summaryrefslogtreecommitdiff
path: root/usr.sbin/rpki-client/validate.c
AgeCommit message (Expand)Author
2024-05-20Instead of tracking certificates by SKI track them by an internal identifier.Claudio Jeker
2024-03-19Rename parent to issuer in struct authTheo Buehler
2024-02-22Add support for RPKI Signed Prefix ListsJob Snijders
2024-02-01Normalize the nid printingTheo Buehler
2024-01-07rpki-client: print revocation time in filemodeTheo Buehler
2023-12-27Rework the warnings on internet resourcesTheo Buehler
2023-10-19Add experimental support for secp256r1 aka P-256 aka prime256v1Job Snijders
2023-09-25Introduce ip_addr_range_print() to avoid code repetitionJob Snijders
2023-06-29Retire log.cTheo Buehler
2023-06-07Cosmetic tweak for previousTheo Buehler
2023-06-07In anticipation of a bump of the ASPA eContent profile version, updateJob Snijders
2023-05-30Revert commitid ANSBO0rBvIUtTi45:Claudio Jeker
2023-05-23Convert ASN1_INTEGER_get() to ASN1_INTEGER_get_uint64()Theo Buehler
2023-05-11In valid_cert() also skip the check for CERT_IP_INHERIT objects likeClaudio Jeker
2023-05-09rpki-client: use partial chains in certificate validationTheo Buehler
2023-04-27Make rpki-client choose the verification time of the time it is invokedBob Beck
2023-04-26Add a -P option to rpki-client to specify the evaluation timeBob Beck
2023-04-14A tab snuck inTheo Buehler
2023-04-13Check whether products listed on a manifest were issued by the same authority...Job Snijders
2023-03-06Add check for RSA key pair modulus & public exponentJob Snijders
2023-01-18Require version 4 UUIDs as RRDP session IDsJob Snijders
2023-01-18rpki-client: explicitly enable policy checksTheo Buehler
2023-01-04Validate the session_id to be a real UUID.Claudio Jeker
2022-11-30Remove unused sys/socket.h includeJob Snijders
2022-11-29Only include stdarg.h, if we call any of va_{start,end}()Job Snijders
2022-11-29Update valid_x509 comment to reality. crl is no longer optional.Claudio Jeker
2022-11-29Return an error string instead of surpressing the warning in valid_x509.Claudio Jeker
2022-11-26Add support for authenticating geofeed data CSV files in filemodeJob Snijders
2022-11-02Length check URI before strncasecmp()Theo Buehler
2022-09-03Don't doublecheck whether the RSC eContent Resourceblock contains inherit ele...Job Snijders
2022-09-03Introduce x509_any_inherit() for objects which may not have inherit elementsJob Snijders
2022-09-03Move non-inheritance check for BGPsec certs into cert_parse_pre()Theo Buehler
2022-08-30Add support for ASPA objects (draft-ietf-sidrops-aspa-profile-10)Job Snijders
2022-08-19Check the resources in ROAs and RSCs against EE certsTheo Buehler
2022-06-10Dedup econtent version checksTheo Buehler
2022-06-07Fix path validation of AS numbersTheo Buehler
2022-05-15More KNF and whitespace fixes.Theo Buehler
2022-05-15Remove misplaced continueTheo Buehler
2022-05-15whitespace spotted during read-thruTheo de Raadt
2022-05-12Remove verify callbackTheo Buehler
2022-05-12nuke tabsTheo Buehler
2022-05-11In filemode check whether ROA & RSC resources are properly containedJob Snijders
2022-05-10Validate RSC filenamesTheo Buehler
2022-04-21The filemode code is enough different from the regular parser code that itClaudio Jeker
2022-04-19Adjust on how CRL and MFT files are verified.Claudio Jeker
2022-02-04Fix outdated commentJob Snijders
2022-01-23zap extra blank lineTheo Buehler
2022-01-23Simplify valid_cert() and valid_roa() by passing in struct auth insteadClaudio Jeker
2022-01-22Change valid_filename() ot return an enum rtype and rename it toTheo Buehler
2022-01-21Add function to determine the file type from the file name extensionTheo Buehler