aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/credentials/certificates
Commit message (Collapse)AuthorAgeFilesLines
* certificate: Return signature scheme and parameters from issued_by() methodTobias Brunner2017-11-081-3/+4
| | | | | This also required some include restructuring (avoid including library.h in headers) to avoid unresolvable circular dependencies.
* certificates: Use shared destructor for x509_cdp_tTobias Brunner2017-09-182-2/+14
|
* Fix some Doxygen issuesTobias Brunner2016-03-111-5/+5
|
* Refactored certificate management for the vici and stroke interfaces5.4.0dr1Andreas Steffen2015-12-122-30/+130
|
* Changed some certificate_type_names and added x509_flag_namesAndreas Steffen2015-12-113-4/+36
|
* Print OCSP single responsesAndreas Steffen2015-12-112-3/+82
|
* Standardized printing of certificate informationAndreas Steffen2015-12-112-0/+651
| | | | | | | The certificate_printer class allows the printing of certificate information to a text file (usually stdout). This class is used by the pki --print and swanctl --list-certs commands as well as by the stroke plugin.
* Fixed some typosTobias Brunner2015-08-132-2/+2
|
* crl: Undefine <wincrypt.h>'s CRL_REASON_* and use our enum values insteadMartin Willi2014-06-031-8/+20
|
* Added support for msSmartcardLogon EKUAndreas Steffen2014-04-081-10/+12
|
* x509: Integrate IETF attribute handling, and obsolete ietf_attributes_tMartin Willi2014-03-311-1/+0
| | | | | The ietf_attributes_t class is used for attribute certificates only these days, and integrating them to x509_ac_t simplifies things significantly.
* x509: Replace fixed acert group string getter by a more dynamic group enumeratorMartin Willi2014-03-311-3/+13
|
* ac: Remove unimplemented equals_holder() method from ac_tMartin Willi2014-03-311-8/+0
|
* Remove pluto specific certificate typesTobias Brunner2013-05-082-8/+1
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-242-2/+2
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-242-2/+2
|
* certificate_t->issued_by takes an argument to receive signature schemeMartin Willi2012-06-121-1/+3
|
* Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-201-0/+2
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| * Added support for iKEIntermediate X.509 extended key usage flag.Tobias Brunner2012-03-201-0/+2
| | | | | | | | Mac OS X requires server certificates to have this flag set.
| * Some whitespace fixes.Tobias Brunner2012-03-201-4/+4
| |
* | Fix whitespacesAdrian-Ken Rueegsegger2012-01-121-4/+4
| |
* | Fixed missing initializer compiler warning.Tobias Brunner2011-11-251-2/+2
|/
* Handle certificates being on hold in a CRLThomas Egerer2011-11-042-0/+3
| | | | | | | Certificates which are set on hold in a CRL might be removed from any subsequent CRL. Hence you cannot conclude that a certificate is revoked for good in this case, you would try to retrieve an update CRL to see if the certificate on hold is still on it or not.
* Readded docs for some arguments to global functions.Tobias Brunner2011-07-212-6/+8
| | | | Those were overzealously removed in 28623fc5389829858c78c759a214aa5c64ea26c6.
* Fixed common misspellings.Tobias Brunner2011-07-201-1/+1
| | | | Mostly found by 'codespell'.
* "this" removed from comments.Tobias Brunner2011-07-063-5/+2
|
* [hopefully] fixed pathlen problem on ARM platformsAndreas Steffen2011-02-101-2/+3
|
* Added support for inhibitAnyPolicy constraint to x509 pluginMartin Willi2011-01-051-0/+2
|
* Use a generic getter for all numerical X.509 constraintsMartin Willi2011-01-051-10/+16
|
* Added support for delta CRLs to x509 pluginMartin Willi2011-01-051-0/+15
|
* Simplified format of x509 CRL URI parsing/enumeratorMartin Willi2011-01-051-1/+12
|
* Added support for policyConstraints to x509 pluginMartin Willi2011-01-051-1/+11
|
* Slightly renamed X509_NO_PATH_LEN_CONSTRAINT to use it for ↵Martin Willi2011-01-051-1/+1
| | | | PolicyConstraints, too
* Added policyMappings support to x509 pluginMartin Willi2011-01-051-0/+18
|
* Added certificatePolicy support to x509 pluginMartin Willi2011-01-051-0/+20
|
* Added name constraint enumerator to x509 interfaceMartin Willi2011-01-051-0/+8
|
* Added a flag for X509 CRLSign keyUsageMartin Willi2011-01-051-0/+2
|
* Remove x509_flag_names, flags do not work with ENUM()Martin Willi2011-01-052-33/+0
|
* Added support for CRL Issuers to x509 and OpenSSL pluginsMartin Willi2011-01-051-2/+2
|
* Support different encoding types in certificate.get_encoding()Martin Willi2010-07-131-3/+7
|
* Charon uses a generic trunstchain length limit, not only for X509 certificatesMartin Willi2010-07-131-1/+0
|
* Removed is_newer() from certificate_t, obsoleting all implementationsMartin Willi2010-05-211-7/+0
|
* Added generic implementations for crl_is_newer/certificate_is_newerMartin Willi2010-05-214-1/+68
|
* Support TLS client authentication Extended Key Usage in x509 generationMartin Willi2010-01-142-9/+13
|
* X509_IP_ADDR_BLOCKS flag signals the presence of an ipAddrBlock certificate ↵Andreas Steffen2009-12-221-6/+8
| | | | extension
* added create_ipAddrBlock_enumerator() method to x509_tAndreas Steffen2009-12-221-0/+7
|
* list v3 or v4 fingerprintAndreas Steffen2009-11-081-0/+7
|
* implemented path length constraint checkinf for IKEv2Andreas Steffen2009-11-041-1/+2
|
* implemented parsing of pathLenConstraintAndreas Steffen2009-11-041-0/+9
|
* moved .gitignore for poolAndreas Steffen2009-10-151-2/+0
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-28 04:56:05 +0000