Created by Henrik Ziegeldorf on 2011-05-31 and last modified on 2011-12-15
Get this branch:
bzr branch lp:~henrik-ziegeldorf/hipl/pisa
Only Henrik Ziegeldorf can upload to this branch. If you are Henrik Ziegeldorf please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

Henrik Ziegeldorf

Recent revisions

6031. By Henrik Ziegeldorf on 2011-12-15

Add missing encoding format parameter in test cases.

6030. By Henrik Ziegeldorf on 2011-12-12

Read certificates in DER format, too.

6029. By Henrik Ziegeldorf on 2011-12-12

Fix by Christoph Viethen.

Show stopper:
 - variable "algo" didn't get set to anything any more (staying at pre-initialized value 0), causing the code not to generate signatures

Misc. changes:
 - initialize issuer_hit var with NUL bytes so it becomes possible to detect whether "issuerhit" is specified in the hip_cert.cnf file
 - if "issuerhit" is not specified in that config file, use this hipd's default hit instead (should typically be the same anyway)

 - don't fail when section "[ hip_x509v3_name ]" doesn't exist in hip_cert.cnf file - contents of this section doesn't seem to be used for anything at all

 - workaround: catch the case of "days =" not being specified in config - assume ~10 seconds default cert. validity instead (prevents generation of a broken certificate with identical start and end times) (can't just force the user to specify the value in the config, because an end time might have been specified through hipconf, in which case the config value wouldn't even be needed)

 - replace /* */ with // comments in some of the places
 - replace occurences of hip_local_hostid_db with HIP_DB_LOCAL_HID (see #define in hipd/hidb.h)

6028. By Henrik Ziegeldorf on 2011-12-01

Use correct key during certificate creation. Use openssl free functions to free evp keys.

6027. By Henrik Ziegeldorf on 2011-12-01

Initialize cert option of rule to NULL.

6026. By Henrik Ziegeldorf on 2011-11-22

cosmetics: Fixed spelling.

6025. By Henrik Ziegeldorf on 2011-11-22

Remove superflous parsing of pisa option.

6024. By Henrik Ziegeldorf on 2011-11-22

Remove pisa root cert option. Read root certs from firewall rules instead.

6023. By Henrik Ziegeldorf on 2011-11-22

Add -cert option to rule management.

6022. By Henrik Ziegeldorf on 2011-11-22

Uninit pisa module.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.