Matt Caswell
72a7a7021f
Update copyright year
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8347 )
2019-02-26 14:05:09 +00:00
Bernd Edlinger
df3b7b99a8
Fixed d2i_X509 in-place not re-hashing the ex_flags
...
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8116 )
(cherry picked from commit 5364902250
)
2019-01-31 19:20:03 +01:00
Matt Caswell
6ec5fce25e
Update copyright year
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6145 )
2018-05-01 13:34:30 +01:00
FdaSilvaYY
7fcdbd839c
X509: add more error codes on malloc or sk_TYP_push failure
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5837 )
2018-04-24 09:08:33 +02:00
KaoruToda
26a7d938c9
Remove parentheses of return.
...
Since return is inconsistent, I removed unnecessary parentheses and
unified them.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4541 )
2017-10-18 16:05:06 +01:00
Matt Caswell
888098304b
More updates following review feedback
...
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3740 )
2017-08-21 08:44:44 +01:00
Matt Caswell
24664a3bf5
Remove OPENSSL_assert() from crypto/x509
...
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3740 )
2017-08-21 08:44:44 +01:00
Dr. Stephen Henson
8adc1cb851
Constify X509_get0_signature()
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17 14:12:55 +01:00
Richard Levitte
f46c2597ab
Properly initialise the internal proxy certificate path length cache
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-23 11:35:30 +02:00
Rich Salz
b1322259d9
Copyright consolidation 09/10
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 14:53:16 -04:00
Viktor Dukhovni
fde2257f05
Fix i2d_X509_AUX, update docs and add tests
...
When *pp is NULL, don't write garbage, return an unexpected pointer
or leak memory on error.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-05-11 01:46:06 -04:00
Dr. Stephen Henson
05aef4bbdb
Fix i2d_X509_AUX: pp can be NULL.
...
Reported by David Benjamin
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-05-02 22:46:39 +01:00
FdaSilvaYY
25a807bcb9
Add checks on CRYPTO_new_ex_data return value
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/996 )
2016-04-28 14:37:41 -04:00
Matt Caswell
446ba8de9a
Ensure we check i2d_X509 return val
...
The i2d_X509() function can return a negative value on error. Therefore
we should make sure we check it.
Issue reported by Yuan Jochen Kang.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-26 14:29:54 +01:00
Alessandro Ghedini
c001ce3313
Convert CRYPTO_LOCK_X509_* to new multi-threading API
...
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 11:10:34 -05:00
Dr. Stephen Henson
359aa38fbe
remove old unused oneline name field
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-01 22:25:40 +00:00
Rich Salz
349807608f
Remove /* foo.c */ comments
...
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.
And then some hand-editing of other files.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-26 16:40:43 -05:00
Viktor Dukhovni
0e76014e58
Drop cached certificate signature validity flag
...
It seems risky in the context of cross-signed certificates when the
same certificate might have multiple potential issuers. Also rarely
used, since chains in OpenSSL typically only employ self-signed
trust-anchors, whose self-signatures are not checked, while untrusted
certificates are generally ephemeral.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-01-18 13:20:48 -05:00
Rich Salz
e6390acac9
ex_data part 2: doc fixes and CRYPTO_free_ex_index.
...
Add CRYPTO_free_ex_index (for shared libraries)
Unify and complete the documentation for all "ex_data" API's and objects.
Replace xxx_get_ex_new_index functions with a macro.
Added an exdata test.
Renamed the ex_data internal datatypes.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-01 11:48:37 -05:00
Rich Salz
cc99bfa76b
Fix a few missed "if (!ptr)" cleanups
...
And a scalar !x --> x==0 test
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-11-23 13:51:23 -05:00
Dr. Stephen Henson
81e4943843
embed certificate serial number and signature fields
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-10-15 15:36:58 +01:00
Kurt Roeckx
605236f6a8
Fix more d2i cases to properly update the input pointer
...
Thanks to David Benjamin <davidben@google.com> for pointing them out.
Reviewed-by: Steve Henson <steve@openssl.org>
MR #1198
2015-10-03 13:22:52 +02:00
Dr. Stephen Henson
94e84f5e95
header includes
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-22 21:15:55 +01:00
Dr. Stephen Henson
2aa707c6ac
Fix path in comments
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-22 16:47:09 +01:00
Dr. Stephen Henson
1e898fb0f5
Move certificate request and CRL routines to x509 dir.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-22 16:35:55 +01:00