Dr. Stephen Henson 4ca5efc287 Make OCSP response verification more flexible. ...

If a set of certificates is supplied to OCSP_basic_verify use those in
addition to any present in the OCSP response as untrusted CAs when
verifying a certificate chain.

PR#3668

Reviewed-by: Matt Caswell <matt@openssl.org>

2015-03-24 12:12:49 +00:00

..

aes

Fix undefined behaviour in shifts.

2015-03-13 21:10:13 -07:00

asn1

make depend

2015-03-24 12:05:05 +00:00

bf

clang on Linux x86_64 complains about unreachable code.

2015-01-29 01:54:09 +01:00

bio

Fix malloc define typo

2015-03-24 11:33:39 +00:00

bn

Fix probable_prime over large shift

2015-03-17 13:41:49 +00:00

buffer

size_t for buffer functions.

2015-02-13 13:50:36 +00:00

camellia

Fix crash in SPARC T4 XTS.

2015-02-24 10:11:36 +01:00

cast

Dead code cleanup: #if 0 dropped from tests

2015-02-02 11:11:34 -05:00

cmac

make depend

2015-03-24 12:05:05 +00:00

cms

make depend

2015-03-24 12:05:05 +00:00

comp

Dead code removal: #if 0 bio, comp, rand

2015-01-29 21:38:57 -05:00

conf

RT3670: Check return from BUF_MEM_grow_clean

2015-02-12 13:00:42 -05:00

des

make depend

2015-03-24 12:05:05 +00:00

dh

make depend

2015-03-24 12:05:05 +00:00

dsa

make depend

2015-03-24 12:05:05 +00:00

dso

Remove dead code from crypto

2015-03-17 14:48:44 +00:00

ec

make depend

2015-03-24 12:05:05 +00:00

ecdh

Update ordinals, fix error message.

2015-03-15 15:56:24 +00:00

ecdsa

make depend

2015-03-24 12:05:05 +00:00

engine

make depend

2015-03-24 12:05:05 +00:00

err

Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC

2015-03-11 09:29:37 -04:00

evp

make depend

2015-03-24 12:05:05 +00:00

hmac

make depend

2015-03-24 12:05:05 +00:00

idea

clang on Linux x86_64 complains about unreachable code.

2015-01-29 01:54:09 +01:00

include/internal

Move some EVP internals to evp_int.h

2015-03-24 12:03:36 +00:00

jpake

JPAKE Makefile missing 'files' target

2015-03-24 11:57:14 +01:00

krb5

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

lhash

Add missing declaration for lh_node_usage_stats

2015-01-28 12:27:23 -05:00

md2

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

md4

clang on Linux x86_64 complains about unreachable code.

2015-01-29 01:54:09 +01:00

md5

clang on Linux x86_64 complains about unreachable code.

2015-01-29 01:54:09 +01:00

mdc2

make depend

2015-03-24 12:05:05 +00:00

modes

CRYPTO_128_unwrap(): Fix refactoring damage

2015-03-20 23:22:17 +00:00

objects

Unchecked malloc fixes

2015-03-05 09:09:57 +00:00

ocsp

Make OCSP response verification more flexible.

2015-03-24 12:12:49 +00:00

pem

make depend

2015-03-24 12:05:05 +00:00

perlasm

Fix crash in SPARC T4 XTS.

2015-02-24 10:11:36 +01:00

pkcs7

make depend

2015-03-24 12:05:05 +00:00

pkcs12

Remove old ASN.1 code.

2015-03-23 13:15:06 +00:00

pqueue

Dead code removal: #if 0 conf, dso, pqueue, threads

2015-01-30 12:46:49 -05:00

rand

Unchecked malloc fixes

2015-03-05 09:09:57 +00:00

rc2

clang on Linux x86_64 complains about unreachable code.

2015-01-29 01:54:09 +01:00

rc4

clang on Linux x86_64 complains about unreachable code.

2015-01-29 01:54:09 +01:00

rc5

ifdef cleanup, part 4a: '#ifdef undef'

2015-01-24 10:58:38 -05:00

ripemd

Dead code: crypto/dh,modes,pkcs12,ripemd,rsa,srp

2015-02-03 11:20:56 -05:00

rsa

make depend

2015-03-24 12:05:05 +00:00

seed

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

sha

sha/asm/sha256-armv4.pl: adapt for use in Linux kernel context.

