Revision tags: OpenSSL_0_9_8m-beta1, OpenSSL_1_0_0-beta5 |
|
#
fdb2c6e4 |
| 09-Dec-2009 |
Dr. Stephen Henson |
PR: 2124 Submitted by: Jan Pechanec <Jan.Pechanec@Sun.COM> Check for memory allocation failures.
|
Revision tags: OpenSSL_1_0_0-beta4, OpenSSL_0_9_8l |
|
#
a5b37fca |
| 18-Oct-2009 |
Dr. Stephen Henson |
Add "missing" function X509_STORE_set_verify_cb().
|
Revision tags: OpenSSL_1_0_0-beta3, OpenSSL_1_0_0-beta2, OpenSSL_1_0_0-beta1, OpenSSL_0_9_8k, OpenSSL_0_9_8j, OpenSSL_0_9_8i, OpenSSL_0_9_8h, OpenSSL_0_9_8g, OpenSSL_0_9_8f, FIPS_098_TEST_8, FIPS_098_TEST_7, FIPS_098_TEST_6, FIPS_098_TEST_5, FIPS_098_TEST_4, FIPS_098_TEST_3, FIPS_098_TEST_2, FIPS_098_TEST_1, OpenSSL_0_9_7m, OpenSSL_0_9_8e, OpenSSL_0_9_7l, OpenSSL_0_9_8d |
|
#
019bfef8 |
| 26-Sep-2006 |
Dr. Stephen Henson |
Initialize new callbacks and make sure hent is always initialized.
|
#
5d20c4fb |
| 17-Sep-2006 |
Dr. Stephen Henson |
Overhaul of by_dir code to handle dynamic loading of CRLs.
|
#
016bc5ce |
| 11-Sep-2006 |
Dr. Stephen Henson |
Fixes for new CRL/cert callbacks. Update CRL processing code to use new callbacks.
|
#
4d50a2b4 |
| 10-Sep-2006 |
Dr. Stephen Henson |
Add verify callback functions to lookup a STACK of matching certs or CRLs based on subject name. New thread safe functions to retrieve matching STACK from X509_STORE. Cache some
Add verify callback functions to lookup a STACK of matching certs or CRLs based on subject name. New thread safe functions to retrieve matching STACK from X509_STORE. Cache some IDP components.
show more ...
|
Revision tags: OpenSSL_0_9_8c, OpenSSL_0_9_7k |
|
#
f6e7d014 |
| 25-Jul-2006 |
Dr. Stephen Henson |
Support for multiple CRLs with same issuer name in X509_STORE. Modify verify logic to try to use an unexpired CRL if possible.
|
Revision tags: OpenSSL_0_9_7j, OpenSSL_0_9_8b, OpenSSL_FIPS_1_0, OpenSSL_0_9_7i, OpenSSL_0_9_8a, OpenSSL_0_9_7h, OpenSSL_0_9_8, FIPS_TEST_10, OpenSSL_0_9_8-beta6, OpenSSL_0_9_8-beta5, FIPS_TEST_9, OpenSSL_0_9_8-beta4, OpenSSL_0_9_8-beta3, BEN_FIPS_TEST_8, OpenSSL_0_9_8-beta2, OpenSSL_0_9_8-beta1 |
|
#
8afca8d9 |
| 11-May-2005 |
Bodo Möller |
Fix more error codes. (Also improve util/ck_errf.pl script, and occasionally fix source code formatting.)
|
Revision tags: OpenSSL_0_9_7g, OpenSSL_0_9_7f, BEN_FIPS_TEST_7, BEN_FIPS_TEST_6, OpenSSL_0_9_7e |
|
#
5d7c222d |
| 06-Sep-2004 |
Dr. Stephen Henson |
New X509_VERIFY_PARAM structure and associated functionality. This tidies up verify parameters and adds support for integrated policy checking. Add support for policy related co
New X509_VERIFY_PARAM structure and associated functionality. This tidies up verify parameters and adds support for integrated policy checking. Add support for policy related command line options. Currently only in smime application. WARNING: experimental code subject to change.
show more ...
