git.ipfire.org Git - thirdparty/strongswan.git/commit

]> git.ipfire.org Git - thirdparty/strongswan.git/commit

projects / thirdparty / strongswan.git / commit

author	Ruslan N. Marchenko <me@ruff.mobi>
	Fri, 30 Aug 2013 15:51:12 +0000 (17:51 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Fri, 11 Oct 2013 13:45:42 +0000 (15:45 +0200)
commit	b638c131de07dc78de0877de41ad02ce32e6624c
tree	d3195b88cdcc7fa4b77b717586ea6e48f32b9397	tree
parent	8ac54970f5f97204c7470b74a7843c00141bb76a	commit \| diff

dnscert: Add DNS CERT support for pubkey authentication

Add DNSSEC protected CERT RR delivered certificate authentication.
The new dnscert plugin is based on the ipseckey plugin and relies on the
existing PEM decoder as well as x509 and PGP parsers. As such the plugin
expects PEM encoded PKIX(x509) or PGP(GPG) certificate payloads.

The plugin is targeted to improve interoperability with Racoon, which
supports this type of authentication, ignoring in-stream certificates
and using only DNS provided certificates for FQDN IDs.

configure.ac		diff \| blob \| blame \| history
src/libcharon/Makefile.am		diff \| blob \| blame \| history
src/libcharon/plugins/dnscert/Makefile.am	[new file with mode: 0644]	blob
src/libcharon/plugins/dnscert/dnscert.c	[new file with mode: 0644]	blob
src/libcharon/plugins/dnscert/dnscert.h	[new file with mode: 0644]	blob
src/libcharon/plugins/dnscert/dnscert_cred.c	[new file with mode: 0644]	blob
src/libcharon/plugins/dnscert/dnscert_cred.h	[new file with mode: 0644]	blob
src/libcharon/plugins/dnscert/dnscert_plugin.c	[new file with mode: 0644]	blob
src/libcharon/plugins/dnscert/dnscert_plugin.h	[new file with mode: 0644]	blob

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom