summaryrefslogtreecommitdiff
AgeCommit message (Expand)AuthorFilesLines
2021-04-04resolv: fix infinte loop when parsing resolv.confHEADmasterJoakim Sindholt1-1/+1
2020-07-13sysca: add support for a CA bundle fileJoakim Sindholt2-28/+62
2020-07-13cert: liberalize parsing and differentiate EOF from error returnJoakim Sindholt1-26/+28
2020-07-13sysca: use size_t for hash incrementJoakim Sindholt2-5/+4
2020-06-15x509: fix bad keyUsage bit string length calculationJoakim Sindholt1-2/+2
2020-06-15bearssl/pk: fix conversion of ec keysJoakim Sindholt1-0/+1
2020-06-15x509: fix key usage parserJoakim Sindholt1-5/+3
2020-06-10bearssl: properly check fd in exit conditionJoakim Sindholt1-1/+1
2020-06-09bearssl: don't bother reading when the corresponding output is closedJoakim Sindholt1-2/+2
2020-06-09bearssl: fix fd exit conditionJoakim Sindholt1-1/+1
2020-06-09bearssl: always poll output fds for hangupJoakim Sindholt1-2/+2
2020-06-08x509: fallback to _SC_PAGESIZE when PAGESIZE is not availableJoakim Sindholt1-2/+7
2020-05-20man: add NULL envp to posix_spawnJoakim Sindholt1-3/+3
2020-05-19bearssl: do proper cert usage conversionJoakim Sindholt3-1/+19
2020-05-11x509: only match common name on EE certJoakim Sindholt1-6/+10
2020-05-11x509: return status in v{cert,chain}endJoakim Sindholt3-42/+42
2020-05-11add man pageJoakim Sindholt1-0/+209
2020-05-11bearssl: don't pass cn when sni is disabledJoakim Sindholt1-1/+1
2020-05-11dane: reduce UDP buffer to 2kJoakim Sindholt1-1/+1
2020-05-11cert: fix uninitialized newline indicator on empty certsJoakim Sindholt1-0/+1
2020-05-11cleanup and silence some warningsJoakim Sindholt7-11/+9
2020-05-11bearssl: fix off-by-one error on unknown error codesJoakim Sindholt1-1/+1
2020-05-11bearssl: send errors from the x509 validator throughJoakim Sindholt3-8/+42
2020-05-11add error handling with name stack to x509 parsersJoakim Sindholt6-113/+156
2020-05-11main: check arguments more rigorouslyJoakim Sindholt1-0/+11
2020-05-11main: remove detailed usageJoakim Sindholt1-5/+1
2020-05-11main: use 'CN/*' rather than 'CN *' as the latter is confusingJoakim Sindholt1-1/+1
2020-05-11cert: add convenience function to pass to asn1parseJoakim Sindholt4-14/+9
2020-05-11dane: fix tcp timeout calculationJoakim Sindholt1-1/+1
2020-05-11Makefile: add default cflags and config.mak overrideJoakim Sindholt1-0/+3
2020-05-03header cleanupJoakim Sindholt15-14/+26
2020-05-03dane: accept authoritative answers as wellJoakim Sindholt1-5/+7
2020-05-03ta: add tag to fix hashJoakim Sindholt1-6/+15
2020-05-03asn1: fix accidental tag buffer overwritesJoakim Sindholt1-3/+4
2020-05-03add function to retrieve latest asn.1 tag in enter functionJoakim Sindholt3-31/+16
2020-04-28abdicate copyrightJoakim Sindholt1-0/+20
2020-04-28bearssl: properly mark DANE as finished after parsing the cert chainJoakim Sindholt1-2/+5
2020-04-28x509: only activate SAN matching and OCSP callbacks on EE certJoakim Sindholt1-2/+2
2020-04-28x509: bring in line with bearssl's minimal engineJoakim Sindholt4-7/+96
2020-04-28move files intended to be replaced to their own directoryJoakim Sindholt13-11/+22
2020-04-28x509: fix CA/keyUsage on pre-v3 certsJoakim Sindholt5-40/+81
2020-04-28x509: properly disable CA matching when DANE is activeJoakim Sindholt1-1/+1
2020-04-28x509: only check DANE-TA arg certs as trust anchorsJoakim Sindholt1-8/+8
2020-04-28bearssl: add missing constJoakim Sindholt1-1/+1
2020-04-28separate out the DN hash functionJoakim Sindholt4-85/+73
2020-04-28short-circuit CA cert signature validation on issuer/subject mismatchJoakim Sindholt4-12/+71
2020-04-28x509: add missing CN checksJoakim Sindholt1-0/+6
2020-04-28x509: remove leftover prototypesJoakim Sindholt1-4/+0
2020-04-28initial commitJoakim Sindholt56-0/+5818