|
Revision tags: OpenSSL_0_9_7d, OpenSSL-engine-0_9_6m, OpenSSL_0_9_6m, LEVITTE_after_const, LEVITTE_before_const, BEN_FIPS_TEST_5, BEN_FIPS_TEST_4, OpenSSL-engine-0_9_6l, OpenSSL_0_9_6l, BEN_FIPS_TEST_3, BEN_FIPS_TEST_2, BEN_FIPS_TEST_1, OpenSSL-engine-0_9_6k, OpenSSL_0_9_6k, OpenSSL_0_9_7c, OpenSSL-engine-0_9_6j, OpenSSL_0_9_7b, OpenSSL_0_9_6j, OpenSSL-engine-0_9_6i, OpenSSL_0_9_6i, OpenSSL_0_9_7a, OpenSSL_0_9_7, OpenSSL_0_9_7-beta6, STATE_after_zlib, STATE_before_zlib, OpenSSL_0_9_7-beta5, OpenSSL-engine-0_9_6h, OpenSSL_0_9_6h, OpenSSL_0_9_7-beta4, OpenSSL-engine-0_9_6g, OpenSSL_0_9_6g, OpenSSL-engine-0_9_6f, OpenSSL_0_9_6f, OpenSSL_0_9_7-beta3, OpenSSL-engine-0_9_6e, OpenSSL_0_9_6e, OpenSSL_0_9_7-beta2, OpenSSL_0_9_7-beta1, AFTER_COMPAQ_PATCH, BEFORE_COMPAQ_PATCH, OpenSSL-engine-0_9_6d, OpenSSL_0_9_6d, OpenSSL-engine-0_9_6d-beta1, OpenSSL_0_9_6d-beta1, OpenSSL-engine-0_9_6c, OpenSSL_0_9_6c |
|
#
79aa04ef |
| 01-Sep-2001 |
Geoff Thorpe |
Make the necessary changes to work with the recent "ex_data" overhaul. See the commit log message for that for more information. NB: X509_STORE_CTX's use of "ex_data" support was actuall
Make the necessary changes to work with the recent "ex_data" overhaul. See the commit log message for that for more information. NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented (initialisation by "memset" won't/can't/doesn't work). This fixes that but requires that X509_STORE_CTX_init() be able to handle errors - so its prototype has been changed to return 'int' rather than 'void'. All uses of that function throughout the source code have been tracked down and adjusted.
show more ...
|
Revision tags: OpenSSL-engine-0_9_6b, OpenSSL_0_9_6b |
|
#
926a56bf |
| 10-May-2001 |
Dr. Stephen Henson |
Purpose and trust setting functions for X509_STORE. Tidy existing code.
|
#
bdee69f7 |
| 09-May-2001 |
Dr. Stephen Henson |
Allow various X509_STORE_CTX properties to be inherited from X509_STORE. Add CRL checking options to other applications.
|
Revision tags: OpenSSL_0_9_6a, OpenSSL-engine-0_9_6a, OpenSSL-engine-0_9_6a-beta3, OpenSSL_0_9_6a-beta3, OpenSSL-engine-0_9_6a-beta2, OpenSSL_0_9_6a-beta2, OpenSSL-engine-0_9_6a-beta1, OpenSSL_0_9_6a-beta1, rsaref, BEFORE_engine, OpenSSL_0_9_6-beta2, OpenSSL_0_9_6-beta1, OpenSSL_0_9_6, OpenSSL-engine-0_9_6, OpenSSL-engine-0_9_6-beta3, OpenSSL_0_9_6-beta3, OpenSSL-engine-0_9_6-beta2, OpenSSL-engine-0_9_6-beta1 |
|
#
15387be2 |
| 06-Sep-2000 |
Bodo Möller |
Another superfluous pair of parentheses.
|
#
f684090c |
| 06-Sep-2000 |
Bodo Möller |
Another round of indentation changes: Position braces consistently, add some whitespace for 'if ()', 'for ()', 'while ()' to distinguish keywords from function names, and finally remove paren
Another round of indentation changes: Position braces consistently, add some whitespace for 'if ()', 'for ()', 'while ()' to distinguish keywords from function names, and finally remove parens around return values (why be stingy with whitespace but fill the source code with an abundance of parentheses that are not needed to structure expressions for readability?).
