aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/config/credentials
Commit message (Collapse)AuthorAgeFilesLines
* ignoring unkown crl/ocsp urisMartin Willi2007-07-041-2/+8
|
* moved assignment of CERT_UNKNOWN4.1.3Andreas Steffen2007-05-251-2/+2
|
* log trust pathlenAndreas Steffen2007-05-251-4/+6
|
* included a certificate label in the is_trusted() methodAndreas Steffen2007-05-251-8/+6
|
* DBG1 level now shows stepping up through the certifiate hierarchy up to the ↵Andreas Steffen2007-05-251-2/+2
| | | | trust anchor
* set certinfo status to CERT_UNKNOWN before crl and|or ocsp verificationAndreas Steffen2007-05-251-3/+7
|
* fixed nextUpdate and until behaviour in the non-strict caseAndreas Steffen2007-05-191-10/+8
|
* support of CA-based ipsec policiesAndreas Steffen2007-05-181-40/+40
|
* verification of locally loaded peer certificatesAndreas Steffen2007-05-151-87/+92
|
* support of multiple certificates with same peer idAndreas Steffen2007-05-151-36/+74
|
* changing UID/GID after startup of pluto/charonMartin Willi2007-05-071-1/+3
| | | | added --with-uid/--with-gid configure option
* implementation of strictcrlpolicy=ifuriAndreas Steffen2007-04-202-46/+56
|
* started support of X.509 attribute certificatesAndreas Steffen2007-04-121-21/+93
|
* removed list_crls() and list_ocsp() methodsAndreas Steffen2007-04-061-57/+2
|
* support cachecrls=yesAndreas Steffen2007-04-051-5/+13
|
* implemented dynamic http-based CRL fetchingAndreas Steffen2007-04-031-8/+3
|
* merged changes from eap-aka trunkMartin Willi2007-03-281-15/+48
|
* is_trusted() adds cert_status to cert_to_be_trustedAndreas Steffen2007-03-281-3/+37
|
* implemented ipsec listocsp functionAndreas Steffen2007-03-271-5/+32
|
* results from the single responses is stored in the corresponding certinfo_t ↵Andreas Steffen2007-03-121-2/+2
| | | | structs
* moved credential_store.h from charon/config/credentials to libstrongswanAndreas Steffen2007-03-092-286/+1
|
* fixed a certinfo_t memory leak in verify()Andreas Steffen2007-03-091-1/+4
|
* ocsp signer certificate and ocsp response signature can be verifiedAndreas Steffen2007-03-082-3/+69
|
* fixed call of add_auth_certificate()Andreas Steffen2007-03-082-7/+9
|
* generalized get_ca_certificate() to get_auth_certificate(auth_flags)Andreas Steffen2007-03-082-7/+9
|
* support if ocsp signing certificatesAndreas Steffen2007-03-082-61/+97
|
* add crl and ocsp uris to linked list after partial verificationAndreas Steffen2007-03-061-22/+35
|
* refactored ca_info_tAndreas Steffen2007-03-032-166/+115
|
* added support for 0.0.0.0/0 traffic selectorsMartin Willi2007-03-011-1/+3
| | | | fixed routing to make correct 0.0.0.0/0 routes
* added support of OCSP accessLocationsAndreas Steffen2007-02-251-5/+17
|
* full support of ca info recordsAndreas Steffen2007-02-242-22/+111
|
* support of ca info recordsAndreas Steffen2007-02-232-0/+45
|
* %T requires time_t ptrAndreas Steffen2007-02-081-1/+1
|
* better split up of library files "types.h" & "definitions.h"Martin Willi2006-10-313-9/+6
| | | | | | | | | centralized all printf specifier character definitions reuse of arginfo handlers more cleanups fixed more AMD64 issues added DEBUG_LEVEL compile flag to exclude DBGn() statements
* moved typedefs to beginning of files to solve some include problemsMartin Willi2006-10-303-8/+8
| | | | | | | splitted authenticator to have a separate implementation for each auth_method_t using va_copy to clone va_lists, should fix proplems on AMD64 some other cleanups
* support of certreq payload in IKE_AUTH messagesAndreas Steffen2006-10-282-0/+39
|
* added method get_ca_certificate()Andreas Steffen2006-10-282-10/+54
|
* improved signal handling and emittingMartin Willi2006-10-261-46/+46
|
* removed deprecated iterator methods (has_next & current)Martin Willi2006-10-241-52/+33
| | | | added iterator hook to manipulate iterator the clean way
* linked list cleanupsMartin Willi2006-10-241-52/+7
| | | | | added list methods invoke(), destroy_offset(), destroy_function() simplified list destruction when destroying its items
* introduced new logging subsystem using bus:Martin Willi2006-10-182-168/+83
| | | | | | | passive listeners can register on the bus active listeners wait for signals actively multiplexing allows multiple listeners to receive debug signals a lot more...
* introduced printf() specifiers for:Martin Willi2006-09-271-2/+2
| | | | | | | | | | | host_t (%H) identification_t (%D) chunk pointers (%B) memory pointer/length (%b) added a signaling bus: receives event and debug messages, sends them to its listeners stream_logger, sys_logger, file_logger added, listen to bus some other tweaks here and there
* support of encrypted private key filesAndreas Steffen2006-09-201-1/+19
|
* fixed the ids parsing bugAndreas Steffen2006-09-191-1/+4
|
* fixed memleakMartin Willi2006-09-181-10/+27
| | | | | fixed proper handling of id parsing errors proper return value when no PSK found
* added PSK supportAndreas Steffen2006-09-182-22/+273
|
* updated copyright informationMartin Willi2006-07-071-1/+2
|
* support of cert payloadsAndreas Steffen2006-07-032-55/+163
|
* added X.509 trust chain verificationAndreas Steffen2006-06-272-4/+248
|
* readded local_credential_storeMartin Willi2006-06-203-67/+130
| | | | | | added sendcert policy to connection some other cleanups
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-28 22:06:23 +0000