aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Slightly renamed X509_NO_PATH_LEN_CONSTRAINT to use it for ↵Martin Willi2011-01-0510-13/+13
| | | | PolicyConstraints, too
* Added policyMappings support to pki toolMartin Willi2011-01-053-12/+121
|
* Added policyMappings support to x509 pluginMartin Willi2011-01-055-3/+152
|
* Added policyMappings OID identifierMartin Willi2011-01-051-1/+1
|
* Added certificatePolicy options to pki toolMartin Willi2011-01-054-5/+136
|
* Added certificatePolicy support to x509 pluginMartin Willi2011-01-055-11/+188
|
* Added a null-safe strdup variantMartin Willi2011-01-057-8/+13
|
* Fail when parsing unsupported critical extensions in openssl_x509Martin Willi2011-01-051-1/+5
|
* Added CertificatePolicy OID identifierMartin Willi2011-01-051-3/+3
|
* Added command line tool for OID to DER conversion functionMartin Willi2011-01-053-1/+35
|
* Added conversion functions between string OIDs and its DER encodingMartin Willi2011-01-052-0/+110
|
* Do not parse certificates with invalid version in openssl pluginMartin Willi2011-01-051-0/+7
|
* Implemented NameConstraint matching in constraints pluginMartin Willi2011-01-051-0/+208
|
* pki --issue/self support permitted/excluded NameConstraintsMartin Willi2011-01-053-19/+57
|
* pki --print prints NameConstraintsMartin Willi2011-01-051-0/+25
|
* Added support for generating NameConstraints in x509 pluginMartin Willi2011-01-053-4/+80
|
* Added support for parsing NameConstraints in x509 pluginMartin Willi2011-01-051-0/+59
|
* Added name constraint enumerator to x509 interfaceMartin Willi2011-01-053-1/+38
|
* Migrated x509_cert_t to INIT/METHOD macrosMartin Willi2011-01-051-144/+88
|
* Moved X509 pathlen constraint checking to constraints pluginMartin Willi2011-01-052-17/+29
|
* Added plugin stub for advanced X509 constraint checkingMartin Willi2011-01-057-0/+242
|
* Added a hook to reset ESP sequence numbersMartin Willi2011-01-052-1/+159
|
* Accept a suffix to differentiate x509, crl, ecdsa and rsa filesMartin Willi2011-01-051-7/+7
|
* Use strncaseeq instead of strncasecmpMartin Willi2011-01-055-5/+5
|
* Added a strncaseeq variant to the string comparison macrosMartin Willi2011-01-051-1/+6
|
* Added tfc_padding option, changes signature to master changesMartin Willi2011-01-051-1/+5
|
* CRL/OCSP validation stores trustchain information in auth_cfgMartin Willi2011-01-051-17/+31
|
* Key strength checking stores all key sizes in auth_cfg, verifies all in ↵Martin Willi2011-01-052-75/+84
| | | | complies()
* Install "ipsec" script with tools or conftestMartin Willi2011-01-052-1/+6
|
* Use subject, not issuer, of CRL issuing certificateMartin Willi2011-01-051-1/+1
|
* CRLSign keyUsage or CA basicConstraint are sufficient for CRL validationMartin Willi2011-01-052-3/+3
|
* Parse and encode crlSign keyUsage flag in x509 pluginMartin Willi2011-01-051-10/+71
|
* pki tool shows and builds crlSign keyUsageMartin Willi2011-01-053-2/+14
|
* Added a flag for X509 CRLSign keyUsageMartin Willi2011-01-051-0/+2
|
* Remove x509_flag_names, flags do not work with ENUM()Martin Willi2011-01-053-35/+1
|
* Use certificate CRLIssuer information to look up cacched CRLs or CDPsMartin Willi2011-01-051-50/+88
|
* Added --crlissuer option to pki --issueMartin Willi2011-01-052-19/+26
|
* Added support for CRL Issuers to x509 and OpenSSL pluginsMartin Willi2011-01-058-70/+269
|
* Generate payload to rebuild_auth, works with injected unknown payloadsMartin Willi2011-01-051-13/+17
|
* Move rebuild_auth functionality to a standalone hookMartin Willi2011-01-053-215/+259
| | | | This reverts commit 3c12b239fd55aa36c59eb60224d27af8b8d915d1.
* Added key strength constraints support to conftestMartin Willi2011-01-051-0/+11
|
* Added key strength constraints for RSA or ECDSA trustchainsMartin Willi2011-01-053-0/+97
|
* Implemented hook to log traffic selectorsMartin Willi2011-01-052-1/+88
|
* The set_reserved() hook rebuilds AUTH if it mangles ID payload fieldsMartin Willi2011-01-051-33/+214
|
* Include the used reserved bytes from ID payloads in AUTH calculationMartin Willi2011-01-0512-40/+132
|
* Migrated psk/pubkey_authenticators to INIT/METHOD macrosMartin Willi2011-01-054-84/+83
|
* Extended set_reserved hook to mangle sa_payload substructuresMartin Willi2011-01-051-42/+121
|
* Added substructure enumerators to sa_payload, proposal_substructureMartin Willi2011-01-054-0/+28
|
* Moved check if packet already encoded to ike_sa, avoids message() hook ↵Martin Willi2011-01-053-17/+16
| | | | invocation twice
* The set_ike_version hook supports version flag manglingMartin Willi2011-01-051-0/+11
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-16 18:28:18 +0000