aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins/x509
Commit message (Collapse)AuthorAgeFilesLines
* x509: Check return value when signing attribute certificatesMartin Willi2014-06-041-9/+16
| | | | | | In addition that this lets AC generation fail properly if private key signing fails, it also fixes an issue when compiling on Windows with MinGW 4.8.1, where for some reason the attributeCertificateInfo got encoded incorrectly.
* x509: Undef OCSP_RESPONSE from <wincrypt.h> before using itMartin Willi2014-06-041-0/+5
|
* plugins: Don't link with -rdynamic on WindowsMartin Willi2014-06-041-1/+1
|
* x509: Remove some unused ASN1 OID constantsMartin Willi2014-05-162-25/+0
|
* x509: Don't include authKeyIdentifier in self-signed certificatesTobias Brunner2014-04-091-1/+1
| | | | | As the comment indicates this was the intention in d7be2906433a7dcfefc1fd732587865688dbfe1b all along.
* x509: Initialize certs when building optionalSignature for OCSP requestsTobias Brunner2014-04-091-1/+1
|
* Added support for msSmartcardLogon EKUAndreas Steffen2014-04-081-3/+10
|
* x509: CERT_DECODE actually requires KEY_ANYTobias Brunner2014-03-311-3/+1
| | | | | More specific decoders might still be needed, but the x509 plugin should not care which ones.
* x509: Match acert has_subject() against entityName or holder serialMartin Willi2014-03-311-5/+25
| | | | | This allows us to find attribute certificates for a subject certificate in credential sets.
* x509: Replace the comma separated string AC group builder with a list based oneMartin Willi2014-03-311-5/+5
|
* x509: Integrate IETF attribute handling, and obsolete ietf_attributes_tMartin Willi2014-03-311-9/+184
| | | | | The ietf_attributes_t class is used for attribute certificates only these days, and integrating them to x509_ac_t simplifies things significantly.
* x509: Replace fixed acert group string getter by a more dynamic group enumeratorMartin Willi2014-03-311-3/+3
|
* x509: Skip parsing of acert chargingIdentity, as we don't use it anywayMartin Willi2014-03-311-9/+1
|
* x509: Fix some whitespaces and do some minor style cleanups in acertMartin Willi2014-03-311-72/+76
|
* uclibc only defines strndup(3) if _GNU_SOURCE is definedTobias Brunner2014-02-191-2/+2
| | | | References #516.
* lib: All settings use configured namespaceTobias Brunner2014-02-122-2/+2
|
* automake: replace INCLUDES by AM_CPPFLAGSMartin Willi2013-07-181-3/+4
| | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only.
* Recognize critical IssuingDistributionPoint CRL extensionAndreas Steffen2013-07-121-0/+3
|
* certificate_t.has_subject() matches for certificate serialNumberMartin Willi2012-12-191-0/+4
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-246-6/+6
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-246-6/+6
|
* Make sure first argument is an int when using %.*s to print e.g. chunksTobias Brunner2012-09-281-1/+1
|
* Properly initialize chunk for extension OID when parsing CRLsTobias Brunner2012-09-281-1/+1
|
* Add a return value to hasher_t.allocate_hash()Martin Willi2012-07-163-21/+28
|
* Check rng return value when generating OCSP noncesTobias Brunner2012-07-161-7/+7
|
* certificate_t->issued_by takes an argument to receive signature schemeMartin Willi2012-06-126-10/+37
|
* Fixed return values of several functions (e.g. return FALSE for pointer types).Tobias Brunner2012-05-311-1/+1
|
* Certificate decoding soft-depends on public key decoding of specific typesMartin Willi2012-05-021-0/+3
|
* Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-201-18/+26
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| * Added support for iKEIntermediate X.509 extended key usage flag.Tobias Brunner2012-03-201-6/+14
| | | | | | | | Mac OS X requires server certificates to have this flag set.
| * Some whitespace fixes.Tobias Brunner2012-03-201-22/+22
| |
* | Fix whitespacesAdrian-Ken Rueegsegger2012-01-121-12/+12
| |
* | Allow callers to force ASN.1 date encoding as GENERALIZEDTIME.Tobias Brunner2011-12-233-7/+7
| |
* | Properly ASN.1 encode dates in certificates depending on the year.Tobias Brunner2011-12-233-7/+7
| |
* | Log most X.509 related messages in new ASN log group.Tobias Brunner2011-12-165-57/+57
|/
* Fix resource leak in x509_ocsp_responseThomas Egerer2011-11-041-0/+4
|
* Add features support to x509 pluginAndreas Steffen2011-10-261-42/+38
|
* Migrated x509_pkcs10 to INIT/METHOD macrosAndreas Steffen2011-09-291-78/+52
|
* Migrated x509_ocsp_response to INIT/METHOD macrosAndreas Steffen2011-09-291-84/+58
|
* Migrated x509_ocsp_request to INIT/METHOD macrosAndreas Steffen2011-09-281-75/+51
|
* Migrated x509_ac to INIT/METHOD macrosAndreas Steffen2011-09-281-107/+63
|
* Replaced simple iterator usages.Tobias Brunner2011-07-061-3/+3
|
* fixed loop error in parsing of OCSP basic responsesAndreas Steffen2011-04-261-1/+1
|
* Added a (not yet implemented) plugin_t method to reload plugin configurationMartin Willi2011-04-151-0/+1
|
* Added a get_name() function to plugin_t, create_plugin_enumerator enumerates ↵Martin Willi2011-04-151-0/+7
| | | | over plugin_t
* fixed parsing of X.509 certificatePoliciesAndreas Steffen2011-03-111-4/+4
|
* [hopefully] fixed pathlen problem on ARM platformsAndreas Steffen2011-02-101-15/+20
|
* Some typos fixed.Tobias Brunner2011-02-071-1/+1
|
* introduced libstrongswan.x509.enforce_critical parameterAndreas Steffen2011-02-052-4/+4
|
* Properly initialize variable 'critical'.Tobias Brunner2011-02-041-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-03 01:09:33 +0000