2015-03-23 13:34:03 +01:00

srp

Dead code: crypto/dh,modes,pkcs12,ripemd,rsa,srp

2015-02-03 11:20:56 -05:00

stack

Fix memset call in stack.c

2015-03-17 13:39:53 +00:00

store

util/mkstack.pl now generates entire safestack.h

2015-02-06 10:47:53 -05:00

threads

Unchecked malloc fixes

2015-03-05 09:09:57 +00:00

ts

make X509_EXTENSION opaque

2015-03-23 18:27:04 +00:00

txt_db

OPENSSL_NO_xxx cleanup: many removals

2015-01-27 10:06:22 -05:00

ui

Assume TERMIOS is default, remove TERMIO on all Linux.

2015-02-21 23:51:05 +01:00

whrlpool

Re-align some comments after running the reformat script.

2015-01-22 09:20:10 +00:00

x509

make depend

2015-03-24 12:05:05 +00:00

x509v3

free NULL cleanup

2015-03-24 07:52:24 -04:00

alphacpuid.pl

alphacpuid.pl: fix alignment bug.

2011-08-12 12:28:52 +00:00

arm64cpuid.pl

Add assembly support to ios64-cross.

2015-01-23 15:38:41 +01:00

arm_arch.h

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

armcap.c

Add assembly support to ios64-cross.

2015-01-23 15:38:41 +01:00

armv4cpuid.S

Remove inconsistency in ARM support.

2015-01-04 23:45:08 +01:00

c64xpluscpuid.pl

C64x+ assembly pack: make it work with older toolchain.

2014-05-04 16:38:32 +02:00

constant_time_locl.h

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

constant_time_test.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

cpt_err.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

cryptlib.c

OPENSSL_NO_XXX cleanup: OPENSSL_NO_BUF_FREELISTS

2015-01-27 16:43:53 -05:00

cryptlib.h

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

crypto-lib.com

Catch up the VMS build.

2015-03-05 18:20:06 +01:00

crypto.h

"#if 0" removal: header files

2015-01-27 17:44:12 -05:00

cversion.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

ebcdic.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

ebcdic.h

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

ex_data.c

Fix memory leak reporting.

2015-02-09 12:53:36 +00:00

fips_err.h

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

fips_ers.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

ia64cpuid.S

IA-64 assembler pack: fix typos and make it work on HP-UX.

2011-05-07 20:36:05 +00:00

install-crypto.com

ui_compat cleanup; makefiles and vms

2015-02-06 16:49:17 -05:00

lock.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

LPdir_nyi.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

LPdir_unix.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

LPdir_vms.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

LPdir_win32.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

LPdir_win.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

LPdir_wince.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

Makefile

Move some EVP internals to evp_int.h

2015-03-24 12:03:36 +00:00

md32_common.h

Keep disclaiming 16-bit support.

2015-01-23 19:09:01 +01:00

mem_clr.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

mem_dbg.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

mem.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

o_dir_test.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

o_dir.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

o_dir.h

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

o_fips.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

o_init.c

Dead code cleanup: crypto/*.c, x509v3, demos

2015-02-02 11:08:16 -05:00

o_str.c

ifdef cleanup part 3: OPENSSL_SYSNAME

2015-01-23 11:58:26 -05:00

o_str.h

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

o_time.c

Re-align some comments after running the reformat script.

2015-01-22 09:20:10 +00:00

opensslconf.h.in

RT3548: Remove unsupported platforms

2014-12-28 01:17:52 -05:00

opensslv.h

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

ossl_typ.h

Remove obsolete declarations.

2015-03-12 14:12:17 +00:00

pariscid.pl

PA-RISC assembler pack: switch to bve in 64-bit builds.

2013-06-18 10:37:00 +02:00

ppc_arch.h

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

ppccap.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

ppccpuid.pl

aesp8-ppc.pl: fix typos.

2014-06-04 08:34:18 +02:00

s390xcap.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

s390xcpuid.S

Multiple assembler packs: add experimental memory bus instrumentation.

2011-04-17 12:46:00 +00:00

sparc_arch.h

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

sparccpuid.S

sparccpuid.S: work around emulator bug on T1.

2013-02-11 10:39:50 +01:00

sparcv9cap.c

Dead code cleanup: crypto/*.c, x509v3, demos

2015-02-02 11:08:16 -05:00

symhacks.h

Remove ui_compat

2015-02-06 14:52:40 -05:00

thr_id.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

uid.c

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

vms_rms.h

Run util/openssl-format-source -v -c .

2015-01-22 09:20:09 +00:00

x86_64cpuid.pl

x86[_64]cpuid.pl: add low-level RDSEED.

2014-02-14 17:24:12 +01:00

x86cpuid.pl

Undo a90081576c94f9f54de1755188a00ccc1760549a

2014-08-09 08:02:20 -04:00