projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 914c2a2) | patch
Make an explicit check during certificate validation to see that the
authorRichard Levitte <levitte@openssl.org>
Mon, 29 Nov 2004 11:28:08 +0000 (11:28 +0000)
committerRichard Levitte <levitte@openssl.org>
Mon, 29 Nov 2004 11:28:08 +0000 (11:28 +0000)
commit30b415b0765b465e71262d051b7b16b604a855be
treeea4d4e61013d94f9bcd05ee521efc71e67eda6b3tree | snapshot
parent914c2a28c05797dc44fb3f498e6e12e5bc0db2b3commit | diff
Make an explicit check during certificate validation to see that the
CA setting in each certificate on the chain is correct.  As a side-
effect always do the following basic checks on extensions, not just
when there's an associated purpose to the check:
- if there is an unhandled critical extension (unless the user has
  chosen to ignore this fault)
- if the path length has been exceeded (if one is set at all)
- that certain extensions fit the associated purpose (if one has been
  given)
apps/verify.c diff | blob | history
crypto/x509/x509_txt.c diff | blob | history
crypto/x509/x509_vfy.c diff | blob | history
crypto/x509/x509_vfy.h diff | blob | history
crypto/x509v3/v3_purp.c diff | blob | history
crypto/x509v3/x509v3.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.