Dr. Stephen Henson
4903abd50a
make X509_EXTENSION opaque
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-23 18:27:04 +00:00
Dr. Stephen Henson
9b0a453190
Make X509_ATTRIBUTE opaque.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-16 15:54:19 +00:00
Matt Caswell
0f113f3ee4
Run util/openssl-format-source -v -c .
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Viktor Dukhovni
297c67fcd8
Update API to use (char *) for email addresses and hostnames
...
Reduces number of silly casts in OpenSSL code and likely most
applications. Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().
2014-07-07 19:11:38 +10:00
Viktor Dukhovni
6e661d458f
New peername element in X509_VERIFY_PARAM_ID
...
Declaration, memory management, accessor and documentation.
2014-07-06 01:50:50 +10:00
Viktor Dukhovni
8abffa4a73
Multiple verifier reference identities.
...
Implemented as STACK_OF(OPENSSL_STRING).
2014-06-22 20:32:35 -04:00
Viktor Dukhovni
b3012c698a
Drop hostlen from X509_VERIFY_PARAM_ID.
...
Just store NUL-terminated strings. This works better when we add
support for multiple hostnames.
2014-06-22 19:52:44 -04:00
Dr. Stephen Henson
0930251df8
Don't use expired certificates if possible.
...
When looking for the issuer of a certificate, if current candidate is
expired, continue looking. Only return an expired certificate if no valid
certificates are found.
PR#3359
2014-05-25 04:50:15 +01:00
Dr. Stephen Henson
6c21b860ba
Rename vpm_int.h to x509_lcl.h
2014-05-25 04:50:14 +01:00
