aboutsummaryrefslogtreecommitdiff
path: root/rcynic/rcynic.c
AgeCommit message (Expand)Author
2014-04-05Source tree reorg, phase 1. Almost everything moved, no file contents changed.Rob Austein
2014-03-06Clang found a few issues.Rob Austein
2014-02-27More router certificate checks.Rob Austein
2014-02-26Add EKU checks for BGPSEC router certificates, now that we have aRob Austein
2014-01-22Add --help and long option names to rcynic.Rob Austein
2014-01-09Update more copyrights, clean up module doc blocks.Rob Austein
2013-12-19Rewrite all uses of readdir() to avoid using on dirent d_type field.Rob Austein
2013-11-23Emit better(?) error message when we hit can't open a TAL file. Fixes #113.Rob Austein
2013-11-22Conformance: Make sure CMS contains exactly one certificate and thatRob Austein
2013-11-22Check certificate policy for qualifiers: allow id-qt-cps with aRob Austein
2013-11-22Add NIDs for OIDs OpenSSL doesn't know about, convert all use ofRob Austein
2013-11-07More precise checking of attributes in CMS SignerInfos. Fixes #644.Rob Austein
2013-11-07Check manifest validity dates against its EE certificate. Fixes #651.Rob Austein
2013-11-07Don't allow EKU in signed objects. Fixes #645.Rob Austein
2013-11-06Check ROA max prefix length against prefix length. Fixes #648.Rob Austein
2013-11-06Check certificates for non-null SAFI. While we're at it, check forRob Austein
2013-11-06Check for manifestNumber too big. Fixes #652.Rob Austein
2013-11-06Check for certificate serial number too big. Fixes #642.Rob Austein
2013-11-06RFC 5280 restriction to 20 octets is 20 octets in two's complement, soRob Austein
2013-07-30Log a warning if we accept an EE certificate whenRob Austein
2013-07-18GCC warning.Rob Austein
2013-06-27Report what we're doing before blocking select().Rob Austein
2013-06-27Flip default for allow-object-not-in-manifest to false.Rob Austein
2013-06-27Don't whine about stale CRLs and manifests that are only stale becauseRob Austein
2013-06-14Pruning now keys off the validation_status database rather than theRob Austein
2013-06-14Experimental feature: skip rsync_tree() if we have a valid manifestRob Austein
2013-06-07NitRob Austein
2013-06-07Forgot a globfree().Rob Austein
2013-06-06Consolidate to a single event loop, queue up all TALs at start. ThisRob Austein
2013-06-06Type signatures of rsync_*() and task_*() frameworkss should not be soRob Austein
2013-06-06Reorganize TA handling code, add trust-anchor-directory directive.Rob Austein
2013-03-25The URI in a TAL MUST be a certificate matching the RPKI profile,Rob Austein
2013-03-21Examine both thisUpdate timestamp and number when comparing CRLs orRob Austein
2013-03-11Check CRL issuer nae against issuing CA's subject name. Closes #459.Rob Austein
2013-01-29Check for empty RFC 3779 extensions. See #406.Rob Austein
2012-11-28Check signedObject URI when present. Closes #173.Rob Austein
2012-09-29Simplify loop.Rob Austein
2012-09-29Clean up AVL_PARANOIA code.Rob Austein
2012-09-19Move ASN.1 definitions for ROAs and Manifests to common header filesRob Austein
2012-09-14Disable AVL_PARANOIA code.Rob Austein
2012-09-14Add AVL index of validation_status database.Rob Austein
2012-07-30Add -x option to control "XML summary" file name from command line.Rob Austein
2012-06-26Certificate UID fields forbidden by RPKI profile.Rob Austein
2012-06-24RFC 6485 contradicts RFCs 2630 and 3370, which make rsaEncryption theRob Austein
2012-06-23Check OID in CMS SignerInfo contentType attribute (conformance).Rob Austein
2012-06-22More CMS conformance checks, and fix a couple I got wrong yesterday.Rob Austein
2012-06-22Check CMS SignerInfo algorithm OIDs (conformance).Rob Austein
2012-06-22Check CMS for presence of CRLs (conformance).Rob Austein
2012-06-21Check for duplicate names in manifest (conformance).Rob Austein
2012-06-21Tighter checking of integer values in input data (conformance).Rob Austein
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-06 07:30:25 +0000