git.openssl.org Git - openssl.git/history

[openssl.git] / crypto / x509 / x509_vfy.c

2023-03-28	Matt Caswell	Ensure that EXFLAG_INVALID_POLICY is checked even in...	blob \| commitdiff \| raw
2022-08-23	Ryan Kelley	Moving notify check after the no time check	blob \| commitdiff \| raw \| diff to current
2022-03-15	Matt Caswell	Update copyright year	blob \| commitdiff \| raw \| diff to current
2022-02-02	Matt Caswell	Ensure X509_STORE_CTX_purpose_inherit handles a 0 defau...	blob \| commitdiff \| raw \| diff to current
2021-09-03	Viktor Dukhovni	Prioritise DANE TLSA issuer certs over peer certs	blob \| commitdiff \| raw \| diff to current
2021-03-25	Tomas Mraz	check_chain_extensions: Do not override error return...	blob \| commitdiff \| raw \| diff to current
2021-02-16	Matt Caswell	Update copyright year	blob \| commitdiff \| raw \| diff to current
2021-01-14	Dr. David von Oheimb	x509_vfy.c: Fix a regression in find_isser()	blob \| commitdiff \| raw \| diff to current
2020-12-03	Dr. David von Oheimb	x509_vfy.c: Restore rejection of expired trusted (root...	blob \| commitdiff \| raw \| diff to current
2020-10-26	André Klitzing	Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE	blob \| commitdiff \| raw \| diff to current
2020-09-21	Tomas Mraz	Disallow certs with explicit curve in verification...	blob \| commitdiff \| raw \| diff to current
2020-07-16	Dr. David von Oheimb	x509_vfy.c: Improve key usage checks in internal_verify...	blob \| commitdiff \| raw \| diff to current
2020-07-16	Dr. David von Oheimb	Fix issue 1418 by moving check of KU_KEY_CERT_SIGN...	blob \| commitdiff \| raw \| diff to current
2020-05-25	Pauli	Coverity 1463830: Resource leaks (RESOURCE_LEAK)	blob \| commitdiff \| raw \| diff to current
2020-05-19	Bernd Edlinger	Fix some places where X509_up_ref is used	blob \| commitdiff \| raw \| diff to current
2020-04-06	Tomas Mraz	Set X509_V_ERR_INVALID_EXTENSION error for invalid...	blob \| commitdiff \| raw \| diff to current
2020-03-22	Bernd Edlinger	Fix error handling in x509v3_cache_extensions and relat...	blob \| commitdiff \| raw \| diff to current
2019-09-27	Dr. Matthias St...	Reorganize local header files	blob \| commitdiff \| raw \| diff to current
2019-09-27	Dr. Matthias St...	Reorganize private crypto header files	blob \| commitdiff \| raw \| diff to current
2019-09-10	Matt Caswell	Update copyright year	blob \| commitdiff \| raw \| diff to current
2019-08-14	opensslonzos-github	Add missing EBCDIC strings	blob \| commitdiff \| raw \| diff to current
2018-12-20	Ken Goldman	Admit unknown pkey types at security level 0	blob \| commitdiff \| raw \| diff to current
2018-10-18	Viktor Dukhovni	Apply self-imposed path length also to root CAs	blob \| commitdiff \| raw \| diff to current
2018-10-18	Viktor Dukhovni	Only CA certificates can be self-issued	blob \| commitdiff \| raw \| diff to current
2018-05-23	Viktor Dukhovni	Skip CN DNS name constraint checks when not needed	blob \| commitdiff \| raw \| diff to current
2018-05-01	Matt Caswell	Update copyright year	blob \| commitdiff \| raw \| diff to current
2018-04-24	FdaSilvaYY	X509: add more error codes on malloc or sk_TYP_push...	blob \| commitdiff \| raw \| diff to current
2017-09-28	Pauli	Remove unnecessary #include <openssl/lhash.h> directives.	blob \| commitdiff \| raw \| diff to current
2017-09-22	David Benjamin	Guard against DoS in name constraints handling.	blob \| commitdiff \| raw \| diff to current
2017-08-22	Rich Salz	Use "" not <> for internal/ includes	blob \| commitdiff \| raw \| diff to current
2017-08-21	Pauli	This has been added to avoid the situation where some...	blob \| commitdiff \| raw \| diff to current
2017-08-21	Matt Caswell	Remove OPENSSL_assert() from crypto/x509	blob \| commitdiff \| raw \| diff to current
2017-04-25	Dr. Stephen Henson	Use X509_get_signature_info() when checking security...	blob \| commitdiff \| raw \| diff to current
