c		diff \| blob \| history
crypto/x509/x509_vfy.c		diff \| blob \| history
crypto/x509/x509_vfy.h		diff \| blob \| history
crypto/x509v3/v3_purp.c		diff \| blob \| history
crypto/x509v3/x509v3.h		diff \| blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom