git.openssl.org Git - openssl.git/history

[openssl.git] / crypto / x509 / x509_vfy.c

2020-09-13	Matt Caswell	Fix safestack issues in x509.h	blob \| commitdiff \| raw
2020-09-11	Dr. David von Oheimb	check_chain_extensions(): Require X.509 v3 if extension...	blob \| commitdiff \| raw \| diff to current
2020-09-11	Dr. David von Oheimb	check_chain_extensions(): Change exclusion condition...	blob \| commitdiff \| raw \| diff to current
2020-09-11	Dr. David von Oheimb	x509_vfy.c: Make sure that strict checks are not done...	blob \| commitdiff \| raw \| diff to current
2020-09-11	Dr. David von Oheimb	check_chain_extensions(): Add check that CA cert includ...	blob \| commitdiff \| raw \| diff to current
2020-09-11	Dr. David von Oheimb	check_chain_extensions(): Add check that on empty Subje...	blob \| commitdiff \| raw \| diff to current
2020-09-11	Dr. David von Oheimb	check_chain_extensions(): Add check that AKID and SKID...	blob \| commitdiff \| raw \| diff to current
2020-09-11	Dr. David von Oheimb	check_chain_extensions(): Add check that Basic Constrai...	blob \| commitdiff \| raw \| diff to current
2020-09-11	Dr. David von Oheimb	Extend X509 cert checks and error reporting in v3_...	blob \| commitdiff \| raw \| diff to current
2020-08-12	Dr. David von Oheimb	Introduce X509_add_cert[s] simplifying various addition...	blob \| commitdiff \| raw \| diff to current
2020-07-24	Shane Lontis	Add X509 related libctx changes.	blob \| commitdiff \| raw \| diff to current
2020-07-16	Dr. David von Oheimb	x509_vfy.c: Improve key usage checks in internal_verify...	blob \| commitdiff \| raw \| diff to current
2020-07-01	Dr. David von Oheimb	Add X509_self_signed(), extending and improving documen...	blob \| commitdiff \| raw \| diff to current
2020-07-01	Dr. David von Oheimb	Fix issue 1418 by moving check of KU_KEY_CERT_SIGN...	blob \| commitdiff \| raw \| diff to current
2020-07-01	Dr. David von Oheimb	Optimization and safety precaution in find_issuer(...	blob \| commitdiff \| raw \| diff to current
2020-07-01	Dr. David von Oheimb	Refactor (without semantic changes) crypto/x509/{v3_pur...	blob \| commitdiff \| raw \| diff to current
2020-07-01	Dr. David von Oheimb	Improve documentation, layout, and code comments regard...	blob \| commitdiff \| raw \| diff to current
2020-05-25	Pauli	Coverity 1463830: Resource leaks (RESOURCE_LEAK)	blob \| commitdiff \| raw \| diff to current
2020-05-18	Bernd Edlinger	Fix some places where X509_up_ref is used	blob \| commitdiff \| raw \| diff to current
2020-04-30	Pauli	coverity 1462560 Resource leak	blob \| commitdiff \| raw \| diff to current
2020-04-24	Rich Salz	In OpenSSL builds, declare STACK for datatypes ...	blob \| commitdiff \| raw \| diff to current
2020-04-16	Matt Caswell	Introduce an internal version of X509_check_issued()	blob \| commitdiff \| raw \| diff to current
2020-04-16	Matt Caswell	Create a libctx aware X509_verify_ex()	blob \| commitdiff \| raw \| diff to current
2020-04-08	Matt Caswell	Use the libctx and propq from the X509_STORE_CTX	blob \| commitdiff \| raw \| diff to current
2020-04-08	Matt Caswell	Add X509_STORE_CTX_new_with_libctx()	blob \| commitdiff \| raw \| diff to current
2020-04-06	Tomas Mraz	Set X509_V_ERR_INVALID_EXTENSION error for invalid...	blob \| commitdiff \| raw \| diff to current
2020-03-23	Dr. David von Oheimb	Constify various mostly X509-related parameter types...	blob \| commitdiff \| raw \| diff to current
2020-03-21	Bernd Edlinger	Fix error handling in x509v3_cache_extensions and relat...	blob \| commitdiff \| raw \| diff to current
2019-12-04	Dr. David von Oheimb	add X509_cmp_timeframe() including its documentation	blob \| commitdiff \| raw \| diff to current
2019-10-09	Rich Salz	Explicitly test against NULL; do not use !p or similar	blob \| commitdiff \| raw \| diff to current
2019-09-28	Dr. Matthias St...	Reorganize local header files	blob \| commitdiff \| raw \| diff to current
2019-09-28	Dr. Matthias St...	Reorganize private crypto header files	blob \| commitdiff \| raw \| diff to current
2019-08-14	opensslonzos-github	Add missing EBCDIC strings	blob \| commitdiff \| raw \| diff to current
2019-07-31	Shane Lontis	Rename X509_STORE ptr stored in opaque struct X509_STOR...	blob \| commitdiff \| raw \| diff to current
2018-12-20	Ken Goldman	Admit unknown pkey types at security level 0	blob \| commitdiff \| raw \| diff to current
2018-12-06	Richard Levitte	Following the license change, modify the boilerplates...	blob \| commitdiff \| raw \| diff to current
2018-10-18	Viktor Dukhovni	Apply self-imposed path length also to root CAs	blob \| commitdiff \| raw \| diff to current
2018-10-18	Viktor Dukhovni	Only CA certificates can be self-issued	blob \| commitdiff \| raw \| diff to current
2018-05-23	Viktor Dukhovni	Skip CN DNS name constraint checks when not needed	blob \| commitdiff \| raw \| diff to current
2018-05-01	Matt Caswell	Update copyright year	blob \| commitdiff \| raw \| diff to current
2018-04-24	FdaSilvaYY	X509: add more error codes on malloc or sk_TYP_push...	blob \| commitdiff \| raw \| diff to current
2017-09-28	Pauli	Remove unnecessary #include <openssl/lhash.h> directives.	blob \| commitdiff \| raw \| diff to current
2017-09-22	David Benjamin	Guard against DoS in name constraints handling.	blob \| commitdiff \| raw \| diff to current
2017-08-22	Rich Salz	Use "" not <> for internal/ includes	blob \| commitdiff \| raw \| diff to current
2017-08-21	Pauli	This has been added to avoid the situation where some...	blob \| commitdiff \| raw \| diff to current
2017-08-21	Matt Caswell	Remove OPENSSL_assert() from crypto/x509	blob \| commitdiff \| raw \| diff to current
2017-04-25	Dr. Stephen Henson	Use X509_get_signature_info() when checking security...	blob \| commitdiff \| raw \| diff to current
2017-02-24	Emilia Kasper	X509 time: tighten validation per RFC 5280	blob \| commitdiff \| raw \| diff to current
2016-12-03	Viktor Dukhovni	Restore last-resort expired untrusted intermediate...	blob \| commitdiff \| raw \| diff to current
2016-08-24	Viktor Dukhovni	Un-delete still documented X509_STORE_CTX_set_verify	blob \| commitdiff \| raw \| diff to current
2016-08-22	Matt Caswell	Add some sanity checks when checking CRL scores	blob \| commitdiff \| raw \| diff to current
2016-08-19	Dr. Stephen Henson	Constify certificate and CRL time routines.	blob \| commitdiff \| raw \| diff to current
2016-08-05	klemens	spelling fixes, just comments and readme.	blob \| commitdiff \| raw \| diff to current
2016-08-03	Richard Levitte	Don't check any revocation info on proxy certificates	blob \| commitdiff \| raw \| diff to current
2016-07-29	Dr. Stephen Henson	Fix CRL time comparison.	blob \| commitdiff \| raw \| diff to current
2016-07-26	Dr. Stephen Henson	Remove current_method from X509_STORE_CTX	blob \| commitdiff \| raw \| diff to current
2016-07-25	Richard Levitte	Add setter and getter for X509_STORE's check_policy	blob \| commitdiff \| raw \| diff to current
2016-07-25	Richard Levitte	Add getters / setters for the X509_STORE_CTX and X509_S...	blob \| commitdiff \| raw \| diff to current
2016-07-22	Dr. Stephen Henson	Use newest CRL.	blob \| commitdiff \| raw \| diff to current
2016-07-12	Viktor Dukhovni	Perform DANE-EE(3) name checks by default	blob \| commitdiff \| raw \| diff to current
2016-07-11	Dr. Stephen Henson	Add nameConstraints commonName checking.	blob \| commitdiff \| raw \| diff to current
2016-06-29	Richard Levitte	Remove the envvar hack to enable proxy cert processing	blob \| commitdiff \| raw \| diff to current
2016-06-29	FdaSilvaYY	Whitespace cleanup in crypto	blob \| commitdiff \| raw \| diff to current
2016-06-20	Richard Levitte	Fix proxy certificate pathlength verification	blob \| commitdiff \| raw \| diff to current
2016-06-20	Richard Levitte	Check that the subject name in a proxy cert complies...	blob \| commitdiff \| raw \| diff to current
2016-05-18	Viktor Dukhovni	Ensure verify error is set when X509_verify_cert()...	blob \| commitdiff \| raw \| diff to current
2016-05-17	Rich Salz	X509_STORE_CTX accessors.	blob \| commitdiff \| raw \| diff to current
2016-05-17	Rich Salz	Copyright consolidation 09/10	blob \| commitdiff \| raw \| diff to current
2016-05-09	FdaSilvaYY	fix tab-space mixed indentation	blob \| commitdiff \| raw \| diff to current
2016-05-03	Viktor Dukhovni	Drop duplicate ctx->verify_cb assignment	blob \| commitdiff \| raw \| diff to current
2016-04-28	Viktor Dukhovni	Implement X509_STORE_CTX_set_current_cert() accessor	blob \| commitdiff \| raw \| diff to current
2016-04-27	Viktor Dukhovni	Future proof build_chain() in x509_vfy.c	blob \| commitdiff \| raw \| diff to current
2016-04-25	Viktor Dukhovni	Added missing X509_STORE_CTX_set_error_depth() accessor	blob \| commitdiff \| raw \| diff to current
2016-04-18	Rich Salz	Rename some lowercase API's	blob \| commitdiff \| raw \| diff to current
2016-04-16	Dr. Stephen Henson	Add X509_STORE_CTX_set0_untrusted function.	blob \| commitdiff \| raw \| diff to current
2016-04-15	Rich Salz	Make many X509_xxx types opaque.	blob \| commitdiff \| raw \| diff to current
2016-04-08	Rich Salz	Add SSL_DANE typedef for consistency.	blob \| commitdiff \| raw \| diff to current
2016-04-03	Viktor Dukhovni	Move peer chain security checks into x509_vfy.c	blob \| commitdiff \| raw \| diff to current
2016-04-03	Viktor Dukhovni	Tidy up x509_vfy callback handling	blob \| commitdiff \| raw \| diff to current
2016-03-30	Viktor Dukhovni	Require intermediate CAs to have basicConstraints CA...	blob \| commitdiff \| raw \| diff to current
2016-03-21	Viktor Dukhovni	Add a comment on dane_verify() logic	blob \| commitdiff \| raw \| diff to current
2016-03-08	Alessandro Ghedini	Convert CRYPTO_LOCK_X509_* to new multi-threading API	blob \| commitdiff \| raw \| diff to current
2016-02-10	Viktor Dukhovni	Deprecate the -issuer_checks debugging option	blob \| commitdiff \| raw \| diff to current
2016-02-08	Viktor Dukhovni	Suppress DANE TLSA reflection when verification fails	blob \| commitdiff \| raw \| diff to current
2016-02-05	FdaSilvaYY	GH601: Various spelling fixes.	blob \| commitdiff \| raw \| diff to current
2016-02-05	Viktor Dukhovni	Ensure correct chain depth for policy checks with DANE...	blob \| commitdiff \| raw \| diff to current
2016-02-05	Viktor Dukhovni	Long overdue cleanup of X509 policy tree verification	blob \| commitdiff \| raw \| diff to current
2016-02-01	Viktor Dukhovni	Compat self-signed trust with reject-only aux data	blob \| commitdiff \| raw \| diff to current
2016-02-01	Viktor Dukhovni	Check chain extensions also for trusted certificates	blob \| commitdiff \| raw \| diff to current
2016-01-26	Rich Salz	Remove /* foo.c */ comments	blob \| commitdiff \| raw \| diff to current
2016-01-20	Viktor Dukhovni	Check Suite-B constraints with EE DANE records	blob \| commitdiff \| raw \| diff to current
2016-01-18	Viktor Dukhovni	Drop cached certificate signature validity flag	blob \| commitdiff \| raw \| diff to current
2016-01-15	Dr. Stephen Henson	Add lookup_certs for a trusted stack.	blob \| commitdiff \| raw \| diff to current
2016-01-14	Viktor Dukhovni	Cosmetic polish for last-resort depth 0 check	blob \| commitdiff \| raw \| diff to current
2016-01-14	Viktor Dukhovni	Fix last-resort depth 0 check when the chain has multip...	blob \| commitdiff \| raw \| diff to current
2016-01-14	Viktor Dukhovni	Always initialize X509_STORE_CTX get_crl pointer	blob \| commitdiff \| raw \| diff to current
2016-01-07	Viktor Dukhovni	DANE support for X509_verify_cert()	blob \| commitdiff \| raw \| diff to current
2016-01-06	Viktor Dukhovni	DANE support structures, constructructors and accessors	blob \| commitdiff \| raw \| diff to current
2016-01-03	Viktor Dukhovni	Fix X509_STORE_CTX_cleanup()	blob \| commitdiff \| raw \| diff to current
2016-01-03	Viktor Dukhovni	X509_verify_cert() cleanup	blob \| commitdiff \| raw \| diff to current
next

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom