aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/credentials/credential_manager.c
Commit message (Collapse)AuthorAgeFilesLines
* wrapped all pthread_rwlock_t in profilable rwlock_tMartin Willi2008-11-051-24/+23
|
* refactored credential builderMartin Willi2008-09-021-2/+3
| | | | | | | | | allow enumeration of matching builders try a second builder if the first one fails builder clones resources internally on demand caller frees added resources on failure and success stricter handling of non-supported build parts
* completed support of AUTHZ_CA_CERT and AUTHZ_CA_CERT_NAME attributesAndreas Steffen2008-08-261-0/+1
|
* corrected captionAndreas Steffen2008-08-011-1/+1
|
* using shared read locks in credential set enumerators to avoid deadlocksMartin Willi2008-07-301-5/+50
|
* handle ID_KEY_ID as a ID_PUBKEY_SHA1 for authenticationMartin Willi2008-05-141-2/+1
|
* some c-libs require _GNU_SOURCE for pthread_rwlockMartin Willi2008-04-231-1/+4
|
* type correctedTobias Brunner2008-04-181-2/+2
|
* added missing bits for credential cachingMartin Willi2008-04-171-29/+47
|
* extended credential_set_t interface by a cache_cert() methodMartin Willi2008-04-171-0/+19
| | | | allows persistent or in-memory caching of fetched certificates
* parallelized trust chain verificationMartin Willi2008-04-161-34/+129
| | | | | | temporary imported certificates are thread-local only read-write locking on credential manager credential sets must be thread-save now
* fixed bad cleanup which results in segfault if no issuer cert found, fixes #43Martin Willi2008-04-071-1/+0
|
* generate debug output if ocsp response does not contain status information ↵Andreas Steffen2008-04-021-2/+3
| | | | for a given certificate
* additional debug line makes certificate status checking more understandableAndreas Steffen2008-04-021-3/+8
|
* some simplifications to trusted_enumerator_tMartin Willi2008-04-011-8/+7
|
* checking pretrusted but bad certificates only onceMartin Willi2008-04-011-13/+18
|
* minor changes in debug outputAndreas Steffen2008-03-311-1/+3
|
* output error message if maximum ca path length is reachedAndreas Steffen2008-03-311-0/+4
|
* utc argument in %#T was missingAndreas Steffen2008-03-311-4/+6
|
* received certificates have least priorityMartin Willi2008-03-311-9/+5
| | | | | fixed manager unlocking
* fixed refcounting in certificate trustchain validationMartin Willi2008-03-311-3/+5
|
* fixed crash if crl fetching failsMartin Willi2008-03-281-6/+12
|
* caching of CRLsMartin Willi2008-03-281-127/+113
|
* replaced get_public() by create_public_enumerator() to try multiple public ↵Martin Willi2008-03-271-110/+205
| | | | keys for signature verification
* use trusted self-signed root CA certificates as trust anchor onlyMartin Willi2008-03-271-6/+16
|
* implemented cert cache flushing, ipsec purgeocspMartin Willi2008-03-271-0/+12
|
* caching of ocsp responses (experimental), no crl caching yetMartin Willi2008-03-261-170/+147
|
* shortened debug outputAndreas Steffen2008-03-211-2/+2
|
* detect trusted self-signed before trust chain verificationAndreas Steffen2008-03-211-4/+14
|
* optimized debug output of credential_manager.cAndreas Steffen2008-03-211-21/+21
|
* cert_cache_t caches subject-issuer relations and subject certificatesMartin Willi2008-03-201-3/+17
| | | | ocsp/crl do not benefit yet due missing lookup function
* fallback to random end entity certificate if trustchain building failsMartin Willi2008-03-201-3/+18
|
* added support for certificate requests for not yet known CAsMartin Willi2008-03-201-0/+19
|
* fixed verification of preinstalled certificatesMartin Willi2008-03-201-1/+1
|
* more trustchain verification improvementsMartin Willi2008-03-201-99/+103
| | | | should fix crl-revoked and two-certs scenarios
* refactored trustchain verification, this should fix #33Martin Willi2008-03-191-329/+114
| | | | moved auth_info/ocsp_response credset wrapper to separate files
* increased debug level in trust chain verification for auditing purposesAndreas Steffen2008-03-191-31/+50
|
* log nextUpdate of crls and ocsp responsesAndreas Steffen2008-03-191-12/+36
|
* fixed stupid bug in fetch_ocsp()Andreas Steffen2008-03-191-1/+1
|
* attempt to achieve consistent debugging outputAndreas Steffen2008-03-191-31/+41
|
* fixed CRL check return value on revoked certificatesMartin Willi2008-03-191-29/+19
| | | | | fixed possible refcounting bugs generic return_null() implementation
* fixed compiler warningMartin Willi2008-03-181-0/+1
|
* made is_newer() a certificate_t methodAndreas Steffen2008-03-181-77/+120
|
* refactored buggy trustchain building, fixed refcount bugMartin Willi2008-03-141-105/+91
|
* merged the modularization branch (credentials) back to trunkMartin Willi2008-03-131-0/+1385
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 04:03:37 +0000