| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | pki: Support complex trustchain and revocation checking in --verify | Martin Willi | 2014-06-04 | 1 | -48/+86 | |
| | | ||||||
| * | pki: Provide a fallback if strptime() not supported | Martin Willi | 2014-06-04 | 1 | -9/+63 | |
| | | | | | | For simplicity, we support the default pki datetime format only, but optionally accept four digit years for longer lifetimes. | |||||
| * | pki: Switch to binary mode on Windows when reading/writing DER to FDs | Martin Willi | 2014-06-04 | 13 | -1/+49 | |
| | | ||||||
| * | pki: Stop prompting for password when entering empty string | Martin Willi | 2014-06-04 | 1 | -1/+1 | |
| | | ||||||
| * | Make sure getpass() is available | Tobias Brunner | 2014-05-29 | 1 | -1/+3 | |
| | | | | | It's not on Android for example. | |||||
| * | enum: Return boolean result for enum_from_name() lookup | Martin Willi | 2014-05-16 | 5 | -10/+5 | |
| | | | | | | | | | | | | Handling the result for enum_from_name() is difficult, as checking for negative return values requires a cast if the enum type is unsigned. The new signature clearly differentiates lookup result from lookup value. Further, this actually allows to convert real -1 enum values, which could not be distinguished from "not-found" and the -1 return value. This also fixes several clang warnings where enums are unsigned. | |||||
| * | pki: Fix memory leak when printing unknown AC group OIDs | Tobias Brunner | 2014-04-09 | 1 | -0/+1 | |
| | | ||||||
| * | pki: Removed extra continue statement | Tobias Brunner | 2014-04-09 | 1 | -1/+0 | |
| | | ||||||
| * | Added support for msSmartcardLogon EKU | Andreas Steffen | 2014-04-08 | 3 | -2/+14 | |
| | | ||||||
| * | pki: Document --not-before/after and --dateform options in manpages | Martin Willi | 2014-03-31 | 4 | -7/+99 | |
| | | ||||||
| * | pki: Support absolute --this/next-update CRL lifetimes | Martin Willi | 2014-03-31 | 1 | -6/+22 | |
| | | ||||||
| * | pki: Support absolute --not-before/after issued certificate lifetimes | Martin Willi | 2014-03-31 | 2 | -7/+22 | |
| | | ||||||
| * | pki: Support absolute --not-before/after self-signed certificate lifetimes | Martin Willi | 2014-03-31 | 1 | -5/+22 | |
| | | ||||||
| * | pki: Support absolute --not-before/after acert lifetimes | Martin Willi | 2014-03-31 | 1 | -7/+26 | |
| | | ||||||
| * | pki: Add a certificate lifetime calculation helper function | Martin Willi | 2014-03-31 | 2 | -1/+69 | |
| | | ||||||
| * | pki: Add acert and extend pki/print manpages | Martin Willi | 2014-03-31 | 4 | -2/+115 | |
| | | ||||||
| * | pki: Implement an acert command to issue attribute certificates | Martin Willi | 2014-03-31 | 3 | -1/+275 | |
| | | ||||||
| * | pki: Support printing attribute certificates | Martin Willi | 2014-03-31 | 1 | -1/+89 | |
| | | ||||||
| * | pki: Don't generate negative random serial numbers in X.509 certificates | Martin Willi | 2014-03-31 | 2 | -0/+2 | |
| | | | | | According to RFC 5280 4.1.2.2 we MUST force non-negative serial numbers. | |||||
| * | pki: When dispatching commands, don't look beyond non-null-terminated array | Martin Willi | 2014-03-19 | 1 | -1/+1 | |
| | | ||||||
| * | pki: Check length of commands array before accessing command in --help | Martin Willi | 2014-03-19 | 1 | -1/+1 | |
| | | | | | | | | As --help is counted as command as well, the array is not null-terminated and we have to check for MAX_COMMANDS. Fixes #550. | |||||
| * | pki: Make cmds array static, ensuring that it is zero-initialized | Martin Willi | 2014-02-20 | 1 | -2/+1 | |
| | | | | | | As pki --help relies on a zero-terminated array, make the actually non-public cmds array static to ensure initialization. | |||||
| * | pki: Fix minor resource leak on failure to read the private key in --req5.1.2rc2 | Tobias Brunner | 2014-02-18 | 1 | -1/+2 | |
| | | ||||||
