bf9a313b9e
x
Love Hörnquist Åstrand
2006-04-01 01:08:52 +00:00
cdc5d08112
x
Love Hörnquist Åstrand
2006-04-01 01:04:35 +00:00
89d2c7f34d
rename missing-crl to missing-revoke
Love Hörnquist Åstrand
2006-04-01 01:04:16 +00:00
002c19e076
revoked cert
Love Hörnquist Åstrand
2006-04-01 01:02:14 +00:00
396411d822
generate crl
Love Hörnquist Åstrand
2006-04-01 01:01:35 +00:00
6d47c9c790
Added crl tests
Love Hörnquist Åstrand
2006-04-01 01:00:22 +00:00
b4f2aeb697
make ca use openssl ca command so we can add ocsp tests, and regen certs
Love Hörnquist Åstrand
2006-04-01 00:41:04 +00:00
4bffd93906
Add revoked ocsp cert test
Love Hörnquist Åstrand
2006-04-01 00:37:54 +00:00
d7379e76d2
rename missing-crl to missing-revoke
Love Hörnquist Åstrand
2006-04-01 00:30:45 +00:00
16d16befdd
refactor code, fix a un-init-ed variable
Love Hörnquist Åstrand
2006-04-01 00:29:23 +00:00
84c0fd6089
rename missing-crl to missing-revoke add ocsp tests
Love Hörnquist Åstrand
2006-04-01 00:28:15 +00:00
ba70d7c12d
Plug one memory leak.
Love Hörnquist Åstrand
2006-03-31 22:26:35 +00:00
1f876a35cb
Renamed generic CRL related errors.
Love Hörnquist Åstrand
2006-03-31 22:23:30 +00:00
8e186125fa
Comments and renamed generic CRL related errors
Love Hörnquist Åstrand
2006-03-31 22:23:10 +00:00
bfbc55c6cc
Add ocsp checker.
Love Hörnquist Åstrand
2006-03-31 22:14:12 +00:00
232ad2f27a
Add id-kp-OCSPSigning
Love Hörnquist Åstrand
2006-03-31 22:12:09 +00:00
352a78dcba
add url-path argument to ocsp-fetch
Love Hörnquist Åstrand
2006-03-31 22:11:32 +00:00
1428ca8c82
implement ocsp-fetch
Love Hörnquist Åstrand
2006-03-31 22:11:05 +00:00
3495cd039b
Update ocsp-fetch.
Love Hörnquist Åstrand
2006-03-31 22:07:55 +00:00
f3b1b0858c
Use HX509_DEFAULT_OCSP_TIME_DIFF.
Love Hörnquist Åstrand
2006-03-31 22:07:26 +00:00
51fc07bc6d
Add ocsp_time_diff to hx509_context
Love Hörnquist Åstrand
2006-03-31 22:06:49 +00:00
ea0cf892aa
(_hx509_verify_signature_bitstring): new function, commonly use when checking certificates
Love Hörnquist Åstrand
2006-03-31 22:05:37 +00:00
de38a60813
(hx509_cms_envelope_1): check for internal ASN.1 encoder error
Love Hörnquist Åstrand
2006-03-31 22:04:52 +00:00
40164d5a9e
Add ocsp glue, use new _hx509_verify_signature_bitstring, add eku checking function.
Love Hörnquist Åstrand
2006-03-31 22:03:13 +00:00
d1bf4b78e6
add id_kp_OCSPSigning.x
Love Hörnquist Åstrand
2006-03-31 21:59:06 +00:00
84c9b66b25
x
Love Hörnquist Åstrand
2006-03-31 21:58:27 +00:00
e1acef0dbc
x
Love Hörnquist Åstrand
2006-03-31 02:58:26 +00:00
0039988d29
gen_files_rfc2459 += ExtKeyUsage.x
Love Hörnquist Åstrand
2006-03-31 02:57:54 +00:00
eae092d168
Add ExtKeyUsage
Love Hörnquist Åstrand
2006-03-31 02:57:34 +00:00
4d9b604abe
Pick out certs in chain.
