aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
* Remove HASH_PREFERRED, usages are replaced with HASH_SHA1, which is required ↵Tobias Brunner2013-10-113-6/+6
| | | | for IKEv2 anyway
* openssl: Properly log FIPS mode when enabled via openssl.confTobias Brunner2013-09-271-5/+13
| | | | | | | | | Enabling FIPS mode twice will fail, so if it is enabled in openssl.conf it should be disabled in strongswan.conf (or the other way around). Either way, we should log whether FIPS mode is enabled or not. References #412.
* sshkey: Add support for parsing keys from filesTobias Brunner2013-09-131-1/+92
|
* sshkey: Add encoding for ECDSA keysTobias Brunner2013-09-131-0/+72
|
* openssl: Add support for generic encoding of EC public keysTobias Brunner2013-09-131-23/+13
|
* sshkey: Add encoder for RSA keysTobias Brunner2013-09-135-2/+91
|
* openssl: Add generic RSA public key encodingTobias Brunner2013-09-131-3/+17
|
* openssl: Add helper function to convert BIGNUMs to chunksTobias Brunner2013-09-132-0/+27
|
* keychain: be less verbose when loading certificatesMartin Willi2013-07-311-2/+5
|
* keychain: Use AM_CPPFLAGS instead of INCLUDESTobias Brunner2013-07-191-1/+1
|
* credmgr: introduce a hook function to catch trust chain validation errorsMartin Willi2013-07-182-0/+14
|
* automake: replace INCLUDES by AM_CPPFLAGSMartin Willi2013-07-1844-138/+183
| | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only.
* soup: omit deprecated g_type_init() when using >= GLIB 2.36Martin Willi2013-07-181-0/+2
|
* keychain: flush certificate cache after reloading System keychainMartin Willi2013-07-181-0/+2
|
* keychain: monitor changes in the system keychain, reload when necessaryMartin Willi2013-07-181-0/+65
|
* keychain: use SearchCopyNext keychain enumeration for System certs as wellMartin Willi2013-07-181-71/+12
| | | | | | | SecItemCopyMatching seems to be problematic regarding memory management. And as there does not seem to be a good alternative to enumerate the System Roots keychain using the SecItemCopyMatching API, we stick to the deprecated enumeration functions for now.
* keychain: load certificates from System Roots KeychainMartin Willi2013-07-181-0/+65
|
* keychain: load certificates only once during startup, improving performanceMartin Willi2013-07-183-111/+78
|
* keychain: support on-the-fly enumeration of trusted/untrusted certificatesMartin Willi2013-07-182-1/+118
|
* keychain: add a stub for a credential plugin using OS X Keychain ServicesMartin Willi2013-07-185-0/+247
|
* openssl: parse X.509 extended key usage from extension parsing loopMartin Willi2013-07-181-33/+38
| | | | | Otherwise parsing gets aborted if unknown critical extensions are handled as error.
* openssl: show which critical X.509 extension is not supportedMartin Willi2013-07-181-1/+6
|
* pkcs12: Add plugin dependencies with soft dependencies on the most common ↵Tobias Brunner2013-07-151-0/+6
| | | | algorithms
* Recognize critical IssuingDistributionPoint CRL extensionAndreas Steffen2013-07-122-0/+7
|
* Use strpfx() helper where appropriateTobias Brunner2013-07-084-4/+4
|
* openssl: RAND_pseudo_bytes() returns 0 if bytes are not cryptographically strongMartin Willi2013-07-041-9/+6
| | | | For our purposes with RNG_WEAK this is fine, so accept a zero return value.
* plugin-loader: Removed unused path argument of load() methodTobias Brunner2013-06-282-12/+8
| | | | | Multiple additional search paths can be added with the add_path() method.
* plugin-loader: Method added to provide additional search paths for pluginsTobias Brunner2013-06-272-10/+66
|
* plugin-loader: Move logging of failed features to status()Tobias Brunner2013-06-211-7/+11
| | | | | | | | | Still log an error message if critical features fail, as loaded plugins/features are not logged in that case. This way loaded plugins are printed before failed features and the relation is easier to make for users. It also allows programs to log this message on a different level.
* plugin-loader: Add method to print loaded plugins on a given log levelTobias Brunner2013-06-212-0/+18
|
* plugin-loader: Collect statistics while loading features, print them in case ↵Tobias Brunner2013-06-211-69/+40
| | | | | | | features failed to load There is no need to explicitly search for failed features in critical plugins as this is now detected while loading the features.
* plugin-loader: Use different log level if failed feature is in critical pluginTobias Brunner2013-06-211-2/+16
|
* plugin-loader: Log message when failing to load pluginTobias Brunner2013-06-211-0/+8
|
* plugin-loader: Reduce verbosity while loading pluginsTobias Brunner2013-06-211-4/+4
|
* Move test-runners has_feature() function to plugin loaderMartin Willi2013-06-212-0/+38
|
* pubkey: Improve comparison of raw public key certificate objectsTobias Brunner2013-06-211-1/+11
|
* curl: add an option to fetch bound to a local source addressMartin Willi2013-06-111-0/+9
|
* Refactored plugin-loader with improved dependency resolutionTobias Brunner2013-06-112-238/+479
| | | | | | With the new implementation the plugins don't have to be listed in any special order, dependencies are properly resolved. The order only matters if two plugins provide the same feature.
* test-vectors: Use plugin featuresTobias Brunner2013-06-111-1/+12
|
* revocation: Use plugin features with soft dependencies on fetcher and ↵Tobias Brunner2013-06-111-3/+35
| | | | en-/decoding
* padlock: Use plugin features to properly register algorithmsTobias Brunner2013-06-111-39/+43
|
* pkcs11: Use plugin_features_add() in get_features()Tobias Brunner2013-06-111-21/+8
|
* plugin-feature: Added helper function to extend arrays of plugin featuresTobias Brunner2013-06-111-0/+21
|
* constraints: Use plugin features with soft dependency on X.509 decodingTobias Brunner2013-06-111-3/+31
|
* blowfish: Use plugin features to properly register crypterTobias Brunner2013-06-111-8/+13
|
* unbound: Use plugin features and provide RESOLVERTobias Brunner2013-06-111-3/+12
|
* plugin-feature: Add feature for DNSSEC-enabled resolversTobias Brunner2013-06-112-0/+15
|
* plugin-feature: Function added to exactly compare plugin featuresTobias Brunner2013-06-113-4/+66
|
* openssl: add support for IP addr blocks in X.509 certificatesMichael Rossberg2013-05-241-1/+115
|
* af-alg: fix number of signers after adding untruncated HMAC-SHA-512 (1f2a34d6)Martin Willi2013-05-151-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-03 00:14:36 +0000