show more ...
|
#
2f043896 |
| 05-Sep-2000 |
Dr. Stephen Henson |
*BIG* verify code reorganisation. The old code was painfully primitive and couldn't handle distinct certificates using the same subject name. The new code performs several tests
*BIG* verify code reorganisation. The old code was painfully primitive and couldn't handle distinct certificates using the same subject name. The new code performs several tests on a candidate issuer certificate based on certificate extensions. It also adds several callbacks to X509_VERIFY_CTX so its behaviour can be customised. Unfortunately some hackery was needed to persuade X509_STORE to tolerate this. This should go away when X509_STORE is replaced, sometime... This must have broken something though :-(
show more ...
|
#
bbb8de09 |
| 04-Sep-2000 |
Bodo Möller |
Avoid abort() throughout the library, except when preprocessor symbols for debugging are defined.
|
#
26a3a48d |
| 01-Jun-2000 |
Richard Levitte |
There have been a number of complaints from a number of sources that names like Malloc, Realloc and especially Free conflict with already existing names on some operating systems or other pac
There have been a number of complaints from a number of sources that names like Malloc, Realloc and especially Free conflict with already existing names on some operating systems or other packages. That is reason enough to change the names of the OpenSSL memory allocation macros to something that has a better chance of being unique, like prepending them with OPENSSL_. This change includes all the name changes needed throughout all C files.
show more ...
|
Revision tags: OpenSSL_0_9_5, OpenSSL_0_9_5a, OpenSSL_0_9_5a-beta2, OpenSSL_0_9_5a-beta1, OpenSSL_0_9_5beta2, OpenSSL_0_9_5beta1 |
|
#
9d1a01be |
| 30-Jan-2000 |
Ulf Möller |
Source code cleanups: Use void * rather than char * in lhash, eliminate some of the -Wcast-qual warnings (debug-ben-strict target)
|
#
dd9d233e |
| 23-Jan-2000 |
Dr. Stephen Henson |
Tidy up CRYPTO_EX_DATA structures.
|
#
13938ace |
| 29-Nov-1999 |
Dr. Stephen Henson |
Add part of chain verify SSL support code: not complete or doing anything yet. Add a function X509_STORE_CTX_purpose_inherit() which implements the logic of "inheriting" purpose and
Add part of chain verify SSL support code: not complete or doing anything yet. Add a function X509_STORE_CTX_purpose_inherit() which implements the logic of "inheriting" purpose and trust from a parent structure and using a default: this will be used in the SSL code and possibly future S/MIME. Partial documentation of the 'verify' utility. Still need to document how all the extension checking works and the various error messages.
show more ...
|
#
d4cec6a1 |
| 26-Nov-1999 |
Dr. Stephen Henson |
New options to the -verify program which can be used for chain verification. Extend the X509_PURPOSE structure to include shortnames for purposed and default trust ids. Still need so
New options to the -verify program which can be used for chain verification. Extend the X509_PURPOSE structure to include shortnames for purposed and default trust ids. Still need some extendable trust checking code and integration with the SSL and S/MIME code.
show more ...
|
#
11262391 |
| 24-Nov-1999 |
Dr. Stephen Henson |
Initial chain verify code: not tested probably not working at present. However nothing enables it yet so this doesn't matter :-)
|
Revision tags: OpenSSL_0_9_4 |
|
#
5c0a4865 |
| 02-Jun-1999 |
Ben Laurie |
stack
|
#
7e258a56 |
| 30-May-1999 |
Ben Laurie |
Yet another stack.
|
Revision tags: OpenSSL_0_9_3a, OpenSSL_0_9_3, OpenSSL_0_9_3beta2, OpenSSL_0_9_3beta1 |
|
#
303c0028 |
| 09-May-1999 |
Bodo Möller |
Use "const char *" instead of "char *" for filenames passed to functions. Submitted by: Reviewed by: PR:
|