wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto/x509
History
Viktor Dukhovni f75b34c8c8 When strict SCT fails record verification failure 
Since with SSL_VERIFY_NONE, the connection may continue and the
session may even be cached, we should save some evidence that the
chain was not sufficiently verified and would have been rejected
with SSL_VERIFY_PEER.  To that end when a CT callback returs failure
we set the verify result to X509_V_ERR_NO_VALID_SCTS.

Note: We only run the CT callback in the first place if the verify
result is still X509_V_OK prior to start of the callback.

RT #4502

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-05-19 00:25:42 -04:00
..
build.info move x_pubkey.c to crypto/x509 2016-03-22 15:28:11 +00:00
by_dir.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
by_file.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
t_crl.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
t_req.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
t_x509.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509_att.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509_cmp.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509_d2.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509_def.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509_err.c X509_STORE_CTX accessors. 2016-05-17 16:06:09 -04:00
x509_ext.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509_lcl.h Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509_lu.c X509_STORE_CTX accessors. 2016-05-17 16:06:09 -04:00
x509_obj.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509_r2x.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509_req.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509_set.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509_trs.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509_txt.c When strict SCT fails record verification failure 2016-05-19 00:25:42 -04:00
x509_v3.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509_vfy.c Ensure verify error is set when X509_verify_cert() fails 2016-05-18 15:16:37 -04:00
x509_vpm.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509cset.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509name.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509rset.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509spki.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x509type.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x_all.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x_attrib.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x_crl.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x_exten.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x_name.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x_pubkey.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x_req.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x_x509.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x_x509a.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00