Dr. David von Oheimb 0e7b1383e1 Fix issue 1418 by moving check of KU_KEY_CERT_SIGN and weakening check_issued() ...

Move check that cert signing is allowed from x509v3_cache_extensions() to
where it belongs: internal_verify(), generalize it for proxy cert signing.
Correct and simplify check_issued(), now checking self-issued (not: self-signed).
Add test case to 25-test_verify.t that demonstrates successful fix

Fixes #1418

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10587)

2020-07-01 11:14:54 +02:00

..

build.info

Chunk 11 of CMP contribution to OpenSSL: CMP command-line interface

2020-05-13 19:42:00 +02:00

CA.pl.pod

There is no -signreq option in CA.pl

2020-05-21 13:28:14 +02:00

openssl-asn1parse.pod.in

Remove whitespace from 'white space'

2020-06-19 07:59:46 +02:00

openssl-ca.pod.in

Remove whitespace from 'white space'

2020-06-19 07:59:46 +02:00

openssl-ciphers.pod.in

Add cipher list ciphersuites which using encryption algorithm in mode CBC.

2020-06-04 17:45:00 +03:00

openssl-cmds.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-cmp.pod.in

DOC: Spelling fixes

2020-06-18 10:10:48 +03:00

openssl-cms.pod.in

CMS print should support string conversion: docs

2020-06-24 09:56:50 +03:00

openssl-crl2pkcs7.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-crl.pod.in

Use OSSL_STORE for load_{,pub}key() and load_cert() in apps/lib/apps.c

2020-05-15 20:20:08 +02:00

openssl-dgst.pod.in

Use OSSL_STORE for load_{,pub}key() and load_cert() in apps/lib/apps.c

2020-05-15 20:20:08 +02:00

openssl-dhparam.pod.in

doc: remove deprecation notes for apps that are staying.

2020-05-09 09:44:20 +10:00

openssl-dsa.pod.in

doc: remove deprecation notes for apps that are staying.

2020-05-09 09:44:20 +10:00

openssl-dsaparam.pod.in

doc: remove deprecation notes for apps that are staying.

2020-05-09 09:44:20 +10:00

openssl-ec.pod.in

Use OSSL_STORE for load_{,pub}key() and load_cert() in apps/lib/apps.c

2020-05-15 20:20:08 +02:00

openssl-ecparam.pod.in

doc: remove deprecation notes for apps that are staying.

2020-05-09 09:44:20 +10:00

openssl-enc.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-engine.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-errstr.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-fipsinstall.pod.in

Add --fips-key configuration parameter to fipsinstall application.

2020-06-29 12:20:41 +10:00

openssl-gendsa.pod.in

doc: remove deprecation notes for apps that are staying.

2020-05-09 09:44:20 +10:00

openssl-genpkey.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-genrsa.pod.in

Update RSA keygen to use sp800-56b by default

2020-06-10 08:59:56 +10:00

openssl-info.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-kdf.pod.in

kdf: make function naming consistent.

2020-06-11 11:14:21 +10:00

openssl-list.pod.in

evp_rand: documentation

2020-06-24 20:07:46 +10:00

openssl-mac.pod.in

The EVP_MAC functions have been renamed for consistency. The EVP_MAC_CTX_*

2020-06-11 11:16:37 +10:00

openssl-nseq.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-ocsp.pod.in

Use OSSL_STORE for load_{,pub}key() and load_cert() in apps/lib/apps.c

2020-05-15 20:20:08 +02:00

openssl-passwd.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-pkcs7.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-pkcs8.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-pkcs12.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-pkey.pod.in

Use OSSL_STORE for load_{,pub}key() and load_cert() in apps/lib/apps.c

2020-05-15 20:20:08 +02:00

openssl-pkeyparam.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-pkeyutl.pod.in

Use OSSL_STORE for load_{,pub}key() and load_cert() in apps/lib/apps.c

2020-05-15 20:20:08 +02:00

openssl-prime.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-provider.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-rand.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-rehash.pod.in

Amend references to "OpenSSL license"

2020-04-29 15:27:22 +02:00

openssl-req.pod.in

Remove whitespace from 'white space'

2020-06-19 07:59:46 +02:00

openssl-rsa.pod.in

Use OSSL_STORE for load_{,pub}key() and load_cert() in apps/lib/apps.c

2020-05-15 20:20:08 +02:00

openssl-rsautl.pod.in

Use OSSL_STORE for load_{,pub}key() and load_cert() in apps/lib/apps.c

2020-05-15 20:20:08 +02:00

openssl-s_client.pod.in

Introducing option SSL_OP_IGNORE_UNEXPECTED_EOF

2020-05-19 19:04:11 +03:00

openssl-s_server.pod.in

Introducing option SSL_OP_IGNORE_UNEXPECTED_EOF

2020-05-19 19:04:11 +03:00

openssl-s_time.pod.in

doc: Random spellchecking

2020-04-28 09:06:04 +10:00

openssl-sess_id.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-smime.pod.in

Use OSSL_STORE for load_{,pub}key() and load_cert() in apps/lib/apps.c

2020-05-15 20:20:08 +02:00

openssl-speed.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-spkac.pod.in

Use OSSL_STORE for load_{,pub}key() and load_cert() in apps/lib/apps.c

2020-05-15 20:20:08 +02:00

openssl-srp.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-storeutl.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-ts.pod.in

Remove whitespace from 'white space'

2020-06-19 07:59:46 +02:00

openssl-verify.pod.in

Improve documentation, layout, and code comments regarding self-issued certs etc.

2020-07-01 11:14:54 +02:00

openssl-version.pod.in

Update copyright year

2020-04-23 13:55:52 +01:00

openssl-x509.pod.in

Use OSSL_STORE for load_{,pub}key() and load_cert() in apps/lib/apps.c

2020-05-15 20:20:08 +02:00

openssl.pod

Fix issue 1418 by moving check of KU_KEY_CERT_SIGN and weakening check_issued()

2020-07-01 11:14:54 +02:00

tsget.pod

Update copyright year

2020-04-23 13:55:52 +01:00