aboutsummaryrefslogtreecommitdiffstats
Commit message (Expand)AuthorAgeFilesLines
...
* Slightly renamed X509_NO_PATH_LEN_CONSTRAINT to use it for PolicyConstraints,...Martin Willi2011-01-0510-13/+13
* Added policyMappings support to pki toolMartin Willi2011-01-053-12/+121
* Added policyMappings support to x509 pluginMartin Willi2011-01-055-3/+152
* Added policyMappings OID identifierMartin Willi2011-01-051-1/+1
* Added certificatePolicy options to pki toolMartin Willi2011-01-054-5/+136
* Added certificatePolicy support to x509 pluginMartin Willi2011-01-055-11/+188
* Added a null-safe strdup variantMartin Willi2011-01-057-8/+13
* Fail when parsing unsupported critical extensions in openssl_x509Martin Willi2011-01-051-1/+5
* Added CertificatePolicy OID identifierMartin Willi2011-01-051-3/+3
* Added command line tool for OID to DER conversion functionMartin Willi2011-01-053-1/+35
* Added conversion functions between string OIDs and its DER encodingMartin Willi2011-01-052-0/+110
* Do not parse certificates with invalid version in openssl pluginMartin Willi2011-01-051-0/+7
* Implemented NameConstraint matching in constraints pluginMartin Willi2011-01-051-0/+208
* pki --issue/self support permitted/excluded NameConstraintsMartin Willi2011-01-053-19/+57
* pki --print prints NameConstraintsMartin Willi2011-01-051-0/+25
* Added support for generating NameConstraints in x509 pluginMartin Willi2011-01-053-4/+80
* Added support for parsing NameConstraints in x509 pluginMartin Willi2011-01-051-0/+59
* Added name constraint enumerator to x509 interfaceMartin Willi2011-01-053-1/+38
* Migrated x509_cert_t to INIT/METHOD macrosMartin Willi2011-01-051-144/+88
* Moved X509 pathlen constraint checking to constraints pluginMartin Willi2011-01-052-17/+29
* Added plugin stub for advanced X509 constraint checkingMartin Willi2011-01-057-0/+242
* Added a hook to reset ESP sequence numbersMartin Willi2011-01-052-1/+159
* Accept a suffix to differentiate x509, crl, ecdsa and rsa filesMartin Willi2011-01-051-7/+7
* Use strncaseeq instead of strncasecmpMartin Willi2011-01-055-5/+5
* Added a strncaseeq variant to the string comparison macrosMartin Willi2011-01-051-1/+6
* Added tfc_padding option, changes signature to master changesMartin Willi2011-01-051-1/+5
* CRL/OCSP validation stores trustchain information in auth_cfgMartin Willi2011-01-051-17/+31
* Key strength checking stores all key sizes in auth_cfg, verifies all in compl...Martin Willi2011-01-052-75/+84
* Install "ipsec" script with tools or conftestMartin Willi2011-01-052-1/+6
* Use subject, not issuer, of CRL issuing certificateMartin Willi2011-01-051-1/+1
* CRLSign keyUsage or CA basicConstraint are sufficient for CRL validationMartin Willi2011-01-052-3/+3
* Parse and encode crlSign keyUsage flag in x509 pluginMartin Willi2011-01-051-10/+71
* pki tool shows and builds crlSign keyUsageMartin Willi2011-01-053-2/+14
* Added a flag for X509 CRLSign keyUsageMartin Willi2011-01-051-0/+2
* Remove x509_flag_names, flags do not work with ENUM()Martin Willi2011-01-053-35/+1
* Use certificate CRLIssuer information to look up cacched CRLs or CDPsMartin Willi2011-01-051-50/+88
* Added --crlissuer option to pki --issueMartin Willi2011-01-052-19/+26
* Added support for CRL Issuers to x509 and OpenSSL pluginsMartin Willi2011-01-058-70/+269
* Generate payload to rebuild_auth, works with injected unknown payloadsMartin Willi2011-01-051-13/+17
* Move rebuild_auth functionality to a standalone hookMartin Willi2011-01-053-215/+259
* Added key strength constraints support to conftestMartin Willi2011-01-051-0/+11
* Added key strength constraints for RSA or ECDSA trustchainsMartin Willi2011-01-053-0/+97
* Implemented hook to log traffic selectorsMartin Willi2011-01-052-1/+88
* The set_reserved() hook rebuilds AUTH if it mangles ID payload fieldsMartin Willi2011-01-051-33/+214
* Include the used reserved bytes from ID payloads in AUTH calculationMartin Willi2011-01-0512-40/+132
* Migrated psk/pubkey_authenticators to INIT/METHOD macrosMartin Willi2011-01-054-84/+83
* Extended set_reserved hook to mangle sa_payload substructuresMartin Willi2011-01-051-42/+121
* Added substructure enumerators to sa_payload, proposal_substructureMartin Willi2011-01-054-0/+28
* Moved check if packet already encoded to ike_sa, avoids message() hook invoca...Martin Willi2011-01-053-17/+16
* The set_ike_version hook supports version flag manglingMartin Willi2011-01-051-0/+11
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-16 23:18:43 +0000