aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2012-01-31Refactor CMS checks, which have gotten complex enough to be worthRob Austein
attempting to share between different kinds of signed objects. This closes #82. svn path=/trunk/; revision=4276
2012-01-31AKI extension is optional for self-signed RPKI certificates.Rob Austein
svn path=/trunk/; revision=4275
2012-01-31Rewrite to avoid running out of memory. Painfully slow with threeRob Austein
month's worth of data, but at least it now runs again. svn path=/trunk/; revision=4273
2012-01-30merge with tk100Michael Elkins
svn path=/branches/tk161/; revision=4272
2012-01-30remove dead code that is deprecated by the changes in tk100.Michael Elkins
reformat code according to pep8 move copyright notices into comments out of docstrings svn path=/branches/tk161/; revision=4271
2012-01-26Back out over-zealous change introduced as part of [4267] --Rob Austein
apparently ASID extensions are legal in EE certificates for ROAs, although given the other constraints I can't think of a sane reason why this is allowed when so much else is nailed down. svn path=/trunk/; revision=4269
2012-01-26Conformance: Check SKI value.Rob Austein
svn path=/trunk/; revision=4268
2012-01-26Conformance: Check CMS SID against EE SKI in ROAs.Rob Austein
Use ASN1_INTEGER_cmp() instead of ASN1_INTEGER_get(), the latter's behavior is too quirky. Add config variable allowing compatability with manifest EE certs that have no SIA extension, which is a technical violation of the spec, albeit a harmless one as far as I can tell; at present, the default for this variable allows these manifests, at some point the default will flip to disallow, as a first step towards phasing this out. svn path=/trunk/; revision=4267
2012-01-26Manifest EE certificates were not including the SIA signedObject URI,Rob Austein
as required by the current manifest specification. svn path=/trunk/; revision=4266
2012-01-26Conformance tests: tighter checking of AIA and SIA extension values.Rob Austein
svn path=/trunk/; revision=4265
2012-01-25Conformance testing: negative serial numbers, wrong date encoding.Rob Austein
svn path=/trunk/; revision=4264
2012-01-25Conformance testing: Better checking of RSA keys.Rob Austein
svn path=/trunk/; revision=4263
2012-01-25Move a few tests out of the not-TA conditional.Rob Austein
svn path=/trunk/; revision=4262
2012-01-25Conformance: Rework checking of X509v3 extensions, add KeyUsageRob Austein
checks, RFC 3779 canonical form checks, other nits. Closes #172. svn path=/trunk/; revision=4261
2012-01-24Fix manifest digest length check. Move parse_cert() call etc intoRob Austein
check_ta() as first step towards fixing extension checks (closes #107, see #172). svn path=/trunk/; revision=4260
2012-01-24Conformance tests: duplicate extensions.Rob Austein
svn path=/trunk/; revision=4259
2012-01-24Conformance tests: digest lengths.Rob Austein
svn path=/trunk/; revision=4258
2012-01-23Conformance tests: pedantic checks of key and signature algorithms.Rob Austein
svn path=/trunk/; revision=4257
2012-01-23Conformance tests: pedantic checks of CRL timestamps.Rob Austein
svn path=/trunk/; revision=4256
2012-01-23Conformance tests: pedantic checks on CRL issuer name, add optionRob Austein
(defaults off) to make nonconformant issuer and subject names fatal. svn path=/trunk/; revision=4255
2012-01-21require double confirmation for roa creationMichael Elkins
display list of matching routes with validation status for second confirmation svn path=/branches/tk161/; revision=4254
2012-01-21add form for creating ROA requestsMichael Elkins
svn path=/branches/tk161/; revision=4253
2012-01-20create custom template tag for fetching the verbose_name or ↵Michael Elkins
verbose_name_plural in generic object list/detail views select page title based on verbose_name instead of passing in page_title rename templates to the default name selected by object_detail() and object_list() generic views use generic delete_object() view for parents and ghostbusters svn path=/branches/tk161/; revision=4252
2012-01-20add deletion confirmation to general object detail templateMichael Elkins
fix repository deletion svn path=/branches/tk161/; revision=4251
2012-01-20add generic template for viewing a list of objects as a tableMichael Elkins
format roa request deletion confirmation page into two columns, with an alert box around the action remove trailing slash from roa_detail url svn path=/branches/tk161/; revision=4250
2012-01-20add styled warning message when there are no items in a generic list viewMichael Elkins
svn path=/branches/tk161/; revision=4249
2012-01-20wrap long linesMichael Elkins
svn path=/branches/tk161/; revision=4248
2012-01-20fix issues reported by pyflakes and pep8 toolsMichael Elkins
svn path=/branches/tk161/; revision=4247
2012-01-20fix roa request list template to reflect the irdb RoaRequestPrefix modelMichael Elkins
add stub view function for roa creation as a placeholder so that the {% url %} for the Create button doesn't throw an exception. svn path=/branches/tk161/; revision=4246
2012-01-20store the uri field from <list_received_resources/> pdu in order to allow ↵Michael Elkins
for checking the cert chain for expiration using cacheview svn path=/branches/tk161/; revision=4245
2012-01-20branch merge with tk100Michael Elkins
svn path=/branches/tk161/; revision=4244
2012-01-20add v6 to route viewMichael Elkins
svn path=/branches/tk161/; revision=4243
2012-01-20fix route view to work with new gui model for resource certsMichael Elkins
svn path=/branches/tk161/; revision=4241
2012-01-20merge with ^/branches/tk100Michael Elkins
svn path=/branches/tk161/; revision=4239
2012-01-20add generic object_detail base template for boilerplate detail views with an ↵Michael Elkins
import/create button add detail views for repository and pubclients rename import_* to *_import to match names for other methods on the same model svn path=/branches/tk161/; revision=4238
2012-01-19initial support for managing repositories and pubclientsMichael Elkins
svn path=/branches/tk161/; revision=4237
2012-01-19fixed ghostbuster suppport. app.models.GhostbusterRequest now does ↵Michael Elkins
multi-table inheritance from irdb.models.GhostbusterRequest. forms.GhostbusterRequest can be a plain class instead of a callable by setting the .queryset attribute on the field during __init__ svn path=/branches/tk161/; revision=4236
2012-01-19fixed views to lookup parent/child by pk rather than handleMichael Elkins
svn path=/branches/tk161/; revision=4234
2012-01-19fix parent detail view to work with new modelsMichael Elkins
svn path=/branches/tk161/; revision=4233
2012-01-19change rpkigui/ to app/ in template path for bootstrap_form.htmlMichael Elkins
svn path=/branches/tk161/; revision=4232
2012-01-19merge with ^/branches/tk100Michael Elkins
svn path=/branches/tk161/; revision=4231
2012-01-19add as_resource_range method to rpki.gui.models.ASNMichael Elkins
svn path=/branches/tk161/; revision=4230
2012-01-19dashboard template filename does not need to be configurableMichael Elkins
svn path=/branches/tk161/; revision=4229
2012-01-19unused asn list is composed of resource_range_as, so calling ↵Michael Elkins
obj.as_resource_range results in an empty string because it has no such method prefix AS value with the string "AS" because resource_range_as doesn't included it (unlike ResourceRangeAS objects) svn path=/branches/tk161/; revision=4228
2012-01-19use create() instead of add() when constructing a new object rather than ↵Michael Elkins
adding an existing object fields for prefixes are prefix_min and prefix_max, not min and max svn path=/branches/tk161/; revision=4227
2012-01-19add new module range_list with implementation of a resource_set type object ↵Michael Elkins
that collapses adjacent ranges and can compute missing ranges svn path=/branches/tk161/; revision=4225
2012-01-18IP version in ChildNet is stored as a string; update filterMichael Elkins
svn path=/branches/tk161/; revision=4222
2012-01-18merge with ^/branches/tk100Michael Elkins
svn path=/branches/tk161/; revision=4221
2012-01-18fix dashboard view to filter asns properlyMichael Elkins
svn path=/branches/tk161/; revision=4218
2012-01-18remove deprecated URLs for rpkidemoMichael Elkins
svn path=/branches/tk161/; revision=4216
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-14 21:34:15 +0000