Age | Commit message (Expand) | Author |
2021-01-23 | Handle write() errors. | tobhe |
2021-01-23 | Handle errors and truncated output from snprintf(). | tobhe |
2020-06-10 | Cast imsg->data to char pointer to silence GCC warning | kn |
2020-04-25 | Document 'ikectl show sa'. | tobhe |
2020-03-22 | Add 'ikectl show sa' command to print information about the state of | tobhe |
2020-03-18 | Add 'ikectl reset id <ID>' command to reset all SAs from policies with | tobhe |
2019-05-08 | convert system() calls to an execv() like interface. | Ted Unangst |
2019-02-26 | ikectl's built-in CA command for simple configurations has a fixed certificate | Stuart Henderson |
2018-06-18 | fix memory leak: freeaddrinfo() the data from getaddrinfo(). | Sebastian Benoit |
2017-11-08 | Since r1.41 the extensions are included in the CSR. Thus ca_request() | Patrick Wildt |
2017-06-08 | Invoke openssl with -passin file rather than -key in ca_revoke(). | Jonathan Gray |
2017-05-31 | ca_revoke() gets called two ways. Directly from ca_opt() with keyname | Jonathan Gray |
2017-05-24 | Set REQ_EXT in req section so ikectl ca certificate revoke will work again. | Jonathan Gray |
2017-05-21 | A few more freezero() uses | Theo de Raadt |
2017-03-29 | set REQ_EXT to x509v3_CA, fixing "ikectl ca XX create" inadvertently broken | Stuart Henderson |
2017-01-31 | Teach ikectl to include extensions in the CSR, rather than just adding them | Stuart Henderson |
2016-09-11 | Files in /etc/ssl belong to root. ok deraadt | Martin Natano |
2016-06-14 | Remove unused variable, found by clang | Reyk Floeter |
2016-03-01 | add LIBCRYPTO to DPADD | Gleydson Soares |
2015-12-05 | EAGAIN handling for imsg_read. OK henning@ benno@ | Claudio Jeker |
2015-11-10 | With ikectl now requiring ca specific sections not present in the | Jonathan Gray |
2015-11-06 | Use pledge in ikectl. For now one request for sending imsgs to iked | Jonathan Gray |
2015-11-02 | switch from using sha1 to sha256 | Jonathan Gray |
2015-11-02 | sign csrs with openssl ca instead of x509 -req | Jonathan Gray |
2015-11-02 | sign csrs with openssl ca instead of x509 -req | Jonathan Gray |
2015-11-02 | Accept an ocsp option when creating certificates to set the extended | Jonathan Gray |
2015-09-07 | append a slash immediately after a file system path that is a directory; | Igor Sobrado |
2015-08-19 | ca_hier() und ca_newpass() abort on failure, return void instead of int. | Reyk Floeter |
2015-08-19 | spacing | Reyk Floeter |
2015-08-19 | fcopy_env() should return void as it aborts on failure. | Reyk Floeter |
2015-08-19 | Use C99 integer types in ikectl(8). | Reyk Floeter |
2015-08-19 | Support for overwriting $ENV:: variables in OpenSSL .cnf files from | Reyk Floeter |
2015-08-15 | correct mode_t 644 to 0644 | Sebastien Marie |
2015-08-15 | corrects three err() to errx() calls | Sebastien Marie |
2015-07-27 | use file system path (.Pa) semantic markup macros where appropriate. | Igor Sobrado |
2015-06-11 | Use "compliant" header guards by avoiding the reserved '_' namespace. | Reyk Floeter |
2015-02-28 | Reduce usage of predefined strings in manpages. | Anthony J. Bentley |
2015-01-16 | Replace <sys/param.h> with <limits.h> and other less dirty headers where | Theo de Raadt |
2014-11-22 | /dev/random has created the same effect as /dev/arandom (and /dev/urandom) | Theo de Raadt |
2014-08-26 | Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not | Joel Sing |
2014-08-25 | Delete secret or secret-derived data with explicit_bzero. | Doug Hogan |
2014-07-20 | Make sure the correct errno is reported by warn* or err* and not | Philip Guenther |
2014-04-18 | round up some enemy sympathizers found calling RAND_seed(). | Ted Unangst |
2014-01-18 | Remove -Wbounded: it is now the compiler default. | Martynas Venckus |
2013-11-14 | cope with the EAGAIN API change for msgbuf_write() | Theo de Raadt |
2013-08-16 | Use %lld and cast to (long long) when printing time_t values | Philip Guenther |
2013-07-16 | use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@ | Ingo Schwarze |
2013-01-08 | Remove private CVS tag from an obsolete repository and bump copyright | Reyk Floeter |
2012-12-08 | don't forget to include a path separator after an SSLDIR; | Mike Belopuhov |
2012-11-01 | Remove dead code that was a leftover from the initial code which was | Reyk Floeter |