openssl

Author	SHA1	Message	Date
Dr. Stephen Henson	58b75e9c26	PR: 2482 Submitted by: Rob Austein <sra@hactrn.net> Reviewed by: steve Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.	2011-10-09 00:56:52 +00:00
Dr. Stephen Henson	df6de39fe7	Change AR to ARX to allow exclusion of fips object modules	2011-01-26 16:08:08 +00:00
Dr. Stephen Henson	09d84e03e8	oops missed an assert	2011-01-03 12:54:08 +00:00
Dr. Stephen Henson	85881c1d92	PR: 2411 Submitted by: Rob Austein <sra@hactrn.net> Reviewed by: steve Fix corner cases in RFC3779 code.	2011-01-03 01:40:53 +00:00
Dr. Stephen Henson	e82f75577b	PR: 2410 Submitted by: Rob Austein <sra@hactrn.net> Reviewed by: steve Use OPENSSL_assert() instead of assert().	2011-01-03 01:22:41 +00:00
Dr. Stephen Henson	776654adff	PR: 2295 Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com> Reviewed by: steve OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code elimination.	2010-10-11 23:49:22 +00:00
Ben Laurie	c8bbd98a2b	Fix warnings.	2010-06-12 14:13:23 +00:00
Dr. Stephen Henson	ca96d38981	PR: 2251 Submitted by: Ger Hobbelt <ger@hobbelt.com> Approved by: steve@openssl.org Memleak, BIO chain leak and realloc checks in v3_pci.c	2010-05-22 00:30:41 +00:00
Dr. Stephen Henson	b5cfc2f590	option to replace extensions with new ones: mainly for creating cross-certificates	2010-03-03 20:13:30 +00:00
Dr. Stephen Henson	ebaa2cf5b2	PR: 2183 PR#1999 broke fork detection by assuming HAVE_FORK was set for all platforms. Include original HAVE_FORK detection logic while allowing it to be overridden on specific platforms with -DHAVE_FORK=1 or -DHAVE_FORK=0	2010-03-03 19:56:34 +00:00
Dr. Stephen Henson	b1efb7161f	Include self-signed flag in certificates by checking SKID/AKID as well as issuer and subject names. Although this is an incompatible change it should have little impact in pratice because self-issued certificates that are not self-signed are rarely encountered.	2010-02-25 00:01:38 +00:00
Dr. Stephen Henson	df4c395c6d	add anyExtendedKeyUsage OID	2010-02-24 15:53:58 +00:00
Dr. Stephen Henson	64f0f80eb6	PR: 2057 Submitted by: Julia Lawall <julia@diku.dk> Approved by: steve@openssl.org Correct BIO_write, BIO_printf, i2a_ASN1_INTEGER and i2a_ASN1_OBJECT error handling in OCSP print routines.	2009-09-30 23:55:53 +00:00
Dr. Stephen Henson	b6dcdbfc94	Audit libcrypto for unchecked return values: fix all cases enountered	2009-09-23 23:43:49 +00:00
Dr. Stephen Henson	38663fcc82	Missing break.	2009-08-31 22:19:26 +00:00
Dr. Stephen Henson	c869da8839	Update from 1.0.0-stable	2009-07-27 21:10:00 +00:00
Dr. Stephen Henson	8132d3ac40	Update from 1.0.0-stable.	2009-05-30 18:11:26 +00:00
Andy Polyakov	051742fb6c	v3_alt.c: otherName parsing fix. Submitted by: Love Hörnquist Åstrand	2009-04-27 19:35:16 +00:00
Dr. Stephen Henson	8711efb498	Updates from 1.0.0-stable branch.	2009-04-20 11:33:12 +00:00
Dr. Stephen Henson	e5fa864f62	Updates from 1.0.0-stable.	2009-04-15 15:27:03 +00:00
Dr. Stephen Henson	22c98d4aad	Update from 1.0.0-stable	2009-04-08 16:16:35 +00:00
Dr. Stephen Henson	06ddf8eb08	Updates from 1.0.0-stable	2009-04-04 19:54:06 +00:00
Dr. Stephen Henson	14023fe352	Merge from 1.0.0-stable branch.	2009-04-03 11:45:19 +00:00
Dr. Stephen Henson	ef8e772805	Use OPENSSL_assert() instead of assert.	2009-03-15 14:04:42 +00:00
Dr. Stephen Henson	e39acc1c90	PR: 1864 Submitted by: Ger Hobbelt <ger@hobbelt.com> Reviewed by: steve@openssl.org Check return value.	2009-03-14 12:39:05 +00:00
Dr. Stephen Henson	a0b76569b2	Update from stable branch.	2009-03-14 12:26:48 +00:00
