narenas
/
opengnsys_ipxe
mirror of https://github.com/ipxe/ipxe.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
opengnsys_ipxe/src/net
History
Michael Brown bc8ca6b8ce [crypto] Generalise X.509 cache to a full certificate store 
Expand the concept of the X.509 cache to provide the functionality of
a certificate store.  Certificates in the store will be automatically
used to complete certificate chains where applicable.

The certificate store may be prepopulated at build time using the
CERT=... build command line option.  For example:

  make bin/ipxe.usb CERT=mycert1.crt,mycert2.crt

Certificates within the certificate store are not implicitly trusted;
the trust list is specified using TRUST=... as before.  For example:

  make bin/ipxe.usb CERT=root.crt TRUST=root.crt

This can be used to embed the full trusted root certificate within the
iPXE binary, which is potentially useful in an HTTPS-only environment
in which there is no HTTP server from which to automatically download
cross-signed certificates or other certificate chain fragments.

This usage of CERT= extends the existing use of CERT= to specify the
client certificate.  The client certificate is now identified
automatically by checking for a match against the private key.  For
example:

  make bin/ipxe.usb CERT=root.crt,client.crt TRUST=root.crt KEY=client.key

Signed-off-by: Michael Brown <mcb30@ipxe.org>
 		2014-03-28 17:09:40 +00:00
..
80211 [settings] Force settings into alphabetical order within sections 2013-12-05 12:43:28 +00:00
infiniband [infiniband] Include destination address vector in ib_complete_recv() 2012-08-31 21:22:58 +01:00
oncrpc [nfs] Fix an issue with the selection of a local port 2013-08-06 15:58:35 +01:00
tcp [http] Accept Content-Length header with trailing whitespace 2014-03-25 15:46:14 +00:00
udp [uri] Refactor URI parsing and formatting 2014-02-27 13:32:53 +00:00
aoe.c [legal] Update FSF mailing address in GPL licence texts 2012-07-20 19:55:45 +01:00
arp.c [neighbour] Generalise concept of neighbour discovery 2013-09-03 02:02:58 +01:00
dhcpopts.c [dhcp] Copy exactly the required length when resizing DHCP options 2014-02-26 16:44:05 +00:00
dhcppkt.c [settings] Explicitly separate the concept of a completed fetched setting 2013-12-05 00:37:02 +00:00
eapol.c [legal] Update FSF mailing address in GPL licence texts 2012-07-20 19:55:45 +01:00
eth_slow.c [legal] Update FSF mailing address in GPL licence texts 2012-07-20 19:55:45 +01:00
ethernet.c [ethernet] Add support for generating multicast hash for IPv6 addresses 2013-09-03 02:02:51 +01:00
fakedhcp.c [settings] Explicitly separate the concept of a completed fetched setting 2013-12-05 00:37:02 +00:00
fc.c [legal] Update FSF mailing address in GPL licence texts 2012-07-20 19:55:45 +01:00
fcels.c [legal] Update FSF mailing address in GPL licence texts 2012-07-20 19:55:45 +01:00
fcns.c [legal] Update FSF mailing address in GPL licence texts 2012-07-20 19:55:45 +01:00
fcoe.c [build] Fix dubious uses of bitwise operators 2013-04-28 17:31:23 +01:00
fcp.c [legal] Update FSF mailing address in GPL licence texts 2012-07-20 19:55:45 +01:00
fragment.c [tcpip] Add IP statistics collection as per RFC 4293 2014-03-02 20:33:35 +00:00
icmp.c [icmp] Add support for sending ICMP echo requests 2013-10-21 15:08:12 +01:00
icmpv4.c [icmp] Add support for sending ICMP echo requests 2013-10-21 15:08:12 +01:00
icmpv6.c [icmp] Add support for sending ICMP echo requests 2013-10-21 15:08:12 +01:00
infiniband.c [infiniband] Include destination address vector in ib_complete_recv() 2012-08-31 21:22:58 +01:00
iobpad.c [legal] Update FSF mailing address in GPL licence texts 2012-07-20 19:55:45 +01:00
ipv4.c [tcpip] Provide tcpip_mtu() to determine the maximum transmission unit 2014-03-04 13:13:54 +00:00
ipv6.c [tcpip] Provide tcpip_mtu() to determine the maximum transmission unit 2014-03-04 13:13:54 +00:00
ndp.c [dns] Support DNS search lists 2014-02-05 14:56:49 +00:00
neighbour.c [netdevice] Make all net_driver methods optional 2013-11-01 02:26:44 +00:00
netdev_settings.c [settings] Force settings into alphabetical order within sections 2013-12-05 12:43:28 +00:00
netdevice.c [netdevice] Notify upper-layer drivers when RX processing is (un)frozen 2014-03-14 14:05:38 +00:00
nullnet.c [legal] Update FSF mailing address in GPL licence texts 2012-07-20 19:55:45 +01:00
ping.c [ping] Add concept of a ping socket 2013-10-21 15:08:18 +01:00
rarp.c [legal] Update FSF mailing address in GPL licence texts 2012-07-20 19:55:45 +01:00
retry.c [retry] Expose retry_poll() to explicitly poll all running timers 2012-08-31 20:21:15 +01:00
socket.c [socket] Add concept of a generalised socket address converter 2013-10-21 14:34:03 +01:00
tcp.c [tcp] Update window even if ACK does not acknowledge new data 2014-03-07 17:30:01 +00:00
tcpip.c [tcpip] Provide tcpip_mtu() to determine the maximum transmission unit 2014-03-04 13:13:54 +00:00
tls.c [crypto] Generalise X.509 cache to a full certificate store 2014-03-28 17:09:40 +00:00
udp.c [udp] Add AF_INET6 socket opener 2013-10-21 14:34:02 +01:00
validator.c [crypto] Generalise X.509 cache to a full certificate store 2014-03-28 17:09:40 +00:00
vlan.c [netdevice] Make all net_driver methods optional 2013-11-01 02:26:44 +00:00