aboutsummaryrefslogtreecommitdiff
path: root/rcynic/rcynic.c
AgeCommit message (Expand)Author
2013-03-11Check CRL issuer nae against issuing CA's subject name. Closes #459.Rob Austein
2013-01-29Check for empty RFC 3779 extensions. See #406.Rob Austein
2012-11-28Check signedObject URI when present. Closes #173.Rob Austein
2012-09-29Simplify loop.Rob Austein
2012-09-29Clean up AVL_PARANOIA code.Rob Austein
2012-09-19Move ASN.1 definitions for ROAs and Manifests to common header filesRob Austein
2012-09-14Disable AVL_PARANOIA code.Rob Austein
2012-09-14Add AVL index of validation_status database.Rob Austein
2012-07-30Add -x option to control "XML summary" file name from command line.Rob Austein
2012-06-26Certificate UID fields forbidden by RPKI profile.Rob Austein
2012-06-24RFC 6485 contradicts RFCs 2630 and 3370, which make rsaEncryption theRob Austein
2012-06-23Check OID in CMS SignerInfo contentType attribute (conformance).Rob Austein
2012-06-22More CMS conformance checks, and fix a couple I got wrong yesterday.Rob Austein
2012-06-22Check CMS SignerInfo algorithm OIDs (conformance).Rob Austein
2012-06-22Check CMS for presence of CRLs (conformance).Rob Austein
2012-06-21Check for duplicate names in manifest (conformance).Rob Austein
2012-06-21Tighter checking of integer values in input data (conformance).Rob Austein
2012-06-15Handle all "partial transfer" (rsync code 23) errors the same way.Rob Austein
2012-06-13Missing directory at repository site is not a transfer failure.Rob Austein
2012-03-21Shut up about skipped rsync connections when rsync is disabled.Rob Austein
2012-03-09Move AKI checks to precede signature check, as AKI checks are cheaper.Rob Austein
2012-03-09Fix fencepost error in walk_ctx_loop_next(). This closes #219.Rob Austein
2012-03-02Add keep-lockfile, to simplify process queuing.Rob Austein
2012-03-01Record failure when we can't even parse a trust anchor, much lessRob Austein
2012-02-26Allow configuration of authenticated and unauthenticated directoriesRob Austein
2012-02-15Factor XML generation code out of main(), and don't overwrite old XMLRob Austein
2012-02-14Downgrade "AIA doesn't match issuer" to a warning. Closes #188.Rob Austein
2012-02-14Apparently an old version of the res-certs specification allowedRob Austein
2012-02-03"Multiple rsync URIs in extension" should be warning, not error.Rob Austein
2012-02-02Tweak AIA/SIA/CRLDP checking again: don't accidently reject just forRob Austein
2012-02-01AKI checks still weren't quite right.Rob Austein
2012-01-31Refactor CMS checks, which have gotten complex enough to be worthRob Austein
2012-01-31AKI extension is optional for self-signed RPKI certificates.Rob Austein
2012-01-26Back out over-zealous change introduced as part of [4267] --Rob Austein
2012-01-26Conformance: Check SKI value.Rob Austein
2012-01-26Conformance: Check CMS SID against EE SKI in ROAs.Rob Austein
2012-01-26Conformance tests: tighter checking of AIA and SIA extension values.Rob Austein
2012-01-25Conformance testing: negative serial numbers, wrong date encoding.Rob Austein
2012-01-25Conformance testing: Better checking of RSA keys.Rob Austein
2012-01-25Move a few tests out of the not-TA conditional.Rob Austein
2012-01-25Conformance: Rework checking of X509v3 extensions, add KeyUsageRob Austein
2012-01-24Fix manifest digest length check. Move parse_cert() call etc intoRob Austein
2012-01-24Conformance tests: duplicate extensions.Rob Austein
2012-01-24Conformance tests: digest lengths.Rob Austein
2012-01-23Conformance tests: pedantic checks of key and signature algorithms.Rob Austein
2012-01-23Conformance tests: pedantic checks of CRL timestamps.Rob Austein
2012-01-23Conformance tests: pedantic checks on CRL issuer name, add optionRob Austein
2011-11-10Handle traversal of empty backup directory with no manifest correctly,Rob Austein
2011-11-10Andrew's torture tests detected a mis-ordering problem inRob Austein
2011-10-27Back out [4066], as it didn't fix the problem and now appearsRob Austein
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-01 16:31:45 +0000