index
:
tteras/strongswan
master
tteras
tteras-release
tteras' strongSwan tree
gitolite
about
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
src
/
libstrongswan
Commit message (
Collapse
)
Author
Age
Files
Lines
...
*
Check for issuer only if we actually got a CRL
Martin Willi
2011-01-05
1
-7
/
+7
|
*
Check inhibitAnyPolicy in constraints plugin
Martin Willi
2011-01-05
1
-8
/
+53
|
*
Slightly renamed different policyConstraints to distinguish them better
Martin Willi
2011-01-05
3
-32
/
+32
|
*
Added support for inhibitAnyPolicy constraint to x509 plugin
Martin Willi
2011-01-05
4
-33
/
+62
|
*
Use a generic getter for all numerical X.509 constraints
Martin Willi
2011-01-05
4
-38
/
+42
|
*
Check inhibitPolicyMapping in constraints plugin
Martin Willi
2011-01-05
1
-3
/
+53
|
*
Check requireExplicitPolicy in constraints plugin
Martin Willi
2011-01-05
1
-19
/
+109
|
*
Include subject cert to temporary auth info before completing trustchain
Martin Willi
2011-01-05
1
-4
/
+1
|
*
Fail silently when trying to convert IPv6 address to v4 family host
Martin Willi
2011-01-05
1
-0
/
+4
|
*
Pass an additional anchor flag to validate() hook if we reach the root CA
Martin Willi
2011-01-05
4
-8
/
+12
|
*
Always pass auth info to validate(), use pathlen to check for user certificate
Martin Willi
2011-01-05
3
-7
/
+9
|
*
Added support for delta CRLs to x509 plugin
Martin Willi
2011-01-05
5
-7
/
+130
|
*
Moved CRL distribution point building to an exportable function
Martin Willi
2011-01-05
1
-29
/
+43
|
*
Simplified format of x509 CRL URI parsing/enumerator
Martin Willi
2011-01-05
6
-212
/
+144
|
*
Fail on critical extensions in openssl CRLs
Martin Willi
2011-01-05
1
-1
/
+6
|
*
Respect enforce_critical setting in x509 plugin CRLs
Martin Willi
2011-01-05
1
-0
/
+8
|
*
Parse CRL extensions in a switch statement
Martin Willi
2011-01-05
1
-18
/
+24
|
*
Respect policy mappings in certificatePolicy validation
Martin Willi
2011-01-05
1
-24
/
+64
|
*
Validate simple certificatePolicy inheritance
Martin Willi
2011-01-05
1
-0
/
+54
|
*
Added a certificate policy OID auth_cfg constraint
Martin Willi
2011-01-05
2
-0
/
+31
|
*
Added support for policyConstraints to x509 plugin
Martin Willi
2011-01-05
6
-8
/
+147
|
*
Slightly renamed X509_NO_PATH_LEN_CONSTRAINT to use it for ↵
Martin Willi
2011-01-05
4
-6
/
+6
|
|
|
|
PolicyConstraints, too
*
Added policyMappings support to x509 plugin
Martin Willi
2011-01-05
5
-3
/
+152
|
*
Added policyMappings OID identifier
Martin Willi
2011-01-05
1
-1
/
+1
|
*
Added certificatePolicy support to x509 plugin
Martin Willi
2011-01-05
5
-11
/
+188
|
*
Added a null-safe strdup variant
Martin Willi
2011-01-05
2
-1
/
+6
|
*
Fail when parsing unsupported critical extensions in openssl_x509
Martin Willi
2011-01-05
1
-1
/
+5
|
*
Added CertificatePolicy OID identifier
Martin Willi
2011-01-05
1
-3
/
+3
|
*
Added conversion functions between string OIDs and its DER encoding
Martin Willi
2011-01-05
2
-0
/
+110
|
*
Do not parse certificates with invalid version in openssl plugin
Martin Willi
2011-01-05
1
-0
/
+7
|
*
Implemented NameConstraint matching in constraints plugin
Martin Willi
2011-01-05
1
-0
/
+208
|
*
Added support for generating NameConstraints in x509 plugin
Martin Willi
2011-01-05
3
-4
/
+80
|
*
Added support for parsing NameConstraints in x509 plugin
Martin Willi
2011-01-05
1
-0
/
+59
|
*
Added name constraint enumerator to x509 interface
Martin Willi
2011-01-05
3
-1
/
+38
|
*
Migrated x509_cert_t to INIT/METHOD macros
Martin Willi
2011-01-05
1
-144
/
+88
|
*
Moved X509 pathlen constraint checking to constraints plugin
Martin Willi
2011-01-05
2
-17
/
+29
|
*
Added plugin stub for advanced X509 constraint checking
Martin Willi
2011-01-05
6
-0
/
+238
|
*
Added a strncaseeq variant to the string comparison macros
Martin Willi
2011-01-05
1
-1
/
+6
|
*
CRL/OCSP validation stores trustchain information in auth_cfg
Martin Willi
2011-01-05
1
-17
/
+31
|
*
Key strength checking stores all key sizes in auth_cfg, verifies all in ↵
Martin Willi
2011-01-05
2
-75
/
+84
|
|
|
|
complies()
*
Use subject, not issuer, of CRL issuing certificate
Martin Willi
2011-01-05
1
-1
/
+1
|
*
CRLSign keyUsage or CA basicConstraint are sufficient for CRL validation
Martin Willi
2011-01-05
1
-1
/
+1
|
*
Parse and encode crlSign keyUsage flag in x509 plugin
Martin Willi
2011-01-05
1
-10
/
+71
|
*
Added a flag for X509 CRLSign keyUsage
Martin Willi
2011-01-05
1
-0
/
+2
|
*
Remove x509_flag_names, flags do not work with ENUM()
Martin Willi
2011-01-05
3
-35
/
+1
|
*
Use certificate CRLIssuer information to look up cacched CRLs or CDPs
Martin Willi
2011-01-05
1
-50
/
+88
|
*
Added support for CRL Issuers to x509 and OpenSSL plugins
Martin Willi
2011-01-05
6
-65
/
+259
|
*
Added key strength constraints for RSA or ECDSA trustchains
Martin Willi
2011-01-05
3
-0
/
+97
|
*
Migrated psk/pubkey_authenticators to INIT/METHOD macros
Martin Willi
2011-01-05
2
-0
/
+13
|
*
Load plugins only once, even if listed twice
Martin Willi
2011-01-05
1
-0
/
+27
|
[prev]
[next]