aboutsummaryrefslogtreecommitdiffstats
path: root/src/pki
Commit message (Collapse)AuthorAgeFilesLines
* pki: Document --online option for pki --verify and all exit codesTobias Brunner2014-06-301-5/+11
|
* pki: Also check for MAX_COMMANDS when building getopt_long argumentsTobias Brunner2014-06-241-1/+1
| | | | Completes 87e53819a6 and 0a8c399a21.
* pki: Support complex trustchain and revocation checking in --verifyMartin Willi2014-06-041-48/+86
|
* pki: Provide a fallback if strptime() not supportedMartin Willi2014-06-041-9/+63
| | | | | For simplicity, we support the default pki datetime format only, but optionally accept four digit years for longer lifetimes.
* pki: Switch to binary mode on Windows when reading/writing DER to FDsMartin Willi2014-06-0413-1/+49
|
* pki: Stop prompting for password when entering empty stringMartin Willi2014-06-041-1/+1
|
* Make sure getpass() is availableTobias Brunner2014-05-291-1/+3
| | | | It's not on Android for example.
* enum: Return boolean result for enum_from_name() lookupMartin Willi2014-05-165-10/+5
| | | | | | | | | | | Handling the result for enum_from_name() is difficult, as checking for negative return values requires a cast if the enum type is unsigned. The new signature clearly differentiates lookup result from lookup value. Further, this actually allows to convert real -1 enum values, which could not be distinguished from "not-found" and the -1 return value. This also fixes several clang warnings where enums are unsigned.
* pki: Fix memory leak when printing unknown AC group OIDsTobias Brunner2014-04-091-0/+1
|
* pki: Removed extra continue statementTobias Brunner2014-04-091-1/+0
|
* Added support for msSmartcardLogon EKUAndreas Steffen2014-04-083-2/+14
|
* pki: Document --not-before/after and --dateform options in manpagesMartin Willi2014-03-314-7/+99
|
* pki: Support absolute --this/next-update CRL lifetimesMartin Willi2014-03-311-6/+22
|
* pki: Support absolute --not-before/after issued certificate lifetimesMartin Willi2014-03-312-7/+22
|
* pki: Support absolute --not-before/after self-signed certificate lifetimesMartin Willi2014-03-311-5/+22
|
* pki: Support absolute --not-before/after acert lifetimesMartin Willi2014-03-311-7/+26
|
* pki: Add a certificate lifetime calculation helper functionMartin Willi2014-03-312-1/+69
|
* pki: Add acert and extend pki/print manpagesMartin Willi2014-03-314-2/+115
|
* pki: Implement an acert command to issue attribute certificatesMartin Willi2014-03-313-1/+275
|
* pki: Support printing attribute certificatesMartin Willi2014-03-311-1/+89
|
* pki: Don't generate negative random serial numbers in X.509 certificatesMartin Willi2014-03-312-0/+2
| | | | According to RFC 5280 4.1.2.2 we MUST force non-negative serial numbers.
* pki: When dispatching commands, don't look beyond non-null-terminated arrayMartin Willi2014-03-191-1/+1
|
* pki: Check length of commands array before accessing command in --helpMartin Willi2014-03-191-1/+1
| | | | | | | As --help is counted as command as well, the array is not null-terminated and we have to check for MAX_COMMANDS. Fixes #550.
* pki: Make cmds array static, ensuring that it is zero-initializedMartin Willi2014-02-201-2/+1
| | | | | As pki --help relies on a zero-terminated array, make the actually non-public cmds array static to ensure initialization.
* pki: Fix minor resource leak on failure to read the private key in --req5.1.2rc2Tobias Brunner2014-02-181-1/+2
|
* lib: Add global config namespaceTobias Brunner2014-02-121-1/+1
|
* pki: Declare correct section in pki --issue man pageTobias Brunner2014-01-241-1/+1
|
* chunk: Use dynamically allocated buffer in chunk_from_fd()Martin Willi2014-01-237-11/+53
| | | | | | | | When acting on files, we can use fstat() to estimate the buffer size. On non-file FDs, we dynamically increase an allocated buffer. Additionally we slightly change the function signature to properly handle zero-length files and add appropriate unit tests.
* pki: Make sure no command registers too many optionsTobias Brunner2014-01-232-4/+11
|
* pki: Increase MAX_COMMANDS to cover all currently available commandsTobias Brunner2014-01-231-2/+2
| | | | Fixes #452.
* pki: Print a warning if MAX_COMMANDS is too lowTobias Brunner2014-01-231-0/+7
|
* pki: Properly use ?: when defining option arraysTobias Brunner2014-01-231-2/+2
|
* pki: Replace BUILD_FROM_FD with passing a chunk via BUILD_BLOBTobias Brunner2013-10-237-10/+42
| | | | This allows more than one builder to try parsing the data read from STDIN.
* ignore *.1 manpage filesAndreas Steffen2013-09-171-1/+1
|
* pki: --pub also accepts public keys (i.e. to convert them to a different format)Tobias Brunner2013-09-132-3/+18
|
* pki: Add support to encode public keys in SSH key formatTobias Brunner2013-09-133-4/+16
|
* pki: Don't print an error if no arguments are givenTobias Brunner2013-09-131-1/+1
|
* pki: Install pki(1) as utility directly in $prefix/binTobias Brunner2013-09-1313-86/+85
| | | | ipsec pki is maintained as alias.
* pki: Add example commands to setup a simple CATobias Brunner2013-09-131-0/+75
|
* pki: Add pki --verify man pageTobias Brunner2013-09-134-4/+61
|
* pki: Add pki --pub man pageTobias Brunner2013-09-134-4/+81
|
* pki: Add pki --print man pageTobias Brunner2013-09-133-2/+57
|
* pki: Add pki --keyid man pageTobias Brunner2013-09-133-2/+76
|
* pki: Add pki --pkcs7 man pageTobias Brunner2013-09-134-6/+87
|
* pki: Add pki --req man pageTobias Brunner2013-09-134-5/+97
|
* pki: Add pki --signcrl man pageTobias Brunner2013-09-134-8/+134
|
* pki: Add pki --issue man pageTobias Brunner2013-09-134-8/+189
|
* pki: Add pki --self man pageTobias Brunner2013-09-134-4/+154
| | | | Can be opened with "man pki --self".
* pki: Add pki --gen man pageTobias Brunner2013-09-134-4/+118
| | | | Can be opened with "man pki --gen".
* pki: Add ipsec-pki(8) man pageTobias Brunner2013-09-134-0/+79
| | | | | | | Can be opened either with "man ipsec pki" or "man ipsec-pki". Since man(1) only supports one level of subpages, the forthcoming man pages for each command will have to be opened with "man pki --<command>".
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 06:46:40 +0000