- 26 Dec, 2012 4 commits
-
-
Dr. Stephen Henson authored
Only store encoded versions of peer and configured signature algorithms. Determine shared signature algorithms and cache the result along with NID equivalents of each algorithm. (backport from HEAD)
-
Dr. Stephen Henson authored
TLS v1.2. These are sent as an extension for clients and during a certificate request for servers. TODO: add support for shared signature algorithms, respect shared algorithms when deciding which ciphersuites and certificates to permit. (backport from HEAD)
-
Dr. Stephen Henson authored
(backport from HEAD)
-
Dr. Stephen Henson authored
Make partial chain chekcing work with EE certificates only. Remove unneeded -trust_other option from tocsp. (Backport from HEAD)
-
- 23 Dec, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 21 Dec, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 20 Dec, 2012 5 commits
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Support - as a file for standard input or output. Add -badsig option to generate invalid signatures for testing. New -rmd option to specify digest to sign OCSP responses with.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- 19 Dec, 2012 4 commits
-
-
Dr. Stephen Henson authored
Add new verify options to set checks. (backport from HEAD)
-
Dr. Stephen Henson authored
Don't verify our own responses. (backport from HEAD)
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
modification to the OCSP helper purpose breaks normal OCSP verification. It is no longer needed now we can trust partial chains.
-
- 16 Dec, 2012 1 commit
-
-
Andy Polyakov authored
Submitted by: Pierre Delaage
-
- 14 Dec, 2012 4 commits
-
-
Dr. Stephen Henson authored
(backport from HEAD)
-
Dr. Stephen Henson authored
store instead of the default which is to return an error if we can't build the complete chain. [backport from HEAD]
-
Ben Laurie authored
-
Ben Laurie authored
-
- 13 Dec, 2012 3 commits
-
-
Ben Laurie authored
-
Ben Laurie authored
-
Ben Laurie authored
-
- 12 Dec, 2012 1 commit
-
-
Ben Laurie authored
-
- 06 Dec, 2012 1 commit
-
-
Dr. Stephen Henson authored
Use -1 to check all extensions in CRLs. Always set flag for freshest CRL.
-
- 05 Dec, 2012 1 commit
-
-
Andy Polyakov authored
-
- 04 Dec, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 03 Dec, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 01 Dec, 2012 1 commit
-
-
Andy Polyakov authored
-
- 29 Nov, 2012 1 commit
-
-
Dr. Stephen Henson authored
Submitted by: jean-etienne.schwartz@bull.net In OCSP_basic_varify return an error if X509_STORE_CTX_init fails.
-
- 28 Nov, 2012 1 commit
-
-
Andy Polyakov authored
-
- 26 Nov, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 22 Nov, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 21 Nov, 2012 1 commit
-
-
Dr. Stephen Henson authored
Submitted by: Dmitry Belyavsky <beldmit@gmail.com> Fix DH double free if parameter generation fails.
-
- 20 Nov, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 19 Nov, 2012 2 commits
-
-
Dr. Stephen Henson authored
-
Andy Polyakov authored
Submitted by: Florian Weimer
-
- 18 Nov, 2012 1 commit
-
-
Dr. Stephen Henson authored
Submitted by: "Florian Rüchel" <florian.ruechel@ruhr-uni-bochum.de> Correctly handle local machine keys in the capi ENGINE.
-
- 15 Nov, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 12 Nov, 2012 1 commit
-
-
Andy Polyakov authored
-