| Commit message (Expand) | Author | Age | Files | Lines |
* | convert system() calls to an execv() like interface. | tedu | 2019-05-08 | 1 | -123/+153 |
* | ikectl's built-in CA command for simple configurations has a fixed certificate | sthen | 2019-02-26 | 1 | -2/+2 |
* | Since r1.41 the extensions are included in the CSR. Thus ca_request() | patrick | 2017-11-08 | 1 | -4/+10 |
* | Invoke openssl with -passin file rather than -key in ca_revoke(). | jsg | 2017-06-08 | 1 | -41/+5 |
* | ca_revoke() gets called two ways. Directly from ca_opt() with keyname | jsg | 2017-05-31 | 1 | -2/+4 |
* | Set REQ_EXT in req section so ikectl ca certificate revoke will work again. | jsg | 2017-05-24 | 1 | -1/+2 |
* | A few more freezero() uses | deraadt | 2017-05-21 | 1 | -4/+2 |
* | set REQ_EXT to x509v3_CA, fixing "ikectl ca XX create" inadvertently broken | sthen | 2017-03-29 | 1 | -1/+2 |
* | Teach ikectl to include extensions in the CSR, rather than just adding them | sthen | 2017-01-31 | 1 | -15/+25 |
* | switch from using sha1 to sha256 | jsg | 2015-11-02 | 1 | -1/+2 |
* | sign csrs with openssl ca instead of x509 -req | jsg | 2015-11-02 | 1 | -24/+59 |
* | Accept an ocsp option when creating certificates to set the extended | jsg | 2015-11-02 | 1 | -1/+6 |
* | ca_hier() und ca_newpass() abort on failure, return void instead of int. | reyk | 2015-08-19 | 1 | -10/+5 |
* | spacing | reyk | 2015-08-19 | 1 | -2/+2 |
* | fcopy_env() should return void as it aborts on failure. | reyk | 2015-08-19 | 1 | -5/+3 |
* | Use C99 integer types in ikectl(8). | reyk | 2015-08-19 | 1 | -5/+5 |
* | Support for overwriting $ENV:: variables in OpenSSL .cnf files from | reyk | 2015-08-19 | 1 | -44/+167 |
* | correct mode_t 644 to 0644 | semarie | 2015-08-15 | 1 | -2/+2 |
* | corrects three err() to errx() calls | semarie | 2015-08-15 | 1 | -4/+4 |
* | Replace <sys/param.h> with <limits.h> and other less dirty headers where | deraadt | 2015-01-16 | 1 | -3/+3 |
* | Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not | jsing | 2014-08-26 | 1 | -2/+2 |
* | Delete secret or secret-derived data with explicit_bzero. | doug | 2014-08-25 | 1 | -2/+2 |
* | Make sure the correct errno is reported by warn* or err* and not | guenther | 2014-07-20 | 1 | -2/+3 |
* | round up some enemy sympathizers found calling RAND_seed(). | tedu | 2014-04-18 | 1 | -5/+1 |
* | Remove private CVS tag from an obsolete repository and bump copyright | reyk | 2013-01-08 | 1 | -2/+1 |
* | don't forget to include a path separator after an SSLDIR; | mikeb | 2012-12-08 | 1 | -3/+2 |
* | Allow to overwrite a few more definitions like file paths from the | reyk | 2012-10-23 | 1 | -8/+22 |
* | update email addresses to match reality. | reyk | 2012-09-18 | 1 | -2/+2 |
* | if you use nitems() in userland, you must define it yourself | deraadt | 2012-07-08 | 1 | -1/+2 |
* | spacing | reyk | 2011-05-27 | 1 | -8/+8 |
* | set the client/server certificate options with all the common keyusage | reyk | 2010-10-08 | 1 | -3/+5 |
* | check if a directory exists before trying to create it in the export | jsg | 2010-10-08 | 1 | -2/+3 |
* | if non absolute paths are specified in install commands assume they | jsg | 2010-10-08 | 1 | -8/+9 |
* | allow optional paths for the install commands so we can | jsg | 2010-10-08 | 1 | -32/+76 |
* | Allow to show certificate details (show ca x cert [y]). | reyk | 2010-10-08 | 1 | -3/+15 |
* | only try to setup a passfile when creating a CA | jsg | 2010-10-07 | 1 | -2/+2 |
* | Allow to specify the export password on the command line (optionally, for | reyk | 2010-10-07 | 1 | -10/+14 |
* | - add a -q (quiet) command line option that will be used by ikeca to | reyk | 2010-10-07 | 1 | -46/+60 |
* | set saner permissions on the directory we export, so we don't change | phessler | 2010-10-07 | 1 | -1/+3 |
* | When we create a new CA, also create an empty (but valid) CRL list. | phessler | 2010-10-07 | 1 | -15/+22 |
* | fix the permissions on directories inside the exported tarball | jsg | 2010-06-23 | 1 | -5/+14 |
* | More appropriate contents for the exported ca tarball. | jsg | 2010-06-23 | 1 | -16/+13 |
* | Add a ca export command for EAP mode where we only require the CA cert, | jsg | 2010-06-23 | 1 | -29/+68 |
* | use the full path to zip | jsg | 2010-06-21 | 1 | -2/+2 |
* | Add commands to create/delete/install/import keys without | jsg | 2010-06-14 | 1 | -7/+58 |
* | Add a command to revoke a certificate and generate a CRL; | jsg | 2010-06-10 | 1 | -4/+109 |
* | switch iked pki files to /etc/iked, discussed with reyk. | jsg | 2010-06-07 | 1 | -2/+2 |
* | Install the cert as well as the keys and make certs world | jsg | 2010-06-04 | 1 | -12/+16 |
* | Import iked, a new implementation of the IKEv2 protocol. | reyk | 2010-06-03 | 1 | -0/+548 |