aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Include subject cert to temporary auth info before completing trustchainMartin Willi2011-01-051-4/+1
|
* Fail silently when trying to convert IPv6 address to v4 family hostMartin Willi2011-01-051-0/+4
|
* Pass an additional anchor flag to validate() hook if we reach the root CAMartin Willi2011-01-054-8/+12
|
* Always pass auth info to validate(), use pathlen to check for user certificateMartin Willi2011-01-053-7/+9
|
* Merge test config into suite config, instead of having two distinct configsMartin Willi2011-01-052-24/+6
|
* Added support for delta CRLs to pki toolMartin Willi2011-01-053-18/+91
|
* Added support for delta CRLs to x509 pluginMartin Willi2011-01-055-7/+130
|
* Moved CRL distribution point building to an exportable functionMartin Willi2011-01-051-29/+43
|
* Simplified format of x509 CRL URI parsing/enumeratorMartin Willi2011-01-059-231/+179
|
* Fail on critical extensions in openssl CRLsMartin Willi2011-01-051-1/+6
|
* Respect enforce_critical setting in x509 plugin CRLsMartin Willi2011-01-051-0/+8
|
* Parse CRL extensions in a switch statementMartin Willi2011-01-051-18/+24
|
* Respect policy mappings in certificatePolicy validationMartin Willi2011-01-051-24/+64
|
* Added a cert_policy option to conftest configurationsMartin Willi2011-01-051-1/+6
|
* Validate simple certificatePolicy inheritanceMartin Willi2011-01-051-0/+54
|
* Added a certificate policy OID auth_cfg constraintMartin Willi2011-01-052-0/+31
|
* Added policyConstraints support to pki toolMartin Willi2011-01-054-46/+87
|
* Added support for policyConstraints to x509 pluginMartin Willi2011-01-056-8/+147
|
* Slightly renamed X509_NO_PATH_LEN_CONSTRAINT to use it for ↵Martin Willi2011-01-0510-13/+13
| | | | PolicyConstraints, too
* Added policyMappings support to pki toolMartin Willi2011-01-053-12/+121
|
* Added policyMappings support to x509 pluginMartin Willi2011-01-055-3/+152
|
* Added policyMappings OID identifierMartin Willi2011-01-051-1/+1
|
* Added certificatePolicy options to pki toolMartin Willi2011-01-054-5/+136
|
* Added certificatePolicy support to x509 pluginMartin Willi2011-01-055-11/+188
|
* Added a null-safe strdup variantMartin Willi2011-01-057-8/+13
|
* Fail when parsing unsupported critical extensions in openssl_x509Martin Willi2011-01-051-1/+5
|
* Added CertificatePolicy OID identifierMartin Willi2011-01-051-3/+3
|
* Added conversion functions between string OIDs and its DER encodingMartin Willi2011-01-052-0/+110
|
* Do not parse certificates with invalid version in openssl pluginMartin Willi2011-01-051-0/+7
|
* Implemented NameConstraint matching in constraints pluginMartin Willi2011-01-051-0/+208
|
* pki --issue/self support permitted/excluded NameConstraintsMartin Willi2011-01-053-19/+57
|
* pki --print prints NameConstraintsMartin Willi2011-01-051-0/+25
|
* Added support for generating NameConstraints in x509 pluginMartin Willi2011-01-053-4/+80
|
* Added support for parsing NameConstraints in x509 pluginMartin Willi2011-01-051-0/+59
|
* Added name constraint enumerator to x509 interfaceMartin Willi2011-01-053-1/+38
|
* Migrated x509_cert_t to INIT/METHOD macrosMartin Willi2011-01-051-144/+88
|
* Moved X509 pathlen constraint checking to constraints pluginMartin Willi2011-01-052-17/+29
|
* Added plugin stub for advanced X509 constraint checkingMartin Willi2011-01-056-0/+238
|
* Added a hook to reset ESP sequence numbersMartin Willi2011-01-052-1/+159
|
* Accept a suffix to differentiate x509, crl, ecdsa and rsa filesMartin Willi2011-01-051-7/+7
|
* Use strncaseeq instead of strncasecmpMartin Willi2011-01-055-5/+5
|
* Added a strncaseeq variant to the string comparison macrosMartin Willi2011-01-051-1/+6
|
* Added tfc_padding option, changes signature to master changesMartin Willi2011-01-051-1/+5
|
* CRL/OCSP validation stores trustchain information in auth_cfgMartin Willi2011-01-051-17/+31
|
* Key strength checking stores all key sizes in auth_cfg, verifies all in ↵Martin Willi2011-01-052-75/+84
| | | | complies()
* Install "ipsec" script with tools or conftestMartin Willi2011-01-051-1/+5
|
* Use subject, not issuer, of CRL issuing certificateMartin Willi2011-01-051-1/+1
|
* CRLSign keyUsage or CA basicConstraint are sufficient for CRL validationMartin Willi2011-01-052-3/+3
|
* Parse and encode crlSign keyUsage flag in x509 pluginMartin Willi2011-01-051-10/+71
|
* pki tool shows and builds crlSign keyUsageMartin Willi2011-01-053-2/+14
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-20 19:21:08 +0000