Love Hörnquist Åstrand
2006-03-31 02:45:00 +00:00
93e4629277
clean ev.data and ev.data.out
Love Hörnquist Åstrand
2006-03-31 02:01:07 +00:00
1ecf995c65
x
Love Hörnquist Åstrand
2006-03-31 02:00:04 +00:00
a36d831663
TODO list
Love Hörnquist Åstrand
2006-03-31 01:58:41 +00:00
d567d58fea
x
Love Hörnquist Åstrand
2006-03-31 01:53:49 +00:00
94e1fd1616
Add code to load OCSPBasicOCSPResponse files, reload crl when its changed on disk.
Love Hörnquist Åstrand
2006-03-31 01:52:33 +00:00
7c1b919893
Update for ocsp merge. handle building path w/o subject (using subject key id)
Love Hörnquist Åstrand
2006-03-31 01:51:22 +00:00
54c42411cb
_hx509_map_file changed prototype.
Love Hörnquist Åstrand
2006-03-31 01:49:37 +00:00
34b94bcd88
_hx509_map_file changed prototype, returns struct stat if requested.
Love Hörnquist Åstrand
2006-03-31 01:48:48 +00:00
3c28ff7607
Add stub for ocsp-fetch, _hx509_map_file changed prototype, add ocsp parsing to verify command.
Love Hörnquist Åstrand
2006-03-31 01:47:31 +00:00
d4919738d7
Add command ocsp-fetch
Love Hörnquist Åstrand
2006-03-31 01:45:47 +00:00
de44f94103
rename HX509_CTX_CRL_MISSING_OK to HX509_CTX_VERIFY_MISSING_OK now that we have OCSP glue
Love Hörnquist Åstrand
2006-03-31 01:43:10 +00:00
39ecd03c1e
Include OCSP.
Love Hörnquist Åstrand
2006-03-31 01:02:16 +00:00
7677242d01
RFC2560 - Online Certificate Status Protocol
Love Hörnquist Åstrand
2006-03-31 01:01:01 +00:00
f9160af5a1
(LDAP_message2entry): in declaration set variable_name as "hdb_entry_ex" (hdb_ldap_common): change "arg" in condition (if) to "search_base" (hdb_ldapi_create): change "serach_base" to "search_base" From Alex V. Labuta.
Love Hörnquist Åstrand
2006-03-30 09:03:27 +00:00
6a3ce9e3ae
Add <krb5-types.h> to make it compile on Solaris, from Alex V. Labuta.
Love Hörnquist Åstrand
2006-03-30 08:57:37 +00:00
3e1be53a7b
x
Love Hörnquist Åstrand
2006-03-30 04:41:10 +00:00
fb6af46d0e
Put all the IMPORTed headers into the headerfile to avoid hidden depencies.
Love Hörnquist Åstrand
2006-03-30 04:40:52 +00:00
c107edc050
x
Love Hörnquist Åstrand
2006-03-30 03:36:53 +00:00
ff8a601d49
(krb5_get_init_creds_opt_set_pkinit); fix prototype
Love Hörnquist Åstrand
2006-03-30 03:36:32 +00:00
145960cda9
Add pool of certificates to help certificate path building for clients sending incomplete path in the signedData.
Love Hörnquist Åstrand
2006-03-30 03:12:06 +00:00
945efb8a96
Add pool of certificates to help certificate path building for clients sending incomplete path in the signedData.
Love Hörnquist Åstrand
2006-03-28 19:57:25 +00:00
4d27cc0683
x
Love Hörnquist Åstrand
2006-03-28 13:13:38 +00:00
654d1bcf68
(_hx509_pbe_decrypt): try all passwords, not just the first one.
