- 26 12月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 25 2月, 2010 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 01 11月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
information. Add more informative message to verify callback to indicate when CRL path validation is taking place.
-
- 18 10月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 26 6月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 01 9月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
a delta CRL in addition to a full CRL. Check and search delta in addition to the base.
-
- 29 8月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Tidy CRL scoring system. Add new CRL path validation error.
-
- 14 8月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
and CRL signing keys.
-
- 08 8月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
TODO: robustness checking on name forms.
-
- 27 11月, 2006 1 次提交
-
-
由 Ben Laurie 提交于
-
- 18 9月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 15 9月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
handling to support this.
-
- 11 9月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
callbacks.
-
- 10 9月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
based on subject name. New thread safe functions to retrieve matching STACK from X509_STORE. Cache some IDP components.
-
- 03 9月, 2005 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 10 4月, 2005 1 次提交
-
-
由 Richard Levitte 提交于
a security threat on unexpecting applications. Document and test.
-
- 28 12月, 2004 1 次提交
-
-
由 Richard Levitte 提交于
-
- 29 11月, 2004 1 次提交
-
-
由 Richard Levitte 提交于
CA setting in each certificate on the chain is correct. As a side- effect always do the following basic checks on extensions, not just when there's an associated purpose to the check: - if there is an unhandled critical extension (unless the user has chosen to ignore this fault) - if the path length has been exceeded (if one is set at all) - that certain extensions fit the associated purpose (if one has been given)
-
- 01 10月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 18 9月, 2004 1 次提交
-
-
由 Geoff Thorpe 提交于
-
- 07 9月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
This tidies up verify parameters and adds support for integrated policy checking. Add support for policy related command line options. Currently only in smime application. WARNING: experimental code subject to change.
-
- 20 5月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 19 5月, 2004 1 次提交
-
-
由 Richard Levitte 提交于
when trying to build a shared library on VMS or Windows...
-
- 02 4月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 28 3月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
verified structure can contain its own CRLs (such as PKCS#7 signedData). Tidy up some of the verify code.
-
- 25 3月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
I'll remember to try to compile this with warnings enabled next time :-)
-
- 23 3月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
This is currently *very* experimental and needs to be more fully integrated with the main verification code.
-
- 06 3月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
when X509_V_FLAG_X509_STRICT is set. Check for CRLSign in CRL issuer certificates. Reject CRLs with unhandled (any) critical extensions.
-
- 21 3月, 2003 1 次提交
-
-
由 Richard Levitte 提交于
-
- 21 10月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reject certificates with unhandled critical extensions.
-
- 02 9月, 2001 1 次提交
-
-
由 Geoff Thorpe 提交于
See the commit log message for that for more information. NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented (initialisation by "memset" won't/can't/doesn't work). This fixes that but requires that X509_STORE_CTX_init() be able to handle errors - so its prototype has been changed to return 'int' rather than 'void'. All uses of that function throughout the source code have been tracked down and adjusted.
-
- 06 8月, 2001 3 次提交
-
-
由 Bodo Möller 提交于
-
由 Bodo Möller 提交于
sourcecode (including fgrep)
-
由 Ben Laurie 提交于
-
- 30 7月, 2001 1 次提交
-
-
由 Lutz Jänicke 提交于
-
- 10 5月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Purpose and trust setting functions for X509_STORE. Tidy existing code.
-
- 09 5月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
inherited from X509_STORE. Add CRL checking options to other applications.
-
- 08 5月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Initial CRL based revocation checking.
-
- 20 2月, 2001 1 次提交
-
-
由 Richard Levitte 提交于
sure they are available in opensslconf.h, by giving them names starting with "OPENSSL_" to avoid conflicts with other packages and by making sure e_os2.h will cover all platform-specific cases together with opensslconf.h. I've checked fairly well that nothing breaks with this (apart from external software that will adapt if they have used something like NO_KRB5), but I can't guarantee it completely, so a review of this change would be a good thing.
-