root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
12,154 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

18 Commits

Author SHA1 Message Date
Viktor Dukhovni 8abffa4a73 Multiple verifier reference identities. 
Implemented as STACK_OF(OPENSSL_STRING).
 2014-06-22 20:32:35 -04:00
Viktor Dukhovni b3012c698a Drop hostlen from X509_VERIFY_PARAM_ID. 
Just store NUL-terminated strings.  This works better when we add
support for multiple hostnames.
 2014-06-22 19:52:44 -04:00
Dr. Stephen Henson 6c21b860ba Rename vpm_int.h to x509_lcl.h 2014-05-25 04:50:14 +01:00
Viktor Dukhovni 397a8e747d Fixes to host checking. 
Fixes to host checking wild card support and add support for
setting host checking flags when verifying a certificate
chain.
 2014-05-21 11:31:28 +01:00
Dr. Stephen Henson 4a253652ee Add opaque ID structure. 
Move the IP, email and host checking fields from the public
X509_VERIFY_PARAM structure into an opaque X509_VERIFY_PARAM_ID
structure. By doing this the structure can be modified in future
without risk of breaking any applications.
(cherry picked from commit adc6bd73e3)

Conflicts:

	crypto/x509/x509_vpm.c
 2013-12-13 15:42:16 +00:00
Dr. Stephen Henson 3bf15e2974 Integrate host, email and IP address checks into X509_verify. 
Add new verify options to set checks.

Remove previous -check* commands from s_client and s_server.
 2012-12-05 18:35:20 +00:00
Dr. Stephen Henson 9b3d75706e verify parameter enumeration functions 2010-02-25 00:08:23 +00:00
Dr. Stephen Henson 508c535221 Update from 1.0.0-stable 2009-06-30 11:24:57 +00:00
Dr. Stephen Henson 237d7b6cae Fix from stable branch. 2009-03-15 13:37:34 +00:00
Dr. Stephen Henson 30e5e39a3d PR: 1778 
Increase default verify depth to 100.
 2009-02-16 23:23:21 +00:00
Dr. Stephen Henson 2e5975285e Update obsolete email address... 2008-11-05 18:39:08 +00:00
Dr. Stephen Henson e19106f5fb Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros 
with the appropriate parameters which calls OBJ_bsearch(). A compiler will
typically inline this.

This avoids the need for cmp_xxx variables and fixes unchecked const issues
with CHECKED_PTR_OF()
 2008-10-22 15:43:01 +00:00
Dr. Stephen Henson 606f6c477a Fix a shed load or warnings: 
Duplicate const.
Use of ; outside function.
 2008-10-20 15:12:00 +00:00
Ben Laurie babb379849 Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
Dr. Stephen Henson a6fbcb4220 Change safestack reimplementation to match 0.9.8. 
Fix additional gcc 4.2 value not used warnings.
 2007-09-07 13:25:15 +00:00
Dr. Stephen Henson e881f6175a Update from stable branch. 2006-05-03 13:19:06 +00:00
Dr. Stephen Henson f022c177db Two new verify flags functions. 2005-09-02 22:49:54 +00:00
Dr. Stephen Henson 5d7c222db8 New X509_VERIFY_PARAM structure and associated functionality. 
This tidies up verify parameters and adds support for integrated policy
checking.

Add support for policy related command line options. Currently only in smime
application.

WARNING: experimental code subject to change.
 2004-09-06 18:43:01 +00:00