Love Hörnquist Åstrand
2006-03-28 13:12:09 +00:00
3cca5384bd
x
Love Hörnquist Åstrand
2006-03-28 04:52:15 +00:00
cd6acf1200
Allow passing in related certificates used to build the chain.
Love Hörnquist Åstrand
2006-03-28 04:38:14 +00:00
27a38bba47
x
Love Hörnquist Åstrand
2006-03-28 03:48:58 +00:00
6f2f155e73
(check_altName): Print the othername oid.
Love Hörnquist Åstrand
2006-03-28 03:48:21 +00:00
2832b00b67
Manual page claims RSA_public_decrypt will return -1 on error, lets check for that
Love Hörnquist Åstrand
2006-03-28 03:46:54 +00:00
6af8c899ad
x
Love Hörnquist Åstrand
2006-03-28 00:04:44 +00:00
8c6b7f98ff
Add id-pkinit-ms-san.
Love Hörnquist Åstrand
2006-03-28 00:03:34 +00:00
905242765a
(log_patype): Add case for KRB5_PADATA_PA_PK_OCSP_RESPONSE.
Love Hörnquist Åstrand
2006-03-27 22:54:50 +00:00
ab4ac9ff66
x
Love Hörnquist Åstrand
2006-03-27 22:52:29 +00:00
2dbb33653c
(PADATA-TYPE): Add KRB5-PADATA-PA-PK-OCSP-RESPONSE
Love Hörnquist Åstrand
2006-03-27 22:52:11 +00:00
7f803fd58d
(_hx509_pbe_decrypt): also try the empty password
Love Hörnquist Åstrand
2006-03-27 22:10:36 +00:00
f4e25d6573
(match_localkeyid): no need to add back the cert to the cert pool, its already there.
Love Hörnquist Åstrand
2006-03-27 22:09:28 +00:00
201f534ca1
Pass on flags, unbreaks last commit.
Love Hörnquist Åstrand
2006-03-27 21:40:56 +00:00
3c795c81d6
x
Love Hörnquist Åstrand
2006-03-27 21:35:22 +00:00
381c1b5a04
Add REQUIRE_SIGNER
Love Hörnquist Åstrand
2006-03-27 21:34:58 +00:00
e3ef13ddb4
(hx509_cert_free): ok to free NULL
Love Hörnquist Åstrand
2006-03-27 21:34:13 +00:00
72e10b58e9
Add new error code SIGNATURE_WITHOUT_SIGNER.
Love Hörnquist Åstrand
2006-03-27 21:33:19 +00:00
f0997e90dc
(_hx509_name_ds_cmp): make DirectoryString case insenstive (hx509_name_to_string): less spacing
Love Hörnquist Åstrand
2006-03-27 21:32:26 +00:00
fbd84cf005
Check for signature error, check consitency of error
Love Hörnquist Åstrand
2006-03-27 21:04:28 +00:00
ca56604415
Spelling
Love Hörnquist Åstrand
2006-03-27 15:44:04 +00:00
a615263222
x
Love Hörnquist Åstrand
2006-03-27 12:51:09 +00:00
abfe7761c2
Add hx509 when using PK-INIT.
Love Hörnquist Åstrand
2006-03-27 12:49:30 +00:00
33790dc4b8
x
Love Hörnquist Åstrand
2006-03-27 04:52:54 +00:00
63170a411d
x
Love Hörnquist Åstrand
2006-03-27 04:35:41 +00:00
28ef233497
(file_init): leak less memory
Love Hörnquist Åstrand
2006-03-27 04:26:37 +00:00
6e3958b47e
(_hx509_collector_alloc): handle errors
Love Hörnquist Åstrand
2006-03-27 04:26:05 +00:00
d275b39ee1
Use ticket flags definition, might fix Mac OS X Kerberos.app problems.
Love Hörnquist Åstrand
2006-03-27 04:22:23 +00:00
Love Hörnquist Åstrand