]> git.ipfire.org Git - thirdparty/openssl.git/history - crypto/x509/x509_vfy.c
Fix error handling in x509v3_cache_extensions and related functions
[thirdparty/openssl.git] / crypto / x509 / x509_vfy.c
2020-03-22  Bernd EdlingerFix error handling in x509v3_cache_extensions and relat...
2019-09-27  Dr. Matthias St... Reorganize local header files
2019-09-27  Dr. Matthias St... Reorganize private crypto header files
2019-09-10  Matt CaswellUpdate copyright year
2019-08-14  opensslonzos-githubAdd missing EBCDIC strings
2018-12-20  Ken GoldmanAdmit unknown pkey types at security level 0
2018-10-18  Viktor DukhovniApply self-imposed path length also to root CAs
2018-10-18  Viktor DukhovniOnly CA certificates can be self-issued
2018-05-23  Viktor DukhovniSkip CN DNS name constraint checks when not needed
2018-05-01  Matt CaswellUpdate copyright year
2018-04-24  FdaSilvaYYX509: add more error codes on malloc or sk_TYP_push...
2017-09-28  PauliRemove unnecessary #include <openssl/lhash.h> directives.
2017-09-22  David BenjaminGuard against DoS in name constraints handling.
2017-08-22  Rich SalzUse "" not <> for internal/ includes
2017-08-21  PauliThis has been added to avoid the situation where some...
2017-08-21  Matt CaswellRemove OPENSSL_assert() from crypto/x509
2017-04-25  Dr. Stephen HensonUse X509_get_signature_info() when checking security...
2017-02-24  Emilia KasperX509 time: tighten validation per RFC 5280
2016-12-03  Viktor DukhovniRestore last-resort expired untrusted intermediate...
2016-08-24  Viktor DukhovniUn-delete still documented X509_STORE_CTX_set_verify
2016-08-22  Matt CaswellAdd some sanity checks when checking CRL scores
2016-08-19  Dr. Stephen HensonConstify certificate and CRL time routines.
2016-08-05  klemensspelling fixes, just comments and readme.
2016-08-03  Richard LevitteDon't check any revocation info on proxy certificates
2016-07-29  Dr. Stephen HensonFix CRL time comparison.
2016-07-26  Dr. Stephen HensonRemove current_method from X509_STORE_CTX
2016-07-25  Richard LevitteAdd setter and getter for X509_STORE's check_policy
2016-07-25  Richard LevitteAdd getters / setters for the X509_STORE_CTX and X509_S...
2016-07-22  Dr. Stephen HensonUse newest CRL.
2016-07-12  Viktor DukhovniPerform DANE-EE(3) name checks by default
2016-07-11  Dr. Stephen HensonAdd nameConstraints commonName checking.
2016-06-29  Richard LevitteRemove the envvar hack to enable proxy cert processing
2016-06-29  FdaSilvaYYWhitespace cleanup in crypto
2016-06-20  Richard LevitteFix proxy certificate pathlength verification
2016-06-20  Richard LevitteCheck that the subject name in a proxy cert complies...
2016-05-18  Viktor DukhovniEnsure verify error is set when X509_verify_cert()...
2016-05-17  Rich SalzX509_STORE_CTX accessors.
2016-05-17  Rich SalzCopyright consolidation 09/10
2016-05-09  FdaSilvaYYfix tab-space mixed indentation
2016-05-03  Viktor DukhovniDrop duplicate ctx->verify_cb assignment
2016-04-28  Viktor DukhovniImplement X509_STORE_CTX_set_current_cert() accessor
2016-04-27  Viktor DukhovniFuture proof build_chain() in x509_vfy.c
2016-04-25  Viktor DukhovniAdded missing X509_STORE_CTX_set_error_depth() accessor
2016-04-18  Rich SalzRename some lowercase API's
2016-04-16  Dr. Stephen HensonAdd X509_STORE_CTX_set0_untrusted function.
2016-04-15  Rich SalzMake many X509_xxx types opaque.
2016-04-08  Rich SalzAdd SSL_DANE typedef for consistency.
2016-04-03  Viktor DukhovniMove peer chain security checks into x509_vfy.c
2016-04-03  Viktor DukhovniTidy up x509_vfy callback handling
2016-03-30  Viktor DukhovniRequire intermediate CAs to have basicConstraints CA...
