2b522ab450
added $
2008-03-20 09:30:07 +00:00
9be0dc922e
fixed verification of preinstalled certificates
2008-03-20 09:30:02 +00:00
384ebaa57a
included utils/linked_list.h
2008-03-20 09:28:58 +00:00
44ab7c85d7
more trustchain verification improvements
...
should fix crl-revoked and two-certs scenarios
2008-03-20 09:27:57 +00:00
1a9ad33e3b
cleaned up includes
2008-03-20 09:24:22 +00:00
ca7663ece6
CA certificates are allowed to sign OCSP responsed without OCSP_SIGNER flag
2008-03-20 07:21:44 +00:00
48acfe98ae
refactored trustchain verification, this should fix #33
...
moved auth_info/ocsp_response credset wrapper to separate files
2008-03-19 17:54:54 +00:00
84d8ff64cd
increased debug level in trust chain verification for auditing purposes
2008-03-19 17:04:09 +00:00
de7062a280
removed unimplemented private/public key function declarations
2008-03-19 14:21:56 +00:00
cfede7f6e2
The introduced SHA1_NOFINAL hasher was not sufficient for EAP-AKA,
...
as it requires to XOR the key into the hashers state.
A new SHA1 based keyed hash function, implemented as PRF, enables EAP-AKA
and the FIPS-PRF function to properly use the existing SHA1 implementation.
2008-03-19 14:02:52 +00:00
c912c3d382
log nextUpdate of crls and ocsp responses
2008-03-19 13:11:29 +00:00
2590faa330
fixed stupid bug in fetch_ocsp()
2008-03-19 12:36:15 +00:00
ae8715f956
attempt to achieve consistent debugging output
2008-03-19 12:06:38 +00:00
d3a6993777
fixed shared key lookup in stroke
2008-03-19 10:24:51 +00:00
3c448f019b
fixed peer_cfg lookup when omitting IDr
2008-03-19 10:08:59 +00:00
081ae2eb61
fixed CRL check return value on revoked certificates
...
fixed possible refcounting bugs
generic return_null() implementation
2008-03-19 09:44:47 +00:00
a40708e511
fixed compiler warning
2008-03-18 14:06:11 +00:00
bed94c8aeb
added generic payload order rules for notifies
2008-03-18 12:45:23 +00:00
7162be5772
fixed ike_cfg lookup in stroke
2008-03-18 12:40:41 +00:00
4bfa63ed25
added false positive signature check
2008-03-18 12:25:39 +00:00
18be601fcd
added missing test case file ([3607])
2008-03-18 12:16:36 +00:00
d7c529f5a6
creating public key from RSA private key
...
RSA key generation and signature test
2008-03-18 12:13:51 +00:00
8d49b51f8b
made is_newer() a certificate_t method
2008-03-18 10:36:08 +00:00
50045c3b14
better normalized tables for SQL plugin (IDs)
2008-03-18 09:07:04 +00:00
34e281ed32
enforcing x509_flags on certificate construction
2008-03-17 08:06:49 +00:00
d4ba109c9c
fixed CRL revoked certs enumeration
2008-03-17 07:25:32 +00:00
933f80c391
logging to SQL database
2008-03-15 14:17:09 +00:00
72d68379dc
correctly unregister IKE_SA at the bus
2008-03-15 14:08:43 +00:00
8d04f78d07
removed X509_PEER flag; flags are meant to read cert, not to store additional state in cert
...
removed x509_t.set_flags for the reason above
implemented a simple, generic shared_key_t
2008-03-14 15:11:29 +00:00
39ea88f694
credential lookup in mysql/sqlite database
2008-03-14 15:06:42 +00:00
9c410a8806
refactored buggy trustchain building, fixed refcount bug
2008-03-14 15:04:16 +00:00
dbcf4e7451
reduced mysql pool verbosity
2008-03-14 15:03:19 +00:00
8f1596d606
SQL schema for MySQL and SQLite, test data
2008-03-14 07:39:01 +00:00
df3462ddbe
two small fixes
2008-03-13 15:03:06 +00:00
e42db695e2
fixed apidoc grouping
2008-03-13 14:53:57 +00:00
419ee1072e
added NetworkManager prototype DBUS policy, applet config
2008-03-13 14:41:27 +00:00
2d94fdfab7
added old and unmaintained prototype of NetworkManager applet and authenticator
2008-03-13 14:37:11 +00:00
b820f8aa8e
reverted accidentally commited testing config
2008-03-13 14:20:20 +00:00
552cc11b1f
merged the modularization branch (credentials) back to trunk
2008-03-13 14:14:44 +00:00
2df655134c
activated svn:keywords on all UML scripts
2008-03-01 10:25:52 +00:00
7a691623c1
support of gnome-terminal in UML testing
2008-02-29 20:17:28 +00:00
37940132a4
take down eth1 interface on alice via ssh
2008-02-29 17:00:07 +00:00
2571708bea
added sleep due to new scheduler in 2.6.24 kernel
2008-02-29 15:52:25 +00:00
a983ce889a
version bumps
2008-02-29 15:51:16 +00:00
b48bdac20b
improved P2P_NAT debugging
2008-02-27 20:30:39 +00:00
e633b1998f
creating sysconfdir if it does not exist
...
moved all directory creations into starters Makefile
2008-02-22 14:50:38 +00:00
a11ea97db8
version bump to 4.2.0
2008-02-15 18:44:29 +00:00
6859f760d9
release of 4.1.11 bug fix version
2008-02-14 21:26:21 +00:00
13aa41d663
added support of --enable-eap-sim
2008-02-14 21:25:38 +00:00
af0de6272d
disable eth1 interface of UML host alice after booting
2008-02-14 21:24:54 +00:00
Andreas Steffen