| Age | Commit message (Collapse) | Author |
|---|
|
support atomic rename without a protocol extension which paramiko
doesn't support (yet?). Yeargh.
svn path=/trunk/; revision=4379
|
|
svn path=/trunk/; revision=4378
|
|
serial numbers, to avoid resetting these values when rootd reboots.
rootd is such a kludge. This fixes #214.
svn path=/trunk/; revision=4377
|
|
svn path=/trunk/; revision=4376
|
|
svn path=/trunk/; revision=4375
|
|
svn path=/trunk/; revision=4374
|
|
svn path=/trunk/; revision=4373
|
|
as the BitTorrent engine.
This is a work in progress, and doesn't yet include the hacks either
to generate torrents or to follow multiple torrents in parallel.
svn path=/trunk/; revision=4372
|
|
from command line, to simplify use with alternate fetch mechanisms.
svn path=/trunk/; revision=4371
|
|
svn path=/trunk/; revision=4370
|
|
svn path=/trunk/; revision=4356
|
|
svn path=/trunk/; revision=4355
|
|
left-right destroy action. Clean up empty publication directories on
withdrawal. Fix rootd's handling of CRLs and manifests. See #197.
svn path=/trunk/; revision=4354
|
|
just deletes the <self/> object. See #197.
svn path=/trunk/; revision=4352
|
|
svn path=/trunk/; revision=4347
|
|
svn path=/trunk/; revision=4346
|
|
svn path=/trunk/; revision=4345
|
|
file when we can't run to completion, eg, when some other process is
sitting on our lock file. This closes #184.
svn path=/trunk/; revision=4335
|
|
svn path=/trunk/; revision=4334
|
|
1024-bit RSA keys for EE certificates, or so some of the implementors
believe, so downgrade that error to a warning for now. This is
configurable using the "allow-1024-bit-ee-key" option and defaults to
allowing such keys with a warning for now, but that default is subject
to change.
svn path=/trunk/; revision=4331
|
|
closes #185
svn path=/trunk/; revision=4320
|
|
svn path=/trunk/; revision=4293
|
|
svn path=/trunk/; revision=4292
|
|
the soon-to-be RFC. Closes #37.
svn path=/trunk/; revision=4288
|
|
Up-down specification explictly allows certificates and CRLs we
consider extraneous to be included in CMS messages. I think that any
verification model which relies on these is flawed, so I don't use
them, in fact, nobody does, but I was unable to convince my co-authors
to change the specification. Sigh. So the up-down code has to allow
these. In theory, OpenSSL's verification code should have no problem
picking the useful bits out of the garbage, since that's a normal part
of OpenSSL's job when acting as a TLS client, so we just pass the mess
along to OpenSSL and let OpenSSL sort it out.
This closes #9.
svn path=/trunk/; revision=4287
|
|
svn path=/trunk/; revision=4286
|
|
svn path=/trunk/; revision=4284
|
|
objects when the current objects at the same URL are OK. Enabled
(whining suppressed) by default, use the switch if you prefer the old
behavior. See #177.
svn path=/trunk/; revision=4281
|
|
having an alternate URI, do check the whole extension rather than
stopping on first success.
svn path=/trunk/; revision=4280
|
|
svn path=/trunk/; revision=4277
|
|
attempting to share between different kinds of signed objects. This
closes #82.
svn path=/trunk/; revision=4276
|
|
svn path=/trunk/; revision=4275
|
|
month's worth of data, but at least it now runs again.
svn path=/trunk/; revision=4273
|
|
apparently ASID extensions are legal in EE certificates for ROAs,
although given the other constraints I can't think of a sane reason
why this is allowed when so much else is nailed down.
svn path=/trunk/; revision=4269
|
|
svn path=/trunk/; revision=4268
|
|
Use ASN1_INTEGER_cmp() instead of ASN1_INTEGER_get(), the latter's
behavior is too quirky.
Add config variable allowing compatability with manifest EE certs that
have no SIA extension, which is a technical violation of the spec,
albeit a harmless one as far as I can tell; at present, the default
for this variable allows these manifests, at some point the default
will flip to disallow, as a first step towards phasing this out.
svn path=/trunk/; revision=4267
|
|
as required by the current manifest specification.
svn path=/trunk/; revision=4266
|
|
svn path=/trunk/; revision=4265
|
|
svn path=/trunk/; revision=4264
|
|
svn path=/trunk/; revision=4263
|
|
svn path=/trunk/; revision=4262
|
|
checks, RFC 3779 canonical form checks, other nits. Closes #172.
svn path=/trunk/; revision=4261
|
|
check_ta() as first step towards fixing extension checks (closes #107,
see #172).
svn path=/trunk/; revision=4260
|
|
svn path=/trunk/; revision=4259
|
|
svn path=/trunk/; revision=4258
|
|
svn path=/trunk/; revision=4257
|
|
svn path=/trunk/; revision=4256
|
|
(defaults off) to make nonconformant issuer and subject names fatal.
svn path=/trunk/; revision=4255
|
|
svn path=/trunk/; revision=4143
|
|
svn path=/trunk/; revision=4141
|
