aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Expand)AuthorAgeFilesLines
...
* tls: Fix some TLS cipher suite enum namesMartin Willi2014-03-311-3/+3
* tls: Include TLS version announced in Client Hello in encrypted premasterMartin Willi2014-03-311-1/+7
* tls: Check for minimal TLS record length before each record iterationMartin Willi2014-03-311-8/+8
* tls: Fix AEAD algorithm filtering, avoid filtering all suites if no AEAD foundMartin Willi2014-03-311-19/+52
* tls: Offer TLS signature schemes in ClientHello in order of preferenceMartin Willi2014-03-311-90/+59
* tls: Define AES-GCM cipher suites from RFC 5288/5289Martin Willi2014-03-311-0/+54
* tls: Implement the TLS AEAD abstraction for real AEAD modesMartin Willi2014-03-314-8/+262
* tls: Separate TLS protection to abstracted AEAD modesMartin Willi2014-03-318-325/+874
* aead: Support custom AEAD salt sizesMartin Willi2014-03-3115-41/+129
* ikev2: Recreate a CHILD_SA that got a hard lifetime expire without rekeyingMartin Willi2014-03-311-0/+12
* revocation: Log error if no OCSP signer candidate foundMartin Willi2014-03-311-1/+1
* revocation: Restrict OCSP signing to specific certificatesMartin Willi2014-03-311-7/+63
* revocation: Don't merge auth config of CLR/OCSP trustchain validationMartin Willi2014-03-311-39/+24
* hashtable: Make key arguments constTobias Brunner2014-03-312-22/+23
* Properly hash pointers for hash tables where appropriateTobias Brunner2014-03-314-71/+7
* kernel-pfroute: Let get_nexthop() default to destination addressTobias Brunner2014-03-311-3/+7
* x509: CERT_DECODE actually requires KEY_ANYTobias Brunner2014-03-311-3/+1
* pkcs1: KEY_ANY public key decoder soft depends on specific decodersTobias Brunner2014-03-311-0/+3
* eap-radius: Add option to not close IKE_SAs on timeouts during interim accout...Tobias Brunner2014-03-311-1/+6
* ikev1: Accept SPI size of any length <= 16 in ISAKMP proposalTobias Brunner2014-03-311-4/+12
* proposal: Don't fail DH proposal matching if peer includes NONETobias Brunner2014-03-311-4/+19
* openac: Remove obsolete openac utilityMartin Willi2014-03-317-744/+1
* pki: Document --not-before/after and --dateform options in manpagesMartin Willi2014-03-314-7/+99
* pki: Support absolute --this/next-update CRL lifetimesMartin Willi2014-03-311-6/+22
* pki: Support absolute --not-before/after issued certificate lifetimesMartin Willi2014-03-312-7/+22
* pki: Support absolute --not-before/after self-signed certificate lifetimesMartin Willi2014-03-311-5/+22
* pki: Support absolute --not-before/after acert lifetimesMartin Willi2014-03-311-7/+26
* pki: Add a certificate lifetime calculation helper functionMartin Willi2014-03-312-1/+69
* ikev2: Cache all received attribute certificates to auth configMartin Willi2014-03-311-1/+27
* ikev2: Send all known and valid attribute certificates for subject certMartin Willi2014-03-311-0/+46
* ikev2: Slightly refactor certificate payload construction to separate functionsMartin Willi2014-03-311-37/+56
* ike: Support encoding of attribute certificates in CERT payloadsMartin Willi2014-03-311-1/+6
* auth-cfg: Declare an attribute certificate helper type to exchange acertsMartin Willi2014-03-313-2/+15
* acert: Implement a plugin finding, validating and evaluating attribute certsMartin Willi2014-03-316-0/+363
* x509: Match acert has_subject() against entityName or holder serialMartin Willi2014-03-311-5/+25
* pki: Add acert and extend pki/print manpagesMartin Willi2014-03-314-2/+115
* pki: Implement an acert command to issue attribute certificatesMartin Willi2014-03-313-1/+275
* pki: Support printing attribute certificatesMartin Willi2014-03-311-1/+89
* pki: Don't generate negative random serial numbers in X.509 certificatesMartin Willi2014-03-312-0/+2
* pem: Support encoding of attribute certificatesMartin Willi2014-03-311-1/+6
* x509: Replace the comma separated string AC group builder with a list based oneMartin Willi2014-03-314-10/+22
* x509: Integrate IETF attribute handling, and obsolete ietf_attributes_tMartin Willi2014-03-316-639/+186
* x509: Replace fixed acert group string getter by a more dynamic group enumeratorMartin Willi2014-03-315-69/+131
* x509: Skip parsing of acert chargingIdentity, as we don't use it anywayMartin Willi2014-03-311-9/+1
* x509: Fix some whitespaces and do some minor style cleanups in acertMartin Willi2014-03-311-72/+76
* ac: Remove unimplemented equals_holder() method from ac_tMartin Willi2014-03-311-8/+0
* unit-tests: Fix filtered enumerator tests on 64-bit big-endian platformsTobias Brunner2014-03-271-12/+12
* unit-tests: Fix memory leak in ntru testsTobias Brunner2014-03-271-3/+5
* unit-test: added missing TEST_FUNCTION macrosAndreas Steffen2014-03-221-8/+16
* openssl: Add default fallback when calculating fingerprints of RSA keysTobias Brunner2014-03-221-1/+15
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-10 17:04:44 +0000