aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins/x509
Commit message (Collapse)AuthorAgeFilesLines
* x509: Don't include authKeyIdentifier in self-signed certificatesTobias Brunner2014-04-091-1/+1
| | | | | As the comment indicates this was the intention in d7be2906433a7dcfefc1fd732587865688dbfe1b all along.
* x509: Initialize certs when building optionalSignature for OCSP requestsTobias Brunner2014-04-091-1/+1
|
* Added support for msSmartcardLogon EKUAndreas Steffen2014-04-081-3/+10
|
* x509: CERT_DECODE actually requires KEY_ANYTobias Brunner2014-03-311-3/+1
| | | | | More specific decoders might still be needed, but the x509 plugin should not care which ones.
* x509: Match acert has_subject() against entityName or holder serialMartin Willi2014-03-311-5/+25
| | | | | This allows us to find attribute certificates for a subject certificate in credential sets.
* x509: Replace the comma separated string AC group builder with a list based oneMartin Willi2014-03-311-5/+5
|
* x509: Integrate IETF attribute handling, and obsolete ietf_attributes_tMartin Willi2014-03-311-9/+184
| | | | | The ietf_attributes_t class is used for attribute certificates only these days, and integrating them to x509_ac_t simplifies things significantly.
* x509: Replace fixed acert group string getter by a more dynamic group enumeratorMartin Willi2014-03-311-3/+3
|
* x509: Skip parsing of acert chargingIdentity, as we don't use it anywayMartin Willi2014-03-311-9/+1
|
* x509: Fix some whitespaces and do some minor style cleanups in acertMartin Willi2014-03-311-72/+76
|
* uclibc only defines strndup(3) if _GNU_SOURCE is definedTobias Brunner2014-02-191-2/+2
| | | | References #516.
* lib: All settings use configured namespaceTobias Brunner2014-02-122-2/+2
|
* automake: replace INCLUDES by AM_CPPFLAGSMartin Willi2013-07-181-3/+4
| | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only.
* Recognize critical IssuingDistributionPoint CRL extensionAndreas Steffen2013-07-121-0/+3
|
* certificate_t.has_subject() matches for certificate serialNumberMartin Willi2012-12-191-0/+4
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-246-6/+6
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-246-6/+6
|
* Make sure first argument is an int when using %.*s to print e.g. chunksTobias Brunner2012-09-281-1/+1
|
* Properly initialize chunk for extension OID when parsing CRLsTobias Brunner2012-09-281-1/+1
|
* Add a return value to hasher_t.allocate_hash()Martin Willi2012-07-163-21/+28
|
* Check rng return value when generating OCSP noncesTobias Brunner2012-07-161-7/+7
|
* certificate_t->issued_by takes an argument to receive signature schemeMartin Willi2012-06-126-10/+37
|
* Fixed return values of several functions (e.g. return FALSE for pointer types).Tobias Brunner2012-05-311-1/+1
|
* Certificate decoding soft-depends on public key decoding of specific typesMartin Willi2012-05-021-0/+3
|
* Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-201-18/+26
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| * Added support for iKEIntermediate X.509 extended key usage flag.Tobias Brunner2012-03-201-6/+14
| | | | | | | | Mac OS X requires server certificates to have this flag set.
| * Some whitespace fixes.Tobias Brunner2012-03-201-22/+22
| |
* | Fix whitespacesAdrian-Ken Rueegsegger2012-01-121-12/+12
| |
* | Allow callers to force ASN.1 date encoding as GENERALIZEDTIME.Tobias Brunner2011-12-233-7/+7
| |
* | Properly ASN.1 encode dates in certificates depending on the year.Tobias Brunner2011-12-233-7/+7
| |
* | Log most X.509 related messages in new ASN log group.Tobias Brunner2011-12-165-57/+57
|/
* Fix resource leak in x509_ocsp_responseThomas Egerer2011-11-041-0/+4
|
* Add features support to x509 pluginAndreas Steffen2011-10-261-42/+38
|
* Migrated x509_pkcs10 to INIT/METHOD macrosAndreas Steffen2011-09-291-78/+52
|
* Migrated x509_ocsp_response to INIT/METHOD macrosAndreas Steffen2011-09-291-84/+58
|
* Migrated x509_ocsp_request to INIT/METHOD macrosAndreas Steffen2011-09-281-75/+51
|
* Migrated x509_ac to INIT/METHOD macrosAndreas Steffen2011-09-281-107/+63
|
* Replaced simple iterator usages.Tobias Brunner2011-07-061-3/+3
|
* fixed loop error in parsing of OCSP basic responsesAndreas Steffen2011-04-261-1/+1
|
* Added a (not yet implemented) plugin_t method to reload plugin configurationMartin Willi2011-04-151-0/+1
|
* Added a get_name() function to plugin_t, create_plugin_enumerator enumerates ↵Martin Willi2011-04-151-0/+7
| | | | over plugin_t
* fixed parsing of X.509 certificatePoliciesAndreas Steffen2011-03-111-4/+4
|
* [hopefully] fixed pathlen problem on ARM platformsAndreas Steffen2011-02-101-15/+20
|
* Some typos fixed.Tobias Brunner2011-02-071-1/+1
|
* introduced libstrongswan.x509.enforce_critical parameterAndreas Steffen2011-02-052-4/+4
|
* Properly initialize variable 'critical'.Tobias Brunner2011-02-041-1/+1
|
* Slightly renamed different policyConstraints to distinguish them betterMartin Willi2011-01-051-26/+26
|
* Added support for inhibitAnyPolicy constraint to x509 pluginMartin Willi2011-01-051-33/+57
|
* Use a generic getter for all numerical X.509 constraintsMartin Willi2011-01-051-14/+13
|
* Added support for delta CRLs to x509 pluginMartin Willi2011-01-051-7/+110
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-11 16:03:26 +0000