openssl

History

Viktor Dukhovni f75b34c8c8 When strict SCT fails record verification failure Since with SSL_VERIFY_NONE, the connection may continue and the session may even be cached, we should save some evidence that the chain was not sufficiently verified and would have been rejected with SSL_VERIFY_PEER. To that end when a CT callback returs failure we set the verify result to X509_V_ERR_NO_VALID_SCTS. Note: We only run the CT callback in the first place if the verify result is still X509_V_OK prior to start of the callback. RT #4502 Reviewed-by: Tim Hudson <tjh@openssl.org>		2016-05-19 00:25:42 -04:00
..
record	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
statem	Ensure verify error is set when X509_verify_cert() fails	2016-05-18 15:16:37 -04:00
bio_ssl.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
build.info	Update build.info files for auto-init/de-init	2016-02-09 15:11:38 +00:00
d1_lib.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
d1_msg.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
d1_srtp.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
methods.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
packet_locl.h	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
pqueue.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
s3_cbc.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
s3_enc.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
s3_lib.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
s3_msg.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
ssl_asn1.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
ssl_cert.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
ssl_ciph.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
ssl_conf.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
ssl_err.c	Fix an error code spelling.	2016-04-28 14:22:26 -04:00
ssl_init.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
ssl_lib.c	When strict SCT fails record verification failure	2016-05-19 00:25:42 -04:00
ssl_locl.h	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
ssl_mcnf.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
ssl_rsa.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
ssl_sess.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
ssl_stat.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
ssl_txt.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
ssl_utst.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
t1_enc.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
t1_ext.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
t1_lib.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
t1_reneg.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
t1_trce.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00
tls_srp.c	Copyright consolidation 01/10	2016-05-17 14:19:19 -04:00