summaryrefslogtreecommitdiff
path: root/krl.c
AgeCommit message (Collapse)Author
2014-05-15 - djm@cvs.openbsd.org 2014/04/28 03:09:18Damien Miller
[authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h] [ssh-keygen.c] buffer_get_string_ptr's return should be const to remind callers that futzing with it will futz with the actual buffer contents
2014-02-04 - tedu@cvs.openbsd.org 2014/01/31 16:39:19Damien Miller
[auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] replace most bzero with explicit_bzero, except a few that cna be memset ok djm dtucker
2013-07-25 - djm@cvs.openbsd.org 2013/07/20 22:20:42Damien Miller
[krl.c] fix verification error in (as-yet usused) KRL signature checking path
2013-07-18 - markus@cvs.openbsd.org 2013/06/20 19:15:06Damien Miller
[krl.c] don't leak the rdata blob on errors; ok djm@
2013-04-23 - djm@cvs.openbsd.org 2013/04/05 00:14:00Damien Miller
[auth2-gss.c krl.c sshconnect2.c] hush some {unused, printf type} warnings
2013-04-05 - dtucker@cvs.openbsd.org 2013/02/19 02:12:47Darren Tucker
[krl.c] Remove bogus include. ok djm (id sync only)
2013-02-19 - (tim) [krl.c Makefile.in regress/Makefile regress/modpipe.c] remove unneededTim Rice
err.h include from krl.c. Additional portability fixes for modpipe. OK djm
2013-02-12 - djm@cvs.openbsd.org 2013/01/27 10:06:12Damien Miller
[krl.c] actually use the xrealloc() return value; spotted by xi.wang AT gmail.com
2013-02-12 - djm@cvs.openbsd.org 2013/01/25 10:22:19Damien Miller
[krl.c] redo last commit without the vi-vomit that snuck in: skip serial lookup when cert's serial number is zero (now with 100% better comment)
2013-02-12 - krw@cvs.openbsd.org 2013/01/25 05:00:27Damien Miller
[krl.c] Revert last. Breaks due to likely typo. Let djm@ fix later. ok djm@ via dlg@
2013-02-12 - djm@cvs.openbsd.org 2013/01/24 22:08:56Damien Miller
[krl.c] skip serial lookup when cert's serial number is zero
2013-02-12 - (djm) OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2013/01/24 21:45:37 [krl.c] fix handling of (unused) KRL signatures; skip string in correct buffer
2013-01-20 - (djm) [openbsd-compat/sys-tree.h] Sync with OpenBSD. krl.c needs newerDamien Miller
version.
2013-01-20 - markus@cvs.openbsd.org 2013/01/19 12:34:55Damien Miller
[krl.c] RB_INSERT does not remove existing elments; ok djm@
2013-01-18 - djm@cvs.openbsd.org 2013/01/18 03:00:32Damien Miller
[krl.c] fix KRL generation bug for list sections
2013-01-18 - djm@cvs.openbsd.org 2013/01/17 23:00:01Damien Miller
[auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5] [krl.c krl.h PROTOCOL.krl] add support for Key Revocation Lists (KRLs). These are a compact way to represent lists of revoked keys and certificates, taking as little as a single bit of incremental cost to revoke a certificate by serial number. KRLs are loaded via the existing RevokedKeys sshd_config option. feedback and ok markus@