| * | lib: Add global config namespace | Tobias Brunner | 2014-02-12 | 1 | -1/+1 | |
| | | ||||||
| * | pki: Declare correct section in pki --issue man page | Tobias Brunner | 2014-01-24 | 1 | -1/+1 | |
| | | ||||||
| * | chunk: Use dynamically allocated buffer in chunk_from_fd() | Martin Willi | 2014-01-23 | 7 | -11/+53 | |
| | | | | | | | | | When acting on files, we can use fstat() to estimate the buffer size. On non-file FDs, we dynamically increase an allocated buffer. Additionally we slightly change the function signature to properly handle zero-length files and add appropriate unit tests. | |||||
| * | pki: Make sure no command registers too many options | Tobias Brunner | 2014-01-23 | 2 | -4/+11 | |
| | | ||||||
| * | pki: Increase MAX_COMMANDS to cover all currently available commands | Tobias Brunner | 2014-01-23 | 1 | -2/+2 | |
| | | | | | Fixes #452. | |||||
| * | pki: Print a warning if MAX_COMMANDS is too low | Tobias Brunner | 2014-01-23 | 1 | -0/+7 | |
| | | ||||||
| * | pki: Properly use ?: when defining option arrays | Tobias Brunner | 2014-01-23 | 1 | -2/+2 | |
| | | ||||||
| * | pki: Replace BUILD_FROM_FD with passing a chunk via BUILD_BLOB | Tobias Brunner | 2013-10-23 | 7 | -10/+42 | |
| | | | | | This allows more than one builder to try parsing the data read from STDIN. | |||||
| * | ignore *.1 manpage files | Andreas Steffen | 2013-09-17 | 1 | -1/+1 | |
| | | ||||||
| * | pki: --pub also accepts public keys (i.e. to convert them to a different format) | Tobias Brunner | 2013-09-13 | 2 | -3/+18 | |
| | | ||||||
| * | pki: Add support to encode public keys in SSH key format | Tobias Brunner | 2013-09-13 | 3 | -4/+16 | |
| | | ||||||
| * | pki: Don't print an error if no arguments are given | Tobias Brunner | 2013-09-13 | 1 | -1/+1 | |
| | | ||||||
| * | pki: Install pki(1) as utility directly in $prefix/bin | Tobias Brunner | 2013-09-13 | 13 | -86/+85 | |
| | | | | | ipsec pki is maintained as alias. | |||||
| * | pki: Add example commands to setup a simple CA | Tobias Brunner | 2013-09-13 | 1 | -0/+75 | |
| | | ||||||
| * | pki: Add pki --verify man page | Tobias Brunner | 2013-09-13 | 4 | -4/+61 | |
| | | ||||||
| * | pki: Add pki --pub man page | Tobias Brunner | 2013-09-13 | 4 | -4/+81 | |
| | | ||||||
| * | pki: Add pki --print man page | Tobias Brunner | 2013-09-13 | 3 | -2/+57 | |
| | | ||||||
| * | pki: Add pki --keyid man page | Tobias Brunner | 2013-09-13 | 3 | -2/+76 | |
| | | ||||||
| * | pki: Add pki --pkcs7 man page | Tobias Brunner | 2013-09-13 | 4 | -6/+87 | |
| | | ||||||
| * | pki: Add pki --req man page | Tobias Brunner | 2013-09-13 | 4 | -5/+97 | |
| | | ||||||
| * | pki: Add pki --signcrl man page | Tobias Brunner | 2013-09-13 | 4 | -8/+134 | |
| | | ||||||
| * | pki: Add pki --issue man page | Tobias Brunner | 2013-09-13 | 4 | -8/+189 | |
| | | ||||||
| * | pki: Add pki --self man page | Tobias Brunner | 2013-09-13 | 4 | -4/+154 | |
| | | | | | Can be opened with "man pki --self". | |||||
| * | pki: Add pki --gen man page | Tobias Brunner | 2013-09-13 | 4 | -4/+118 | |
| | | | | | Can be opened with "man pki --gen". | |||||
| * | pki: Add ipsec-pki(8) man page | Tobias Brunner | 2013-09-13 | 4 | -0/+79 | |
| | | | | | | | | Can be opened either with "man ipsec pki" or "man ipsec-pki". Since man(1) only supports one level of subpages, the forthcoming man pages for each command will have to be opened with "man pki --<command>". | |||||
| * | automake: replace INCLUDES by AM_CPPFLAGS | Martin Willi | 2013-07-18 | 1 | -2/+2 | |
| | | | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only. | |||||
| * | plugin-loader: Removed unused path argument of load() method | Tobias Brunner | 2013-06-28 | 1 | -1/+1 | |
| | | | | | | Multiple additional search paths can be added with the add_path() method. | |||||
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |