aboutsummaryrefslogtreecommitdiff
path: root/rcynic/rcynic.c
AgeCommit message (Expand)Author
2013-07-30Log a warning if we accept an EE certificate whenRob Austein
2013-07-18GCC warning.Rob Austein
2013-06-27Report what we're doing before blocking select().Rob Austein
2013-06-27Flip default for allow-object-not-in-manifest to false.Rob Austein
2013-06-27Don't whine about stale CRLs and manifests that are only stale becauseRob Austein
2013-06-14Pruning now keys off the validation_status database rather than theRob Austein
2013-06-14Experimental feature: skip rsync_tree() if we have a valid manifestRob Austein
2013-06-07NitRob Austein
2013-06-07Forgot a globfree().Rob Austein
2013-06-06Consolidate to a single event loop, queue up all TALs at start. ThisRob Austein
2013-06-06Type signatures of rsync_*() and task_*() frameworkss should not be soRob Austein
2013-06-06Reorganize TA handling code, add trust-anchor-directory directive.Rob Austein
2013-03-25The URI in a TAL MUST be a certificate matching the RPKI profile,Rob Austein
2013-03-21Examine both thisUpdate timestamp and number when comparing CRLs orRob Austein
2013-03-11Check CRL issuer nae against issuing CA's subject name. Closes #459.Rob Austein
2013-01-29Check for empty RFC 3779 extensions. See #406.Rob Austein
2012-11-28Check signedObject URI when present. Closes #173.Rob Austein
2012-09-29Simplify loop.Rob Austein
2012-09-29Clean up AVL_PARANOIA code.Rob Austein
2012-09-19Move ASN.1 definitions for ROAs and Manifests to common header filesRob Austein
2012-09-14Disable AVL_PARANOIA code.Rob Austein
2012-09-14Add AVL index of validation_status database.Rob Austein
2012-07-30Add -x option to control "XML summary" file name from command line.Rob Austein
2012-06-26Certificate UID fields forbidden by RPKI profile.Rob Austein
2012-06-24RFC 6485 contradicts RFCs 2630 and 3370, which make rsaEncryption theRob Austein
2012-06-23Check OID in CMS SignerInfo contentType attribute (conformance).Rob Austein
2012-06-22More CMS conformance checks, and fix a couple I got wrong yesterday.Rob Austein
2012-06-22Check CMS SignerInfo algorithm OIDs (conformance).Rob Austein
2012-06-22Check CMS for presence of CRLs (conformance).Rob Austein
2012-06-21Check for duplicate names in manifest (conformance).Rob Austein
2012-06-21Tighter checking of integer values in input data (conformance).Rob Austein
2012-06-15Handle all "partial transfer" (rsync code 23) errors the same way.Rob Austein
2012-06-13Missing directory at repository site is not a transfer failure.Rob Austein
2012-03-21Shut up about skipped rsync connections when rsync is disabled.Rob Austein
2012-03-09Move AKI checks to precede signature check, as AKI checks are cheaper.Rob Austein
2012-03-09Fix fencepost error in walk_ctx_loop_next(). This closes #219.Rob Austein
2012-03-02Add keep-lockfile, to simplify process queuing.Rob Austein
2012-03-01Record failure when we can't even parse a trust anchor, much lessRob Austein
2012-02-26Allow configuration of authenticated and unauthenticated directoriesRob Austein
2012-02-15Factor XML generation code out of main(), and don't overwrite old XMLRob Austein
2012-02-14Downgrade "AIA doesn't match issuer" to a warning. Closes #188.Rob Austein
2012-02-14Apparently an old version of the res-certs specification allowedRob Austein
2012-02-03"Multiple rsync URIs in extension" should be warning, not error.Rob Austein
2012-02-02Tweak AIA/SIA/CRLDP checking again: don't accidently reject just forRob Austein
2012-02-01AKI checks still weren't quite right.Rob Austein
2012-01-31Refactor CMS checks, which have gotten complex enough to be worthRob Austein
2012-01-31AKI extension is optional for self-signed RPKI certificates.Rob Austein
2012-01-26Back out over-zealous change introduced as part of [4267] --Rob Austein
2012-01-26Conformance: Check SKI value.Rob Austein
2012-01-26Conformance: Check CMS SID against EE SKI in ROAs.Rob Austein
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-31 11:59:39 +0000