aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan
Commit message (Expand)AuthorAgeFilesLines
...
* Check for issuer only if we actually got a CRLMartin Willi2011-01-051-7/+7
* Check inhibitAnyPolicy in constraints pluginMartin Willi2011-01-051-8/+53
* Slightly renamed different policyConstraints to distinguish them betterMartin Willi2011-01-053-32/+32
* Added support for inhibitAnyPolicy constraint to x509 pluginMartin Willi2011-01-054-33/+62
* Use a generic getter for all numerical X.509 constraintsMartin Willi2011-01-054-38/+42
* Check inhibitPolicyMapping in constraints pluginMartin Willi2011-01-051-3/+53
* Check requireExplicitPolicy in constraints pluginMartin Willi2011-01-051-19/+109
* Include subject cert to temporary auth info before completing trustchainMartin Willi2011-01-051-4/+1
* Fail silently when trying to convert IPv6 address to v4 family hostMartin Willi2011-01-051-0/+4
* Pass an additional anchor flag to validate() hook if we reach the root CAMartin Willi2011-01-054-8/+12
* Always pass auth info to validate(), use pathlen to check for user certificateMartin Willi2011-01-053-7/+9
* Added support for delta CRLs to x509 pluginMartin Willi2011-01-055-7/+130
* Moved CRL distribution point building to an exportable functionMartin Willi2011-01-051-29/+43
* Simplified format of x509 CRL URI parsing/enumeratorMartin Willi2011-01-056-212/+144
* Fail on critical extensions in openssl CRLsMartin Willi2011-01-051-1/+6
* Respect enforce_critical setting in x509 plugin CRLsMartin Willi2011-01-051-0/+8
* Parse CRL extensions in a switch statementMartin Willi2011-01-051-18/+24
* Respect policy mappings in certificatePolicy validationMartin Willi2011-01-051-24/+64
* Validate simple certificatePolicy inheritanceMartin Willi2011-01-051-0/+54
* Added a certificate policy OID auth_cfg constraintMartin Willi2011-01-052-0/+31
* Added support for policyConstraints to x509 pluginMartin Willi2011-01-056-8/+147
* Slightly renamed X509_NO_PATH_LEN_CONSTRAINT to use it for PolicyConstraints,...Martin Willi2011-01-054-6/+6
* Added policyMappings support to x509 pluginMartin Willi2011-01-055-3/+152
* Added policyMappings OID identifierMartin Willi2011-01-051-1/+1
* Added certificatePolicy support to x509 pluginMartin Willi2011-01-055-11/+188
* Added a null-safe strdup variantMartin Willi2011-01-052-1/+6
* Fail when parsing unsupported critical extensions in openssl_x509Martin Willi2011-01-051-1/+5
* Added CertificatePolicy OID identifierMartin Willi2011-01-051-3/+3
* Added conversion functions between string OIDs and its DER encodingMartin Willi2011-01-052-0/+110
* Do not parse certificates with invalid version in openssl pluginMartin Willi2011-01-051-0/+7
* Implemented NameConstraint matching in constraints pluginMartin Willi2011-01-051-0/+208
* Added support for generating NameConstraints in x509 pluginMartin Willi2011-01-053-4/+80
* Added support for parsing NameConstraints in x509 pluginMartin Willi2011-01-051-0/+59
* Added name constraint enumerator to x509 interfaceMartin Willi2011-01-053-1/+38
* Migrated x509_cert_t to INIT/METHOD macrosMartin Willi2011-01-051-144/+88
* Moved X509 pathlen constraint checking to constraints pluginMartin Willi2011-01-052-17/+29
* Added plugin stub for advanced X509 constraint checkingMartin Willi2011-01-056-0/+238
* Added a strncaseeq variant to the string comparison macrosMartin Willi2011-01-051-1/+6
* CRL/OCSP validation stores trustchain information in auth_cfgMartin Willi2011-01-051-17/+31
* Key strength checking stores all key sizes in auth_cfg, verifies all in compl...Martin Willi2011-01-052-75/+84
* Use subject, not issuer, of CRL issuing certificateMartin Willi2011-01-051-1/+1
* CRLSign keyUsage or CA basicConstraint are sufficient for CRL validationMartin Willi2011-01-051-1/+1
* Parse and encode crlSign keyUsage flag in x509 pluginMartin Willi2011-01-051-10/+71
* Added a flag for X509 CRLSign keyUsageMartin Willi2011-01-051-0/+2
* Remove x509_flag_names, flags do not work with ENUM()Martin Willi2011-01-053-35/+1
* Use certificate CRLIssuer information to look up cacched CRLs or CDPsMartin Willi2011-01-051-50/+88
* Added support for CRL Issuers to x509 and OpenSSL pluginsMartin Willi2011-01-056-65/+259
* Added key strength constraints for RSA or ECDSA trustchainsMartin Willi2011-01-053-0/+97
* Migrated psk/pubkey_authenticators to INIT/METHOD macrosMartin Willi2011-01-052-0/+13
* Load plugins only once, even if listed twiceMartin Willi2011-01-051-0/+27
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-12 06:03:27 +0000