aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/credentials
Commit message (Collapse)AuthorAgeFilesLines
* Moving charon to libcharon.Tobias Brunner2010-03-199-2929/+0
|
* Cache queue locking in credential manager corrected.Tobias Brunner2009-12-231-2/+13
|
* Using the thread wrapper in charon, libstrongswan and their plugins.Tobias Brunner2009-12-231-9/+8
|
* Separated the public interfaces of the threading primitives.Tobias Brunner2009-12-232-3/+3
|
* Moved mutex.c to a separate folder in order to cleanly wrap other threading ↵Tobias Brunner2009-12-232-2/+2
| | | | primitives (and utils/mutex.h is now threading.h).
* verify RFC3779 IP address blocks along X.509 certificate trust chainAndreas Steffen2009-12-231-0/+58
|
* implemented path length constraint checkinf for IKEv2Andreas Steffen2009-11-041-10/+26
|
* streamlined output from get_validity()Andreas Steffen2009-10-061-2/+2
|
* Fall back to default credential set lookup if fingerprint lookup failsMartin Willi2009-09-151-1/+5
|
* remove spaces within tabs (\t( )+\t)Martin Willi2009-09-041-1/+1
|
* replaces four spaces by tabs, where appropriateMartin Willi2009-09-044-13/+13
|
* removed trailing spaces ([[:space:]]+$)Martin Willi2009-09-049-141/+141
|
* use only KEY_ID_PUBKEY_SHA1 fingerprint charon internallyMartin Willi2009-08-261-1/+1
|
* updated charon to new fingerprinting APIMartin Willi2009-08-261-46/+41
|
* OpenSolaris defines MUTEX_DEFAULT therefore we rename the members of the ↵Tobias Brunner2009-08-142-2/+2
| | | | enums mutex/condvar/rwlock_type_t.
* removing svn keyword $Id$ from all filesTobias Brunner2009-04-309-18/+0
|
* merging changes from portability branch back to trunkTobias Brunner2009-04-302-11/+11
| | | | | important change for developers: %Y replaces %D to print identities!
* merged multi-auth branch back into trunkMartin Willi2009-04-146-935/+151
|
* updated DoxyfileMartin Willi2009-03-246-6/+6
| | | | | | properly close all doxygen groups fixed remaining doxygen warnings
* printf hooks refactored to increase portability (i.e. support for platforms ↵Tobias Brunner2009-03-121-8/+8
| | | | without glibc-compatible customizable printf - the Vstr string library is currently required on such platforms).
* reimplemented certificate cache:Martin Willi2008-12-151-154/+220
| | | | | | | fixes unsafe certificate caching use fixed array instead of a list fine grained per-slot locking use cache hits for housekeeping
* purge auth_info when IKE_SA is established, releases cert memoryMartin Willi2008-12-092-2/+16
|
* fixed compiler warningTobias Brunner2008-12-031-1/+1
|
* wrapped all pthread_rwlock_t in profilable rwlock_tMartin Willi2008-11-052-38/+37
|
* refactored credential builderMartin Willi2008-09-022-2/+4
| | | | | | | | | allow enumeration of matching builders try a second builder if the first one fails builder clones resources internally on demand caller frees added resources on failure and success stricter handling of non-supported build parts
* completed support of AUTHZ_CA_CERT and AUTHZ_CA_CERT_NAME attributesAndreas Steffen2008-08-261-0/+1
|
* ported parts of two-sim branchMartin Willi2008-08-222-4/+39
| | | | | | eap_identity parameter to exchange in eap_identity some auth_info/peer_cfg refactorings fixed some bugs, introduced new ones
* corrected captionAndreas Steffen2008-08-011-1/+1
|
* using shared read locks in credential set enumerators to avoid deadlocksMartin Willi2008-07-303-33/+79
|
* missing FETCH_END caused SEGFAULT in ikev2/rw-hash-and-url scenarioAndreas Steffen2008-07-221-1/+1
|
* handle ID_KEY_ID as a ID_PUBKEY_SHA1 for authenticationMartin Willi2008-05-141-2/+1
|
* some c-libs require _GNU_SOURCE for pthread_rwlockMartin Willi2008-04-231-1/+4
|
* Hash and URL cosmeticsAndreas Steffen2008-04-181-5/+5
|
* support for hash and URL encoded certificate payloads in charonTobias Brunner2008-04-183-52/+199
|
* type correctedTobias Brunner2008-04-182-3/+3
|
* added missing bits for credential cachingMartin Willi2008-04-171-29/+47
|
* extended credential_set_t interface by a cache_cert() methodMartin Willi2008-04-176-1/+51
| | | | allows persistent or in-memory caching of fetched certificates
* parallelized trust chain verificationMartin Willi2008-04-163-38/+148
| | | | | | temporary imported certificates are thread-local only read-write locking on credential manager credential sets must be thread-save now
* try to cache the same instance of equal certificatesMartin Willi2008-04-071-4/+17
|
* fixed bad cleanup which results in segfault if no issuer cert found, fixes #43Martin Willi2008-04-071-1/+0
|
* generate debug output if ocsp response does not contain status information ↵Andreas Steffen2008-04-021-2/+3
| | | | for a given certificate
* additional debug line makes certificate status checking more understandableAndreas Steffen2008-04-021-3/+8
|
* some simplifications to trusted_enumerator_tMartin Willi2008-04-011-8/+7
|
* checking pretrusted but bad certificates only onceMartin Willi2008-04-011-13/+18
|
* minor changes in debug outputAndreas Steffen2008-03-311-1/+3
|
* output error message if maximum ca path length is reachedAndreas Steffen2008-03-311-0/+4
|
* utc argument in %#T was missingAndreas Steffen2008-03-311-4/+6
|
* received certificates have least priorityMartin Willi2008-03-311-9/+5
| | | | | fixed manager unlocking
* fixed refcounting in certificate trustchain validationMartin Willi2008-03-311-3/+5
|
* fixed crash if crl fetching failsMartin Willi2008-03-281-6/+12
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-29 22:38:13 +0000