2011-01-10 |
Martin Willi | Send INITIAL_CONTACT even if we have a unique policy
|
commit | commitdiff | tree |
2011-01-07 |
Martin Willi | Added NEWS for ipsec.conf certpolicy and key strength...
|
commit | commitdiff | tree |
2011-01-07 |
Martin Willi | Added support for trustchain key strength checking...
|
commit | commitdiff | tree |
2011-01-07 |
Martin Willi | Added a left/rightcertpolicy keyword to specify certificateP...
|
commit | commitdiff | tree |
2011-01-07 |
Martin Willi | Fix nonce comparison in rekey collisions, lowest nonce...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added delta CRL NEWS
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added constraints plugin NEWS
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added conftest NEWS
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added NEWS about INITIAL_CONTACT support
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Destroy existing IKE_SAs with same identities when...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Send INITIAL_CONTACT for the first IKE_SA if it has...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Migrated ike_sa_manager_t to INIT/METHOD macros, some...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added option to use a different key when rebuilding...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Do not print empty DN identities as invalid
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added support for empty subjects DNs to pki --issue
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added support for OCSP responder URIs to conftest
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added support for delta CRL checking to revocation...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Use incremented serial of base CRL when signing delta CRL
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Show base CRL of delta CRLs in listcrls
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Verify trustchain for each candidate certificate only...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Provide CRLs received in CERT payloads to trustchain...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added an AUTH_HELPER for revocation certificates
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added support for CDPs to conftest
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added CDP support to mem_cred
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Check for issuer only if we actually got a CRL
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Updated conftest README
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added support for custom file loggers, loglevel settings
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Check inhibitAnyPolicy in constraints plugin
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Slightly renamed different policyConstraints to distinguish...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added inhibitAnyPolicy constraint support to pki tool
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added support for inhibitAnyPolicy constraint to x509...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Use a generic getter for all numerical X.509 constraints
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Check inhibitPolicyMapping in constraints plugin
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Check requireExplicitPolicy in constraints plugin
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Include subject cert to temporary auth info before...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Fail silently when trying to convert IPv6 address to...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Pass an additional anchor flag to validate() hook if...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Always pass auth info to validate(), use pathlen to...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Merge test config into suite config, instead of having...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added support for delta CRLs to pki tool
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added support for delta CRLs to x509 plugin
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Moved CRL distribution point building to an exportable...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Simplified format of x509 CRL URI parsing/enumerator
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Fail on critical extensions in openssl CRLs
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Respect enforce_critical setting in x509 plugin CRLs
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Parse CRL extensions in a switch statement
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Respect policy mappings in certificatePolicy validation
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added a cert_policy option to conftest configurations
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Validate simple certificatePolicy inheritance
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added a certificate policy OID auth_cfg constraint
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added policyConstraints support to pki tool
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added support for policyConstraints to x509 plugin
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Slightly renamed X509_NO_PATH_LEN_CONSTRAINT to use...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added policyMappings support to pki tool
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added policyMappings support to x509 plugin
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added policyMappings OID identifier
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added certificatePolicy options to pki tool
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added certificatePolicy support to x509 plugin
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added a null-safe strdup variant
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Fail when parsing unsupported critical extensions in...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added CertificatePolicy OID identifier
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added command line tool for OID to DER conversion function
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added conversion functions between string OIDs and...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Do not parse certificates with invalid version in openssl...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Implemented NameConstraint matching in constraints...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | pki --issue/self support permitted/excluded NameConstraints
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | pki --print prints NameConstraints
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added support for generating NameConstraints in x509...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added support for parsing NameConstraints in x509 plugin
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added name constraint enumerator to x509 interface
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Migrated x509_cert_t to INIT/METHOD macros
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Moved X509 pathlen constraint checking to constraints...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added plugin stub for advanced X509 constraint checking
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added a hook to reset ESP sequence numbers
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Accept a suffix to differentiate x509, crl, ecdsa and...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Use strncaseeq instead of strncasecmp
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added a strncaseeq variant to the string comparison...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added tfc_padding option, changes signature to master...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | CRL/OCSP validation stores trustchain information in...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Key strength checking stores all key sizes in auth_cfg...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Install "ipsec" script with tools or conftest
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Use subject, not issuer, of CRL issuing certificate
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | CRLSign keyUsage or CA basicConstraint are sufficient...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Parse and encode crlSign keyUsage flag in x509 plugin
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | pki tool shows and builds crlSign keyUsage
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added a flag for X509 CRLSign keyUsage
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Remove x509_flag_names, flags do not work with ENUM()
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Use certificate CRLIssuer information to look up cacched...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added --crlissuer option to pki --issue
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added support for CRL Issuers to x509 and OpenSSL plugins
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Generate payload to rebuild_auth, works with injected...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Move rebuild_auth functionality to a standalone hook
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added key strength constraints support to conftest
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added key strength constraints for RSA or ECDSA trustchains
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Implemented hook to log traffic selectors
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | The set_reserved() hook rebuilds AUTH if it mangles...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Include the used reserved bytes from ID payloads in...
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Migrated psk/pubkey_authenticators to INIT/METHOD macros
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Extended set_reserved hook to mangle sa_payload substructures
|
commit | commitdiff | tree |
2011-01-05 |
Martin Willi | Added substructure enumerators to sa_payload, proposal_subst...
|
commit | commitdiff | tree |
next |