Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | automake: replace INCLUDES by AM_CPPFLAGS | Martin Willi | 2013-07-18 | 1 | -2/+2 |
| | | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only. | ||||
* | plugin-loader: Removed unused path argument of load() method | Tobias Brunner | 2013-06-28 | 1 | -1/+1 |
| | | | | | Multiple additional search paths can be added with the add_path() method. | ||||
* | Fixed Doxygen comments after scanning complete src directory | Tobias Brunner | 2013-03-02 | 2 | -2/+4 |
| | |||||
* | Encode RSA public keys in RFC 3110 DNSKEY format | Andreas Steffen | 2013-02-19 | 2 | -1/+12 |
| | |||||
* | Properly read data from stream in pki --pkcs7 | Tobias Brunner | 2013-01-24 | 1 | -6/+9 |
| | |||||
* | Properly destroy mem_cred object on pki --pkcs7 --help | Tobias Brunner | 2013-01-24 | 1 | -0/+1 |
| | |||||
* | Allocate data returned by pkcs7_t.get_attribute() | Martin Willi | 2012-12-19 | 1 | -0/+1 |
| | |||||
* | Add a --show option to pki --pkcs7 to print contained certificates | Martin Willi | 2012-12-19 | 1 | -1/+50 |
| | |||||
* | pki --pkcs7 --verify shows prints the signing time, if available | Martin Willi | 2012-12-19 | 1 | -1/+17 |
| | |||||
* | Fix leak in pki --pkcs7 --decrypt | Martin Willi | 2012-12-19 | 1 | -0/+1 |
| | |||||
* | Add a pki command to sign, verify, encrypt and decrypt PKCS#7 containers | Martin Willi | 2012-12-19 | 2 | -0/+392 |
| | |||||
* | allow the optional sharing if RSA private keys | Andreas Steffen | 2012-11-22 | 1 | -3/+31 |
| | |||||
* | implemented generation of safe primes | Andreas Steffen | 2012-11-18 | 1 | -7/+20 |
| | |||||
* | Moved debug.[ch] to utils folder | Tobias Brunner | 2012-10-24 | 4 | -4/+4 |
| | |||||
* | Moved data structures to new collections subfolder | Tobias Brunner | 2012-10-24 | 4 | -4/+4 |
| | |||||
* | Avoid overrunning array when registering pki command line options | Tobias Brunner | 2012-09-28 | 1 | -1/+1 |
| | |||||
* | Use centralized hasher names in pki utility | Martin Willi | 2012-07-17 | 6 | -45/+8 |
| | |||||
* | Check rng return value when generating serial numbers in pki utility | Tobias Brunner | 2012-07-16 | 2 | -8/+8 |
| | |||||
* | certificate_t->issued_by takes an argument to receive signature scheme | Martin Willi | 2012-06-12 | 1 | -1/+1 |
| | |||||
* | Merge branch 'ikev1' | Martin Willi | 2012-05-02 | 3 | -0/+12 |
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c | ||||
| * | Merge branch 'ikev1-clean' into ikev1-master | Martin Willi | 2012-03-20 | 3 | -0/+12 |
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins. | ||||
| | * | Added support for iKEIntermediate flag to ipsec pki. | Tobias Brunner | 2012-03-20 | 3 | -0/+12 |
| | | | |||||
* | | | ASN.1 two's complement encoding prevents overflow in CRL serial number | Andreas Steffen | 2012-04-04 | 1 | -10/+18 |
| | | | |||||
* | | | moved chunk_skip_zero to chunk.h | Andreas Steffen | 2012-04-03 | 1 | -17/+0 |
| | | | |||||
* | | | remove leading zeros in ASN.1 encoded serial numbers | Andreas Steffen | 2012-03-27 | 1 | -2/+22 |
|/ / | |||||
* | | Cache list of plugin names to further simplify its usage. | Tobias Brunner | 2012-01-19 | 1 | -3/+2 |
| | | | | | | | | Also helpful for ipsec statusall to avoid having to enumerate plugins. | ||||
* | | Log list of loaded plugins in main PKI help output. | Tobias Brunner | 2012-01-19 | 1 | -0/+8 |
| | | |||||
* | | pki: Avoid integer overflow when calculating certificate lifetimes. | Tobias Brunner | 2011-12-23 | 3 | -3/+3 |
|/ | | | | This only works properly if sizeof(time_t) > 4. | ||||
* | Do proper cleanup in error case in pki req. | Tobias Brunner | 2011-04-14 | 1 | -1/+2 |
| | |||||
* | Do proper cleanup in some error cases in pki signcrl. | Tobias Brunner | 2011-04-14 | 1 | -2/+4 |
| | |||||
* | use DN from pkcs10 request if it exists | Andreas Steffen | 2011-02-07 | 1 | -5/+6 |
| | |||||
* | Added support for empty subjects DNs to pki --issue | Martin Willi | 2011-01-05 | 1 | -8/+7 |
| | |||||
* | Use incremented serial of base CRL when signing delta CRL | Martin Willi | 2011-01-05 | 1 | -0/+2 |
| | |||||
* | Slightly renamed different policyConstraints to distinguish them better | Martin Willi | 2011-01-05 | 2 | -12/+12 |
| | |||||
* | Added inhibitAnyPolicy constraint support to pki tool | Martin Willi | 2011-01-05 | 3 | -5/+21 |
| | |||||
* | Use a generic getter for all numerical X.509 constraints | Martin Willi | 2011-01-05 | 1 | -10/+10 |
| | |||||
* | Added support for delta CRLs to pki tool | Martin Willi | 2011-01-05 | 3 | -18/+91 |
| | |||||
* | Simplified format of x509 CRL URI parsing/enumerator | Martin Willi | 2011-01-05 | 2 | -14/+30 |
| | |||||
* | Added policyConstraints support to pki tool | Martin Willi | 2011-01-05 | 4 | -46/+87 |
| | |||||
* | Slightly renamed X509_NO_PATH_LEN_CONSTRAINT to use it for ↵ | Martin Willi | 2011-01-05 | 3 | -3/+3 |
| | | | | PolicyConstraints, too | ||||
* | Added policyMappings support to pki tool | Martin Willi | 2011-01-05 | 3 | -12/+121 |
| | |||||
* | Added certificatePolicy options to pki tool | Martin Willi | 2011-01-05 | 4 | -5/+136 |
| | |||||
* | pki --issue/self support permitted/excluded NameConstraints | Martin Willi | 2011-01-05 | 3 | -19/+57 |
| | |||||
* | pki --print prints NameConstraints | Martin Willi | 2011-01-05 | 1 | -0/+25 |
| | |||||
* | CRLSign keyUsage or CA basicConstraint are sufficient for CRL validation | Martin Willi | 2011-01-05 | 1 | -2/+2 |
| | |||||
* | pki tool shows and builds crlSign keyUsage | Martin Willi | 2011-01-05 | 3 | -2/+14 |
| | |||||
* | Added --crlissuer option to pki --issue | Martin Willi | 2011-01-05 | 2 | -19/+26 |
| | |||||
* | Added support for CRL Issuers to x509 and OpenSSL plugins | Martin Willi | 2011-01-05 | 1 | -3/+8 |
| | |||||
* | Added crl support to pki --print | Martin Willi | 2010-08-30 | 1 | -7/+52 |
| | |||||
* | Build dedicated plugin lists for each strongSwan component | Martin Willi | 2010-08-12 | 1 | -1/+1 |
| |