Viktor Dukhovni d02d80b2e8 Limit scope of CN name constraints ... Don't apply DNS name constraints to the subject CN when there's a least one DNS-ID subjectAlternativeName. Don't apply DNS name constraints to subject CN's that are sufficiently unlike DNS names. Checked name must have at least two labels, with all labels non-empty, no trailing '.' and all hyphens must be internal in each label. In addition to the usual LDH characters, we also allow "_", since some sites use these for hostnames despite all the standards. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>		2018-05-23 11:12:13 -04:00
..
build.info
ext_dat.h
pcy_cache.c	Update copyright year	2018-05-01 13:34:30 +01:00
pcy_data.c	Update copyright year	2018-05-01 13:34:30 +01:00
pcy_int.h
pcy_lib.c
pcy_map.c
pcy_node.c	Update copyright year	2018-05-01 13:34:30 +01:00
pcy_tree.c	Update copyright year	2018-05-01 13:34:30 +01:00
standard_exts.h
v3_addr.c
v3_admis.c
v3_admis.h
v3_akey.c
v3_akeya.c
v3_alt.c
v3_asid.c	Update copyright year	2018-02-27 13:59:42 +00:00
v3_bcons.c
v3_bitst.c
v3_conf.c	Update copyright year	2018-02-27 13:59:42 +00:00
v3_cpols.c	Update copyright year	2018-05-01 13:34:30 +01:00
v3_crld.c
v3_enum.c
v3_extku.c
v3_genn.c
v3_ia5.c
v3_info.c
v3_int.c
v3_lib.c
v3_ncons.c	Limit scope of CN name constraints	2018-05-23 11:12:13 -04:00
v3_pci.c
v3_pcia.c
v3_pcons.c
v3_pku.c
v3_pmaps.c
v3_prn.c
v3_purp.c	v3_purp.c: add locking to x509v3_cache_extensions()	2018-05-03 22:22:37 +02:00
v3_skey.c
v3_sxnet.c
v3_tlsf.c
v3_utl.c
v3err.c	Add missing error code when alloc-return-null	2018-04-26 12:27:46 -04:00