Ben Laurie	c2a548a884	Print IPv6 all 0s correctly (Rob Austein).	2009-03-08 10:54:45 +00:00
Dr. Stephen Henson	477fd4596f	PR: 1835 Submitted by: Damien Miller <djm@mindrot.org> Approved by: steve@openssl.org Fix various typos.	2009-02-14 21:49:38 +00:00
Richard Levitte	2e6a7b3efc	Constify where needed	2008-12-16 13:41:49 +00:00
Dr. Stephen Henson	9d44cd1642	Oops should check zero_pos >= 0.	2008-12-08 19:13:06 +00:00
Dr. Stephen Henson	1d4e879106	Handle case where v6stat.zero_pos == 0 correctly. Reported by: Kurt Roeckx <kurt@roeckx.be>, Tobias Ginzler <ginzler@fgan.de> (Debian bug #506111)	2008-12-07 23:58:44 +00:00
Dr. Stephen Henson	e9afa08cd1	Update from stable branch.	2008-11-30 16:09:04 +00:00
Dr. Stephen Henson	2e5975285e	Update obsolete email address...	2008-11-05 18:39:08 +00:00
Dr. Stephen Henson	e19106f5fb	Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros with the appropriate parameters which calls OBJ_bsearch(). A compiler will typically inline this. This avoids the need for cmp_xxx variables and fixes unchecked const issues with CHECKED_PTR_OF()	2008-10-22 15:43:01 +00:00
Ben Laurie	28b6d5020e	Set comparison function in v3_add_canonize().	2008-10-14 19:27:07 +00:00
Ben Laurie	babb379849	Type-checked (and modern C compliant) OBJ_bsearch.	2008-10-12 14:32:47 +00:00
Geoff Thorpe	fa0f834c20	Fix build warnings.	2008-09-15 04:02:37 +00:00
Dr. Stephen Henson	d43c4497ce	Initial support for delta CRLs. If "use deltas" flag is set attempt to find a delta CRL in addition to a full CRL. Check and search delta in addition to the base.	2008-09-01 15:15:16 +00:00
Dr. Stephen Henson	4b96839f06	Add support for CRLs partitioned by reason code. Tidy CRL scoring system. Add new CRL path validation error.	2008-08-29 11:37:21 +00:00
Dr. Stephen Henson	249a77f5fb	Add support for freshest CRL extension.	2008-08-27 15:52:05 +00:00
Dr. Stephen Henson	8c9bd89338	Support for certificateIssuer CRL entry extension.	2008-08-18 16:48:47 +00:00
Dr. Stephen Henson	002e66c0e8	Support for policy mappings extension. Delete X509_POLICY_REF code. Fix handling of invalid policy extensions to return the correct error. Add command line option to inhibit policy mappings.	2008-08-12 10:32:56 +00:00
Dr. Stephen Henson	e9746e03ee	Initial support for name constraints certificate extension. TODO: robustness checking on name forms.	2008-08-08 15:35:29 +00:00
Dr. Stephen Henson	3e727a3b37	Add support for nameRelativeToCRLIssuer field in distribution point name fields.	2008-08-04 15:34:27 +00:00
Dr. Stephen Henson	a9ff742e42	Make explicit_policy handling match expected RFC3280 behaviour.	2008-08-02 11:16:35 +00:00
Dr. Stephen Henson	592a207b94	Policy validation fixes. Inhibit any policy count should ignore self issued certificates. Require explicit policy is the number certificate before an explict policy is required.	2008-07-30 15:41:42 +00:00
Dr. Stephen Henson	34d05a4023	Zero is a valid value for any_skip and map_skip	2008-07-13 22:38:18 +00:00
Dr. Stephen Henson	dcc0c29876	We support inhibit any policy extension, add to table.	2008-07-13 15:55:37 +00:00
Dr. Stephen Henson	db50661fce	X509 verification fixes. Ignore self issued certificates when checking path length constraints. Duplicate OIDs in policy tree in case they are allocated. Use anyPolicy from certificate cache and not current tree level.	2008-07-13 14:25:36 +00:00
Dr. Stephen Henson	d4cdbab99b	Avoid warnings with -pedantic, specifically: Conversion between void * and function pointer. Value computed not used. Signed/unsigned argument.	2008-07-04 23:12:52 +00:00

1 2 3 4 5 ...

348 commits