summaryrefslogtreecommitdiffstats
path: root/lib/libcrypto/x509
AgeCommit message (Expand)AuthorFilesLines
2021-03-31Provide missing prototype for d2i_DSAPrivateKey_fp(3)tb1-1/+2
2021-03-19Fix copy-paste error in previoustb1-2/+2
2021-03-13Use EXFLAG_INVALID to handle out of memory and parse errors intobhe2-11/+45
2021-03-12Zap a useless variable.tb1-4/+2
2021-03-12Missing void in function definitiontb1-2/+2
2021-03-12Fix checks of memory caps of constraints namestb3-20/+32
2021-02-26Set is_trusted in x509_verify_ctx_add_chain()tb1-2/+2
2021-02-25Fix two bugs in the legacy verifiertb1-6/+10
2021-02-25Rename depth to num_untrusted so it identifies what it actually represents.jsing1-6/+6
2021-02-25Avoid passing last and depth to x509_verify_cert_error() on ENOMEM.jsing1-3/+2
2021-02-24Fix comment explaining last_untrusted. This should really be calledtb1-2/+2
2021-02-24Make the new validator check for EXFLAG_CRITICALtb1-8/+15
2021-02-11KNFtb1-4/+7
2021-01-09Set chain on xsc on chain build failure.jsing1-1/+3
2021-01-09Bail out early after finding an single chain if we are have been called frombeck1-1/+9
2021-01-08search the intermediates only after searching the root certs, clarifybeck1-11/+15
2021-01-05Handle X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE in new verifier.jsing1-1/+4
2021-01-05Gracefully handle root certificates being both trusted and untrusted.jsing2-4/+16
2020-12-16Remove two reduntat memset calls.tb1-3/+1
2020-12-16Fix some KNF issuestb1-7/+8
2020-12-08Fix a NULL dereference in GENERAL_NAME_cmp()tb1-6/+46
2020-11-25Avoid undefined behavior due to memcpy(NULL, NULL, 0)tb1-4/+6
2020-11-18Plug leak in x509_verify_chain_dup()tb1-2/+2
2020-11-18Plug a big memory leak in the new validatortb1-1/+6
2020-11-18zap ugly empty line before closing bracetb1-2/+1
2020-11-18Move freeing of the verify context to its natural place instead oftb1-2/+2
2020-11-18KNF (whitespace)tb4-13/+13
2020-11-16Use X509_V_OK instead of 0.jsing1-4/+3
2020-11-16Add back an X509_STORE_CTX error code assignment.jsing1-2/+3
2020-11-15Return the specific failure for a "self signed certificate" in the chainbeck1-1/+14
2020-11-11Handle additional certificate error cases in new X.509 verifier.jsing2-12/+79
2020-11-03Fix bad indent.jsing1-7/+6
2020-11-03Hook X509_STORE_CTX get_issuer() callback from new X509 verifier.jsing1-3/+17
2020-10-26Add a safety net to ensure that we set an error on the store context.tb1-1/+3
2020-10-26If x509_verify() fails, ensure that the error is also set on the storetb1-10/+15
2020-10-26Make sure that x509_vfy_check_id() failure also sets ctx->error, not onlytb1-3/+8
2020-09-26Ensure leaf is set up on X509_STORE_CTX before verification.jsing1-9/+7
2020-09-26jumping into the x509 fray with a bunch of whitespace repairderaadt1-6/+6
2020-09-23Ensure chain is set on the X509_STORE_CTX before triggering callback.jsing1-12/+39
2020-09-21Fix some line wrapping and other whitespace issues.tb1-45/+34
2020-09-21Move freeing and zeroing up to right after the while loop.tb1-5/+5
2020-09-20Avoid memleak caused by shadowingtb1-2/+5
2020-09-20KNF/whitespace nitstb2-6/+7
2020-09-20Correct a 1 byte read overflow in x509_contraints_uri and addbeck1-4/+9
2020-09-20Fix a memory leak in x509_constraints_extract_namestb1-6/+6
2020-09-19remove superfluous NULL checkbeck1-2/+2
2020-09-18Fix potential overflow in CN subject line parsing, thanks tobeck1-4/+5
2020-09-16revert my putting this on a diet. sadly the NAME_CONSTRAINTS_checkbeck1-7/+1
2020-09-16noop NAME_CONSTRAINTS_check stubinoguchi1-4/+5
2020-09-16Make check in x509_verify_ctx_set_max_signatures() consistent with others.jsing1-4/+2
Copyright © 1996 – 2026 Jason A. Donenfeld. All Rights Reverse Engineered.