| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | pki: Support complex trustchain and revocation checking in --verify | Martin Willi | 2014-06-04 | 1 | -48/+86 |
| | | |||||
| * | pki: Switch to binary mode on Windows when reading/writing DER to FDs | Martin Willi | 2014-06-04 | 11 | -1/+16 |
| | | |||||
| * | enum: Return boolean result for enum_from_name() lookup | Martin Willi | 2014-05-16 | 5 | -10/+5 |
| | | | | | | | | | | | | Handling the result for enum_from_name() is difficult, as checking for negative return values requires a cast if the enum type is unsigned. The new signature clearly differentiates lookup result from lookup value. Further, this actually allows to convert real -1 enum values, which could not be distinguished from "not-found" and the -1 return value. This also fixes several clang warnings where enums are unsigned. | ||||
| * | pki: Fix memory leak when printing unknown AC group OIDs | Tobias Brunner | 2014-04-09 | 1 | -0/+1 |
| | | |||||
| * | pki: Removed extra continue statement | Tobias Brunner | 2014-04-09 | 1 | -1/+0 |
| | | |||||
| * | Added support for msSmartcardLogon EKU | Andreas Steffen | 2014-04-08 | 3 | -2/+14 |
| | | |||||
| * | pki: Support absolute --this/next-update CRL lifetimes | Martin Willi | 2014-03-31 | 1 | -6/+22 |
| | | |||||
| * | pki: Support absolute --not-before/after issued certificate lifetimes | Martin Willi | 2014-03-31 | 1 | -6/+21 |
| | | |||||
| * | pki: Support absolute --not-before/after self-signed certificate lifetimes | Martin Willi | 2014-03-31 | 1 | -5/+22 |
| | | |||||
| * | pki: Support absolute --not-before/after acert lifetimes | Martin Willi | 2014-03-31 | 1 | -7/+26 |
| | | |||||
| * | pki: Implement an acert command to issue attribute certificates | Martin Willi | 2014-03-31 | 1 | -0/+273 |
| | | |||||
| * | pki: Support printing attribute certificates | Martin Willi | 2014-03-31 | 1 | -1/+89 |
| | | |||||
| * | pki: Don't generate negative random serial numbers in X.509 certificates | Martin Willi | 2014-03-31 | 2 | -0/+2 |
| | | | | | According to RFC 5280 4.1.2.2 we MUST force non-negative serial numbers. | ||||
| * | pki: Fix minor resource leak on failure to read the private key in --req5.1.2rc2 | Tobias Brunner | 2014-02-18 | 1 | -1/+2 |
| | | |||||
| * | chunk: Use dynamically allocated buffer in chunk_from_fd() | Martin Willi | 2014-01-23 | 7 | -11/+53 |
| | | | | | | | | | When acting on files, we can use fstat() to estimate the buffer size. On non-file FDs, we dynamically increase an allocated buffer. Additionally we slightly change the function signature to properly handle zero-length files and add appropriate unit tests. | ||||
| * | pki: Replace BUILD_FROM_FD with passing a chunk via BUILD_BLOB | Tobias Brunner | 2013-10-23 | 7 | -10/+42 |
| | | | | | This allows more than one builder to try parsing the data read from STDIN. | ||||
| * | pki: --pub also accepts public keys (i.e. to convert them to a different format) | Tobias Brunner | 2013-09-13 | 1 | -1/+15 |
| | | |||||
| * | pki: Add support to encode public keys in SSH key format | Tobias Brunner | 2013-09-13 | 1 | -1/+1 |
| | | |||||
| * | pki: Add pki --verify man page | Tobias Brunner | 2013-09-13 | 1 | -2/+1 |
| | | |||||
| * | pki: Add pki --pub man page | Tobias Brunner | 2013-09-13 | 1 | -2/+2 |
| | | |||||
| * | pki: Add pki --pkcs7 man page | Tobias Brunner | 2013-09-13 | 1 | -4/+4 |
| | | |||||
| * | pki: Add pki --req man page | Tobias Brunner | 2013-09-13 | 1 | -3/+2 |
| | | |||||
| * | pki: Add pki --signcrl man page | Tobias Brunner | 2013-09-13 | 1 | -6/+6 |
| | | |||||
| * | pki: Add pki --issue man page | Tobias Brunner | 2013-09-13 | 1 | -6/+6 |
| | | |||||
| * | pki: Add pki --self man page | Tobias Brunner | 2013-09-13 | 1 | -2/+2 |
| | | | | | Can be opened with "man pki --self". | ||||
| * | pki: Add pki --gen man page | Tobias Brunner | 2013-09-13 | 1 | -2/+2 |
| | | | | | Can be opened with "man pki --gen". | ||||
| * | Encode RSA public keys in RFC 3110 DNSKEY format | Andreas Steffen | 2013-02-19 | 1 | -1/+1 |
| | | |||||
| * | Properly read data from stream in pki --pkcs7 | Tobias Brunner | 2013-01-24 | 1 | -6/+9 |
| | | |||||
| * | Properly destroy mem_cred object on pki --pkcs7 --help | Tobias Brunner | 2013-01-24 | 1 | -0/+1 |
| | | |||||
| * | Allocate data returned by pkcs7_t.get_attribute() | Martin Willi | 2012-12-19 | 1 | -0/+1 |
| | | |||||
| * | Add a --show option to pki --pkcs7 to print contained certificates | Martin Willi | 2012-12-19 | 1 | -1/+50 |
| | | |||||
| * | pki --pkcs7 --verify shows prints the signing time, if available | Martin Willi | 2012-12-19 | 1 | -1/+17 |
| | | |||||
| * | Fix leak in pki --pkcs7 --decrypt | Martin Willi | 2012-12-19 | 1 | -0/+1 |
| | | |||||
| * | Add a pki command to sign, verify, encrypt and decrypt PKCS#7 containers | Martin Willi | 2012-12-19 | 1 | -0/+391 |
| | | |||||
| * | allow the optional sharing if RSA private keys | Andreas Steffen | 2012-11-22 | 1 | -3/+31 |
| | | |||||
| * | implemented generation of safe primes | Andreas Steffen | 2012-11-18 | 1 | -7/+20 |
| | | |||||
| * | Moved debug.[ch] to utils folder | Tobias Brunner | 2012-10-24 | 2 | -2/+2 |
| | | |||||
| * | Moved data structures to new collections subfolder | Tobias Brunner | 2012-10-24 | 4 | -4/+4 |
| | | |||||
| * | Use centralized hasher names in pki utility | Martin Willi | 2012-07-17 | 4 | -8/+8 |
| | | |||||
| * | Check rng return value when generating serial numbers in pki utility | Tobias Brunner | 2012-07-16 | 2 | -8/+8 |
| | | |||||
| * | certificate_t->issued_by takes an argument to receive signature scheme | Martin Willi | 2012-06-12 | 1 | -1/+1 |
| | | |||||
| * | Merge branch 'ikev1' | Martin Willi | 2012-05-02 | 3 | -0/+12 |
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c | ||||
| | * | Merge branch 'ikev1-clean' into ikev1-master | Martin Willi | 2012-03-20 | 3 | -0/+12 |
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins. | ||||
| | | * | Added support for iKEIntermediate flag to ipsec pki. | Tobias Brunner | 2012-03-20 | 3 | -0/+12 |
| | | | | |||||
| * | | | ASN.1 two's complement encoding prevents overflow in CRL serial number | Andreas Steffen | 2012-04-04 | 1 | -10/+18 |
| | | | | |||||
| * | | | moved chunk_skip_zero to chunk.h | Andreas Steffen | 2012-04-03 | 1 | -17/+0 |
| | | | | |||||
| * | | | remove leading zeros in ASN.1 encoded serial numbers | Andreas Steffen | 2012-03-27 | 1 | -2/+22 |
| |/ / | |||||
| * / | pki: Avoid integer overflow when calculating certificate lifetimes. | Tobias Brunner | 2011-12-23 | 3 | -3/+3 |
| |/ | | | | This only works properly if sizeof(time_t) > 4. | ||||
| * | Do proper cleanup in error case in pki req. | Tobias Brunner | 2011-04-14 | 1 | -1/+2 |
| | | |||||
| * | Do proper cleanup in some error cases in pki signcrl. | Tobias Brunner | 2011-04-14 | 1 | -2/+4 |
| | | |||||
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |