aboutsummaryrefslogtreecommitdiff
path: root/openssl
AgeCommit message (Collapse)Author
2006-08-24v3_*_validate_resource_set()Rob Austein
svn path=/openssl/README; revision=223
2006-08-22Reorganize slightly to make canonical form functions global.Rob Austein
svn path=/openssl/README; revision=174
2006-08-21Update status on work items requested at June meeting in Brisbane.Rob Austein
svn path=/openssl/README; revision=173
2006-08-17Back out previous change to "verify" app, it was a kludge.Rob Austein
Defer RFC 3779 path validation until after the CRL checks. svn path=/openssl/trunk/apps/verify.c; revision=172
2006-08-17Add X509_V_ERR_UNNESTED_RESOURCE to the list of errors that verify'sRob Austein
callback will allow, so verify will report if a certificate with bad RFC 3779 resources is also revoked. svn path=/openssl/trunk/apps/verify.c; revision=171
2006-08-17Add notes from APNIC bakeoff.Rob Austein
svn path=/openssl/README; revision=170
2006-08-17More corner cases.Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_asid.c; revision=169
2006-08-17Catch a few corner cases in IPAddrBlocks_is_canonical().Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=168
2006-08-17Update notes.Rob Austein
svn path=/openssl/README; revision=167
2006-08-17Get rid of dependencies on inet_pton() and inet_ntop().Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=166
2006-08-17Cleanup notes.Rob Austein
svn path=/openssl/README; revision=165
2006-08-17Checking a nonexistant extension for canonical form is not very useful.Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_asid.c; revision=164
2006-08-17Refuse to encode overlapping ranges. Check for canonical form bothRob Austein
during path validation and via an assertion for extensions we generate. svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=163
2006-08-16Call asid_is_canonical() both from path validation and via anRob Austein
assertion on extensions we construct. svn path=/openssl/trunk/crypto/x509v3/v3_asid.c; revision=162
2006-08-16Rewrite asid_canonize() to be simpler and to reject overlapping input data.Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_asid.c; revision=161
2006-08-16Tweaks to get null inheritance workingRob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=160
2006-08-16Rewrite address extention path validation to work bottom up, usingRob Austein
cached extensions. svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=159
2006-08-16Clean up compiler warningsRob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=158
2006-08-16Get rid of inherit_marker kludge. Clean up compiler warnings.Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_asid.c; revision=157
2006-08-16Fiddle with compiler warningsRob Austein
svn path=/openssl/trunk/Configure; revision=156
2006-08-16Handle continuation from callback better.Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_asid.c; revision=155
2006-08-16Cache RFC 3779 extensions in X509 structure so we don't have to expandRob Austein
them every time we check a certificate chain. Rewrite ASID path validation to use cached extensions, to allow null inheritance, and to start with the target certificate. Still need to rewrite address path validation. svn path=/openssl/README; revision=154
2006-08-15Fixed dumb policy checking bugRob Austein
svn path=/openssl/README; revision=153
2006-08-15Handle policy check at trust anchorRob Austein
svn path=/openssl/trunk/crypto/x509v3/pcy_tree.c; revision=152
2006-08-15note on policy checking code bugRob Austein
svn path=/openssl/README; revision=151
2006-08-11Add NID_certificate_policies to the list of supported extensions soRob Austein
that our certificates will stop throwing critical exception errors. This should be ok since "openssl verify" at least claims to be checking policies if given the (undocumented) -policy etc switches. (needs further testing). svn path=/openssl/trunk/crypto/x509v3/v3_purp.c; revision=149
2006-08-11So much for openssl verify -inform DERRob Austein
svn path=/openssl/README; revision=148
2006-08-11verify -policy already exists?Rob Austein
svn path=/openssl/README; revision=147
2006-08-11List some known work items for verify CLI tool.Rob Austein
svn path=/openssl/README; revision=146
2006-08-11Trivial change: move path validation checks intoRob Austein
check_chain_extensions(), just to be tidy. svn path=/openssl/trunk/crypto/x509/x509_vfy.c; revision=145
2006-08-11Null inheritance.Rob Austein
svn path=/openssl/README; revision=144
2006-08-11Add notes on extension cacheRob Austein
svn path=/openssl/README; revision=143
2006-08-09Assertion caught memory leakRob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=142
2006-08-04CheckpointRob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=141
2006-08-04regenRob Austein
svn path=/openssl/trunk/crypto/x509v3/v3err.c; revision=140
2006-08-03*** empty log message ***Rob Austein
svn path=/openssl/README; revision=139
2006-08-02*** empty log message ***Rob Austein
svn path=/openssl/README; revision=138
2006-08-02Notes on checks for well-formed extensions.Rob Austein
svn path=/openssl/README; revision=137
2006-08-02Update notesRob Austein
svn path=/openssl/README; revision=136
2006-08-02Doh, helps to compare with the right value.Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=135
2006-08-01Add hooks for RFC 3779 path validation.Rob Austein
svn path=/openssl/trunk/crypto/x509/x509_vfy.c; revision=134
2006-08-01Have to set comparision function to use sk_find().Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=133
2006-08-01Fix double-free bugs.Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_asid.c; revision=132
2006-08-01Add RFC 3779 extensions to supported list.Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_purp.c; revision=131
2006-08-01Add X509_V_ERR_UNNESTED_RESOURCERob Austein
svn path=/openssl/trunk/crypto/x509/x509_txt.c; revision=130
2006-08-01CleanupRob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=129
2006-08-01Rewrite path validation to use error callbacks properly and plugRob Austein
memory leaks. svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=128
2006-08-01Rewrite path validation to use error callbacks properly and to plugRob Austein
memory leaks. svn path=/openssl/trunk/crypto/x509v3/v3_asid.c; revision=127
2006-08-01Update notesRob Austein
svn path=/openssl/README; revision=126
2006-08-01RFC 3779 path validationRob Austein
svn path=/openssl/trunk/util/libeay.num; revision=125
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-19 21:57:24 +0000