2017-02-24	Emilia Kasper	X509 time: tighten validation per RFC 5280	blob \| commitdiff \| raw \| diff to current
2016-12-03	Viktor Dukhovni	Restore last-resort expired untrusted intermediate...	blob \| commitdiff \| raw \| diff to current
2016-08-24	Viktor Dukhovni	Un-delete still documented X509_STORE_CTX_set_verify	blob \| commitdiff \| raw \| diff to current
2016-08-22	Matt Caswell	Add some sanity checks when checking CRL scores	blob \| commitdiff \| raw \| diff to current
2016-08-19	Dr. Stephen Henson	Constify certificate and CRL time routines.	blob \| commitdiff \| raw \| diff to current
2016-08-05	klemens	spelling fixes, just comments and readme.	blob \| commitdiff \| raw \| diff to current
2016-08-03	Richard Levitte	Don't check any revocation info on proxy certificates	blob \| commitdiff \| raw \| diff to current
2016-07-29	Dr. Stephen Henson	Fix CRL time comparison.	blob \| commitdiff \| raw \| diff to current
2016-07-26	Dr. Stephen Henson	Remove current_method from X509_STORE_CTX	blob \| commitdiff \| raw \| diff to current
2016-07-25	Richard Levitte	Add setter and getter for X509_STORE's check_policy	blob \| commitdiff \| raw \| diff to current
2016-07-25	Richard Levitte	Add getters / setters for the X509_STORE_CTX and X509_S...	blob \| commitdiff \| raw \| diff to current
2016-07-22	Dr. Stephen Henson	Use newest CRL.	blob \| commitdiff \| raw \| diff to current
2016-07-12	Viktor Dukhovni	Perform DANE-EE(3) name checks by default	blob \| commitdiff \| raw \| diff to current
2016-07-11	Dr. Stephen Henson	Add nameConstraints commonName checking.	blob \| commitdiff \| raw \| diff to current
2016-06-29	Richard Levitte	Remove the envvar hack to enable proxy cert processing	blob \| commitdiff \| raw \| diff to current
2016-06-29	FdaSilvaYY	Whitespace cleanup in crypto	blob \| commitdiff \| raw \| diff to current
2016-06-20	Richard Levitte	Fix proxy certificate pathlength verification	blob \| commitdiff \| raw \| diff to current
2016-06-20	Richard Levitte	Check that the subject name in a proxy cert complies...	blob \| commitdiff \| raw \| diff to current
2016-05-18	Viktor Dukhovni	Ensure verify error is set when X509_verify_cert()...	blob \| commitdiff \| raw \| diff to current
2016-05-17	Rich Salz	X509_STORE_CTX accessors.	blob \| commitdiff \| raw \| diff to current
2016-05-17	Rich Salz	Copyright consolidation 09/10	blob \| commitdiff \| raw \| diff to current
2016-05-09	FdaSilvaYY	fix tab-space mixed indentation	blob \| commitdiff \| raw \| diff to current
2016-05-03	Viktor Dukhovni	Drop duplicate ctx->verify_cb assignment	blob \| commitdiff \| raw \| diff to current
2016-04-28	Viktor Dukhovni	Implement X509_STORE_CTX_set_current_cert() accessor	blob \| commitdiff \| raw \| diff to current
2016-04-27	Viktor Dukhovni	Future proof build_chain() in x509_vfy.c	blob \| commitdiff \| raw \| diff to current
2016-04-25	Viktor Dukhovni	Added missing X509_STORE_CTX_set_error_depth() accessor	blob \| commitdiff \| raw \| diff to current
2016-04-18	Rich Salz	Rename some lowercase API's	blob \| commitdiff \| raw \| diff to current
2016-04-16	Dr. Stephen Henson	Add X509_STORE_CTX_set0_untrusted function.	blob \| commitdiff \| raw \| diff to current
2016-04-15	Rich Salz	Make many X509_xxx types opaque.	blob \| commitdiff \| raw \| diff to current
2016-04-08	Rich Salz	Add SSL_DANE typedef for consistency.	blob \| commitdiff \| raw \| diff to current
2016-04-03	Viktor Dukhovni	Move peer chain security checks into x509_vfy.c	blob \| commitdiff \| raw \| diff to current
2016-04-03	Viktor Dukhovni	Tidy up x509_vfy callback handling	blob \| commitdiff \| raw \| diff to current
2016-03-30	Viktor Dukhovni	Require intermediate CAs to have basicConstraints CA...	blob \| commitdiff \| raw \| diff to current
2016-03-21	Viktor Dukhovni	Add a comment on dane_verify() logic	blob \| commitdiff \| raw \| diff to current
