aboutsummaryrefslogtreecommitdiff
path: root/openssl
AgeCommit message (Collapse)Author
2006-09-13Compile time conditionals, per Ben.Rob Austein
svn path=/openssl/trunk/Configure; revision=269
2006-09-12Plug preexisting memory leak (-extfile handling).Rob Austein
svn path=/openssl/trunk/apps/ca.c; revision=262
2006-08-26Notes on request extensionsRob Austein
svn path=/openssl/README; revision=237
2006-08-26updateRob Austein
svn path=/openssl/README; revision=234
2006-08-26Add inheritance and subset tests.Rob Austein
svn path=/openssl/README; revision=233
2006-08-26Allow inheritance in "resource sets" since verification of certificateRob Austein
requests will almost certainly require this. svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=232
2006-08-25Update primitive #6Rob Austein
svn path=/openssl/README; revision=231
2006-08-25Debug previously unused paths through new path validation code.Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=228
2006-08-25Notes on reading and writing resource sets.Rob Austein
svn path=/openssl/README; revision=227
2006-08-25Bring marker comments up to date.Rob Austein
svn path=/openssl/trunk/crypto/x509v3/x509v3.h; revision=226
2006-08-24Clean up disused function codes, then "make update".Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3err.c; revision=225
2006-08-24Anything covers a null resource setRob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=224
2006-08-24v3_*_validate_resource_set()Rob Austein
svn path=/openssl/README; revision=223
2006-08-22Reorganize slightly to make canonical form functions global.Rob Austein
svn path=/openssl/README; revision=174
2006-08-21Update status on work items requested at June meeting in Brisbane.Rob Austein
svn path=/openssl/README; revision=173
2006-08-17Back out previous change to "verify" app, it was a kludge.Rob Austein
Defer RFC 3779 path validation until after the CRL checks. svn path=/openssl/trunk/apps/verify.c; revision=172
2006-08-17Add X509_V_ERR_UNNESTED_RESOURCE to the list of errors that verify'sRob Austein
callback will allow, so verify will report if a certificate with bad RFC 3779 resources is also revoked. svn path=/openssl/trunk/apps/verify.c; revision=171
2006-08-17Add notes from APNIC bakeoff.Rob Austein
svn path=/openssl/README; revision=170
2006-08-17More corner cases.Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_asid.c; revision=169
2006-08-17Catch a few corner cases in IPAddrBlocks_is_canonical().Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=168
2006-08-17Update notes.Rob Austein
svn path=/openssl/README; revision=167
2006-08-17Get rid of dependencies on inet_pton() and inet_ntop().Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=166
2006-08-17Cleanup notes.Rob Austein
svn path=/openssl/README; revision=165
2006-08-17Checking a nonexistant extension for canonical form is not very useful.Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_asid.c; revision=164
2006-08-17Refuse to encode overlapping ranges. Check for canonical form bothRob Austein
during path validation and via an assertion for extensions we generate. svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=163
2006-08-16Call asid_is_canonical() both from path validation and via anRob Austein
assertion on extensions we construct. svn path=/openssl/trunk/crypto/x509v3/v3_asid.c; revision=162
2006-08-16Rewrite asid_canonize() to be simpler and to reject overlapping input data.Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_asid.c; revision=161
2006-08-16Tweaks to get null inheritance workingRob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=160
2006-08-16Rewrite address extention path validation to work bottom up, usingRob Austein
cached extensions. svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=159
2006-08-16Clean up compiler warningsRob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=158
2006-08-16Get rid of inherit_marker kludge. Clean up compiler warnings.Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_asid.c; revision=157
2006-08-16Fiddle with compiler warningsRob Austein
svn path=/openssl/trunk/Configure; revision=156
2006-08-16Handle continuation from callback better.Rob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_asid.c; revision=155
2006-08-16Cache RFC 3779 extensions in X509 structure so we don't have to expandRob Austein
them every time we check a certificate chain. Rewrite ASID path validation to use cached extensions, to allow null inheritance, and to start with the target certificate. Still need to rewrite address path validation. svn path=/openssl/README; revision=154
2006-08-15Fixed dumb policy checking bugRob Austein
svn path=/openssl/README; revision=153
2006-08-15Handle policy check at trust anchorRob Austein
svn path=/openssl/trunk/crypto/x509v3/pcy_tree.c; revision=152
2006-08-15note on policy checking code bugRob Austein
svn path=/openssl/README; revision=151
2006-08-11Add NID_certificate_policies to the list of supported extensions soRob Austein
that our certificates will stop throwing critical exception errors. This should be ok since "openssl verify" at least claims to be checking policies if given the (undocumented) -policy etc switches. (needs further testing). svn path=/openssl/trunk/crypto/x509v3/v3_purp.c; revision=149
2006-08-11So much for openssl verify -inform DERRob Austein
svn path=/openssl/README; revision=148
2006-08-11verify -policy already exists?Rob Austein
svn path=/openssl/README; revision=147
2006-08-11List some known work items for verify CLI tool.Rob Austein
svn path=/openssl/README; revision=146
2006-08-11Trivial change: move path validation checks intoRob Austein
check_chain_extensions(), just to be tidy. svn path=/openssl/trunk/crypto/x509/x509_vfy.c; revision=145
2006-08-11Null inheritance.Rob Austein
svn path=/openssl/README; revision=144
2006-08-11Add notes on extension cacheRob Austein
svn path=/openssl/README; revision=143
2006-08-09Assertion caught memory leakRob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=142
2006-08-04CheckpointRob Austein
svn path=/openssl/trunk/crypto/x509v3/v3_addr.c; revision=141
2006-08-04regenRob Austein
svn path=/openssl/trunk/crypto/x509v3/v3err.c; revision=140
2006-08-03*** empty log message ***Rob Austein
svn path=/openssl/README; revision=139
2006-08-02*** empty log message ***Rob Austein
svn path=/openssl/README; revision=138
2006-08-02Notes on checks for well-formed extensions.Rob Austein
svn path=/openssl/README; revision=137
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-10 11:07:30 +0000