summaryrefslogtreecommitdiff
path: root/usr.sbin/rpki-client
AgeCommit message (Expand)Author
2024-06-11I've written/touched/contributed to most of crl.cTheo Buehler
2024-06-11rpki-client: simplify signature type checking for certs/CRLsTheo Buehler
2024-06-10rpki-client: allow multiple EKU OIDs for BGPsec certsTheo Buehler
2024-06-10rpki-client: zap outdated comment.Theo Buehler
2024-06-10rpki-client: fix and move more KU/EKU to x509_get_purpose()Theo Buehler
2024-06-08Improve the check for is_ta in filemodeTheo Buehler
2024-06-08Tigthen cert_parse_ee_cert() and ta_parse()Theo Buehler
2024-06-08Add a TODO item for BGPsec router certsTheo Buehler
2024-06-08Improve x509_get_purpose()Theo Buehler
2024-06-08Helper to convert purpose into a printable stringTheo Buehler
2024-06-08Extend the cert_purpose enumTheo Buehler
2024-06-08Add a x509_cache_extensions() helperTheo Buehler
2024-06-07rpki-client: if anything changed, choose the freshly-fetched TATheo Buehler
2024-06-07Fine-tune the TA tiebreaker logicJob Snijders
2024-06-07Add two related todo items for purpose handlingTheo Buehler
2024-06-07Rework trust anchor handlingTheo Buehler
2024-06-07Download new TA files into a temporary place (.ta/) so that the parserClaudio Jeker
2024-06-06Tell my future self why I don't want to change this checkTheo Buehler
2024-06-06Check that TA certs are correctly signedTheo Buehler
2024-06-06rpki-client: fix RFC section references in ta_parse()Theo Buehler
2024-06-06rpki-client: fix a crash in filemodeTheo Buehler
2024-06-06ip_resources_print(): zap extra blank lineTheo Buehler
2024-06-06rpki-client: simplify ta_parse()Theo Buehler
2024-06-05Only complain about empty list of revoked certs if verbosity > 1Theo Buehler
2024-06-04rpki-client: rework AIA, SIA, and CRL handlingTheo Buehler
2024-06-04rpki-client: reject certs with unexpected SIA accessMethodsTheo Buehler
2024-06-04rpki-client: only allow a single rpkiNotify SIA accessMethodTheo Buehler
2024-06-04rpki-client: remove proto argument from x509_location()Theo Buehler
2024-06-03Rework SIA handling to be less incorrectTheo Buehler
2024-05-31Document a weird decision in RFC 8209Theo Buehler
2024-05-31rpki-client: check issuer for certs and CRLsTheo Buehler
2024-05-30Properly setup the fts_state in the FTS_D case.Claudio Jeker
2024-05-30Increase logging verbosity as to what exactly hit a limitJob Snijders
2024-05-29Clean up the list of standards a littleTheo Buehler
2024-05-29rpki-client: rework CRL handlingTheo Buehler
2024-05-24Update references to new and not quite so new RFCsTheo Buehler
2024-05-20Instead of tracking certificates by SKI track them by an internal identifier.Claudio Jeker
2024-05-15Add missing spaceClaudio Jeker
2024-05-15rpki-client: plug leak of the crl pathTheo Buehler
2024-05-15rpki-client: don't leak sia from struct tak.Theo Buehler
2024-04-23Add missing commaTheo Buehler
2024-04-23sync with ftp/fetch.c r1.218: send host header for proxiesTheo Buehler
2024-04-21P-256 support is experimental so require -x to enable it.Claudio Jeker
2024-04-21Mandate presence of CMS signing-time and disallow binary-signing-timeJob Snijders
2024-04-20Display distinct errors for various problematic CRL/MFT situationshipsJob Snijders
2024-04-17Simplify super ugly exit pathTheo Buehler
2024-04-17Remove outdated (now inaccurate) warning messageJob Snijders
2024-04-17Set Accept: */* HTTP header like it was done in ftp(1).Claudio Jeker
2024-04-15Use the manifest location as additional differentiator when comparing CRLsJob Snijders
2024-04-12Fix warning about delta element issues in the Update Notification File XMLJob Snijders
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-27 01:57:59 +0000