2016-03-21  Viktor DukhovniAdd a comment on dane_verify() logic
2016-03-08  Alessandro GhediniConvert CRYPTO_LOCK_X509_* to new multi-threading API
2016-02-10  Viktor DukhovniDeprecate the -issuer_checks debugging option
2016-02-08  Viktor DukhovniSuppress DANE TLSA reflection when verification fails
2016-02-05  FdaSilvaYYGH601: Various spelling fixes.
2016-02-05  Viktor DukhovniEnsure correct chain depth for policy checks with DANE...
2016-02-05  Viktor DukhovniLong overdue cleanup of X509 policy tree verification
2016-02-01  Viktor DukhovniCompat self-signed trust with reject-only aux data
2016-02-01  Viktor DukhovniCheck chain extensions also for trusted certificates
2016-01-26  Rich SalzRemove /* foo.c */ comments
2016-01-20  Viktor DukhovniCheck Suite-B constraints with EE DANE records
2016-01-18  Viktor DukhovniDrop cached certificate signature validity flag
2016-01-15  Dr. Stephen HensonAdd lookup_certs for a trusted stack.
2016-01-14  Viktor DukhovniCosmetic polish for last-resort depth 0 check
2016-01-14  Viktor DukhovniFix last-resort depth 0 check when the chain has multip...
2016-01-14  Viktor DukhovniAlways initialize X509_STORE_CTX get_crl pointer
2016-01-07  Viktor DukhovniDANE support for X509_verify_cert()
2016-01-06  Viktor DukhovniDANE support structures, constructructors and accessors
2016-01-03  Viktor DukhovniFix X509_STORE_CTX_cleanup()
2016-01-03  Viktor DukhovniX509_verify_cert() cleanup
2015-12-14  Dr. Stephen HensonNew function X509_get0_pubkey
2015-12-01  Rich Salzex_data part 2: doc fixes and CRYPTO_free_ex_index.
2015-11-26  Dr. Stephen HensonRemove X509_VERIFY_PARAM_ID
2015-11-09  Matt CaswellContinue standardising malloc style for libcrypto
2015-10-15  Dr. Stephen Hensonembed CRL serial number and signature fields
2015-09-05  mrpreIn X509_STORE_CTX_init, cleanup on failure
2015-09-05  David WoodhouseRT3951: Add X509_V_FLAG_NO_CHECK_TIME to suppress time...
2015-09-03  David WoodhouseRevert "OPENSSL_NO_xxx cleanup: RFC3779"
2015-09-03  Rich SalzAdd and use OPENSSL_zalloc
2015-09-02  Dr. Stephen Hensonmake X509_CRL opaque
2015-09-02  Viktor DukhovniBetter handling of verify param id peername field
2015-08-31  Dr. Stephen HensonAdd X509_up_ref function.
2015-08-31  Dr. Stephen HensonAdd X509_CRL_up_ref function
2015-08-28  Alessandro GhediniGH354: Memory leak fixes
2015-08-13  Ismo PuustinenGH364: Free memory on an error path
2015-08-10  Rich SalzRT3999: Remove sub-component version strings
2015-07-07  Matt CaswellExtend -show_chain option to verify to show more info
2015-07-07  Matt CaswellReject calls to X509_verify_cert that have not been...
2015-07-07  Matt CaswellFix alternate chains certificate forgery issue
2015-06-11  Emilia KasperFix length checks in X509_cmp_time to avoid out-of...
2015-05-14  Richard LevitteIdentify and move common internal libcrypto header...
2015-05-06  Gunnar KudrjavetsInitialize potentially uninitialized local variables
2015-05-06  Rich Salzmemset, memcpy, sizeof consistency fixes
2015-05-04  Rich SalzUse safer sizeof variant in malloc
2015-05-01  Rich Salzfree NULL cleanup -- coda
2015-05-01  Rich SalzRemove goto inside an if(0) block
2015-04-30  Rich Salzfree NULL cleanup 5a
2015-04-28  Rich Salzremove malloc casts
2015-03-28  Rich Salzfree NULL cleanup
2015-03-24  Dr. Stephen HensonFix verify algorithm.
next