2016-03-08	Alessandro Ghedini	Convert CRYPTO_LOCK_X509_* to new multi-threading API	blob \| commitdiff \| raw \| diff to current
2016-02-10	Viktor Dukhovni	Deprecate the -issuer_checks debugging option	blob \| commitdiff \| raw \| diff to current
2016-02-08	Viktor Dukhovni	Suppress DANE TLSA reflection when verification fails	blob \| commitdiff \| raw \| diff to current
2016-02-05	FdaSilvaYY	GH601: Various spelling fixes.	blob \| commitdiff \| raw \| diff to current
2016-02-05	Viktor Dukhovni	Ensure correct chain depth for policy checks with DANE...	blob \| commitdiff \| raw \| diff to current
2016-02-05	Viktor Dukhovni	Long overdue cleanup of X509 policy tree verification	blob \| commitdiff \| raw \| diff to current
2016-02-01	Viktor Dukhovni	Compat self-signed trust with reject-only aux data	blob \| commitdiff \| raw \| diff to current
2016-02-01	Viktor Dukhovni	Check chain extensions also for trusted certificates	blob \| commitdiff \| raw \| diff to current
2016-01-26	Rich Salz	Remove /* foo.c */ comments	blob \| commitdiff \| raw \| diff to current
2016-01-20	Viktor Dukhovni	Check Suite-B constraints with EE DANE records	blob \| commitdiff \| raw \| diff to current
2016-01-18	Viktor Dukhovni	Drop cached certificate signature validity flag	blob \| commitdiff \| raw \| diff to current
2016-01-15	Dr. Stephen Henson	Add lookup_certs for a trusted stack.	blob \| commitdiff \| raw \| diff to current
2016-01-14	Viktor Dukhovni	Cosmetic polish for last-resort depth 0 check	blob \| commitdiff \| raw \| diff to current
2016-01-14	Viktor Dukhovni	Fix last-resort depth 0 check when the chain has multip...	blob \| commitdiff \| raw \| diff to current
2016-01-14	Viktor Dukhovni	Always initialize X509_STORE_CTX get_crl pointer	blob \| commitdiff \| raw \| diff to current
2016-01-07	Viktor Dukhovni	DANE support for X509_verify_cert()	blob \| commitdiff \| raw \| diff to current
2016-01-06	Viktor Dukhovni	DANE support structures, constructructors and accessors	blob \| commitdiff \| raw \| diff to current
2016-01-03	Viktor Dukhovni	Fix X509_STORE_CTX_cleanup()	blob \| commitdiff \| raw \| diff to current
2016-01-03	Viktor Dukhovni	X509_verify_cert() cleanup	blob \| commitdiff \| raw \| diff to current
2015-12-14	Dr. Stephen Henson	New function X509_get0_pubkey	blob \| commitdiff \| raw \| diff to current
2015-12-01	Rich Salz	ex_data part 2: doc fixes and CRYPTO_free_ex_index.	blob \| commitdiff \| raw \| diff to current
2015-11-26	Dr. Stephen Henson	Remove X509_VERIFY_PARAM_ID	blob \| commitdiff \| raw \| diff to current
2015-11-09	Matt Caswell	Continue standardising malloc style for libcrypto	blob \| commitdiff \| raw \| diff to current
2015-10-15	Dr. Stephen Henson	embed CRL serial number and signature fields	blob \| commitdiff \| raw \| diff to current
2015-09-05	mrpre	In X509_STORE_CTX_init, cleanup on failure	blob \| commitdiff \| raw \| diff to current
2015-09-05	David Woodhouse	RT3951: Add X509_V_FLAG_NO_CHECK_TIME to suppress time...	blob \| commitdiff \| raw \| diff to current
2015-09-03	David Woodhouse	Revert "OPENSSL_NO_xxx cleanup: RFC3779"	blob \| commitdiff \| raw \| diff to current
2015-09-03	Rich Salz	Add and use OPENSSL_zalloc	blob \| commitdiff \| raw \| diff to current
2015-09-02	Dr. Stephen Henson	make X509_CRL opaque	blob \| commitdiff \| raw \| diff to current
2015-09-02	Viktor Dukhovni	Better handling of verify param id peername field	blob \| commitdiff \| raw \| diff to current
2015-08-31	Dr. Stephen Henson	Add X509_up_ref function.	blob \| commitdiff \| raw \| diff to current
2015-08-31	Dr. Stephen Henson	Add X509_CRL_up_ref function	blob \| commitdiff \| raw \| diff to current
2015-08-28	Alessandro Ghedini	GH354: Memory leak fixes	blob \| commitdiff \| raw \| diff to current
next

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom