strongswan.git
10 years agoMerge branch 'master' of git.strongswan.org:strongswan
Andreas Steffen [Fri, 26 Nov 2010 13:07:18 +0000 (14:07 +0100)]
Merge branch 'master' of git.strongswan.org:strongswan

10 years agosupport PEM-encoded certificates stored in SQL databases
Andreas Steffen [Fri, 26 Nov 2010 12:46:16 +0000 (13:46 +0100)]
support PEM-encoded certificates stored in SQL databases

10 years agocommas, commas, ..
Andreas Steffen [Thu, 25 Nov 2010 22:25:01 +0000 (23:25 +0100)]
commas, commas, ..

10 years agoMigrated resolve_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:19:33 +0000 (23:19 +0100)]
Migrated resolve_plugin_t to INIT/METHOD macros

10 years agoMigrated kernel_pfroute_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:17:18 +0000 (23:17 +0100)]
Migrated kernel_pfroute_plugin_t to INIT/METHOD macros

10 years agoMigrated kernel_pfkey_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:14:29 +0000 (23:14 +0100)]
Migrated kernel_pfkey_plugin_t to INIT/METHOD macros

10 years agoMigrated kernel_netlink_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:12:12 +0000 (23:12 +0100)]
Migrated kernel_netlink_plugin_t to INIT/METHOD macros

10 years agoINIT allocates memory
Andreas Steffen [Thu, 25 Nov 2010 22:09:12 +0000 (23:09 +0100)]
INIT allocates memory

10 years agoINIT allocates memory
Andreas Steffen [Thu, 25 Nov 2010 22:08:00 +0000 (23:08 +0100)]
INIT allocates memory

10 years agoMigrated kernel_klips_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:06:20 +0000 (23:06 +0100)]
Migrated kernel_klips_plugin_t to INIT/METHOD macros

10 years agoMigrated attr_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 21:52:32 +0000 (22:52 +0100)]
Migrated attr_plugin_t to INIT/METHOD macros

10 years agoMigrated attr_sql_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 21:49:44 +0000 (22:49 +0100)]
Migrated attr_sql_plugin_t to INIT/METHOD macros

10 years agoMigrated backend_manager_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 21:43:19 +0000 (22:43 +0100)]
Migrated backend_manager_t to INIT/METHOD macros

10 years agofixed a couple of bugs in the prototype
Andreas Steffen [Tue, 23 Nov 2010 15:33:23 +0000 (16:33 +0100)]
fixed a couple of bugs in the prototype

10 years agoset PB_MSG_PA message type
Andreas Steffen [Tue, 23 Nov 2010 15:32:09 +0000 (16:32 +0100)]
set PB_MSG_PA message type

10 years agoprototype implementation using the pb_tnc_message_t class
Andreas Steffen [Tue, 23 Nov 2010 13:44:16 +0000 (14:44 +0100)]
prototype implementation using the pb_tnc_message_t class

10 years agodefined a pb_tnc_message_t interface
Andreas Steffen [Tue, 23 Nov 2010 13:27:57 +0000 (14:27 +0100)]
defined a pb_tnc_message_t interface

10 years agoenabled ha plugin in UML scenarios
Andreas Steffen [Sat, 20 Nov 2010 20:52:40 +0000 (21:52 +0100)]
enabled ha plugin in UML scenarios

10 years agofixed iptables script of gateway alice
Andreas Steffen [Sat, 20 Nov 2010 20:01:54 +0000 (21:01 +0100)]
fixed iptables script of gateway alice

10 years agoremoved copy of strongswancCert.pem
Andreas Steffen [Sat, 20 Nov 2010 19:34:21 +0000 (20:34 +0100)]
removed copy of strongswancCert.pem

10 years agoadded ha/both-active scenario
Andreas Steffen [Sat, 20 Nov 2010 19:16:26 +0000 (20:16 +0100)]
added ha/both-active scenario

10 years agocreated certificate and /etc/hosts entry for virtual gateway mars
Andreas Steffen [Sat, 20 Nov 2010 17:20:23 +0000 (18:20 +0100)]
created certificate and /etc/hosts entry for virtual gateway mars

10 years agoimplemented create_reason_enumerator() function
Andreas Steffen [Fri, 19 Nov 2010 16:23:06 +0000 (17:23 +0100)]
implemented create_reason_enumerator() function

10 years agoimplemented request_handshake_retry() function
Andreas Steffen [Fri, 19 Nov 2010 07:51:56 +0000 (08:51 +0100)]
implemented request_handshake_retry() function

10 years agoDo not query for CKA_ALWAYS_AUTHENTICATE if PKCS#11 Cryptoki version < 2.20
Martin Willi [Thu, 18 Nov 2010 07:56:12 +0000 (08:56 +0100)]
Do not query for CKA_ALWAYS_AUTHENTICATE if PKCS#11 Cryptoki version < 2.20

10 years agoUse static args for C_Initialize(), OpenSC does not get a copy of the pointers
Martin Willi [Thu, 18 Nov 2010 07:43:26 +0000 (08:43 +0100)]
Use static args for C_Initialize(), OpenSC does not get a copy of the pointers

10 years agoadded ITA and strongSwan OIDs
Andreas Steffen [Wed, 17 Nov 2010 21:46:28 +0000 (22:46 +0100)]
added ITA and strongSwan OIDs

10 years agocorrected TCGID OID
Andreas Steffen [Wed, 17 Nov 2010 21:13:55 +0000 (22:13 +0100)]
corrected TCGID OID

10 years agoAdded getter for arbitrary environment variables
Martin Willi [Wed, 17 Nov 2010 15:46:23 +0000 (16:46 +0100)]
Added getter for arbitrary environment variables

10 years agoadded IMC and IMV IDs as arguments to send_message()
Andreas Steffen [Tue, 16 Nov 2010 23:04:10 +0000 (00:04 +0100)]
added IMC and IMV IDs as arguments to send_message()

10 years agoget_attribute() and set_attribute() are not allowed to use TNC_CONNECTIONID_ANY
Andreas Steffen [Tue, 16 Nov 2010 21:43:48 +0000 (22:43 +0100)]
get_attribute() and set_attribute() are not allowed to use TNC_CONNECTIONID_ANY

10 years agoinitialize chunks and add debug output
Andreas Steffen [Tue, 16 Nov 2010 21:28:10 +0000 (22:28 +0100)]
initialize chunks and add debug output

10 years agoload IMCs and IMVs with RTLD_LAZY
Andreas Steffen [Tue, 16 Nov 2010 21:14:20 +0000 (22:14 +0100)]
load IMCs and IMVs with RTLD_LAZY

10 years agofixed memory leak
Andreas Steffen [Tue, 16 Nov 2010 20:37:38 +0000 (21:37 +0100)]
fixed memory leak

10 years agoimplement set_attribute() callback function
Andreas Steffen [Tue, 16 Nov 2010 20:07:02 +0000 (21:07 +0100)]
implement set_attribute() callback function

10 years agoimplement GetAttribute() callback function
Andreas Steffen [Tue, 16 Nov 2010 19:14:48 +0000 (20:14 +0100)]
implement GetAttribute() callback function

10 years agocall is_complete() if tls protocol returns with SUCCESS
Andreas Steffen [Tue, 16 Nov 2010 10:52:06 +0000 (11:52 +0100)]
call is_complete() if tls protocol returns with SUCCESS

10 years agoreformulated recommendation policies
Andreas Steffen [Tue, 16 Nov 2010 09:59:53 +0000 (10:59 +0100)]
reformulated recommendation policies

10 years agoDo not checkin a previously destroyed SA
Thomas Egerer [Mon, 15 Nov 2010 17:00:40 +0000 (18:00 +0100)]
Do not checkin a previously destroyed SA

10 years agoRemove obsolete pool_size argument in processor_create()
Martin Willi [Tue, 16 Nov 2010 08:38:39 +0000 (09:38 +0100)]
Remove obsolete pool_size argument in processor_create()

10 years agomutex.h is not needed any more
Andreas Steffen [Tue, 16 Nov 2010 08:15:17 +0000 (09:15 +0100)]
mutex.h is not needed any more

10 years agoimv_list consists of linked imv_t instances
Andreas Steffen [Tue, 16 Nov 2010 08:09:39 +0000 (09:09 +0100)]
imv_list consists of linked imv_t instances

10 years agoimplemented have_recommendation() based on a choice of 3 policies
Andreas Steffen [Mon, 15 Nov 2010 16:38:31 +0000 (17:38 +0100)]
implemented have_recommendation() based on a choice of 3 policies

10 years agolog configured recommendation policy
Andreas Steffen [Sun, 14 Nov 2010 10:29:27 +0000 (11:29 +0100)]
log configured recommendation policy

10 years agoconfigure recommendation policy via strongswan.conf
Andreas Steffen [Sun, 14 Nov 2010 10:23:47 +0000 (11:23 +0100)]
configure recommendation policy via strongswan.conf

10 years agore-establish null pointer if IMC/IMV manager plugin could not be installed
Andreas Steffen [Sun, 14 Nov 2010 08:50:01 +0000 (09:50 +0100)]
re-establish null pointer if IMC/IMV manager plugin could not be installed

10 years agomoved recommendation handling to the tnc_imv plugin
Andreas Steffen [Sat, 13 Nov 2010 09:01:46 +0000 (10:01 +0100)]
moved recommendation handling to the tnc_imv plugin

10 years agoExtend connected peers by peer family
Thomas Egerer [Fri, 12 Nov 2010 10:37:06 +0000 (11:37 +0100)]
Extend connected peers by peer family

This allows for simultanious IPv4 and IPv6 tunnel for same peers with
matching identities.

10 years agoAdded a PKCS#11 module option to enforce OS Locking functions
Martin Willi [Fri, 12 Nov 2010 13:45:09 +0000 (14:45 +0100)]
Added a PKCS#11 module option to enforce OS Locking functions

10 years agoPrint full source route on DBG2 that gets installed
Martin Willi [Thu, 11 Nov 2010 08:59:02 +0000 (09:59 +0100)]
Print full source route on DBG2 that gets installed

10 years agoremoved debug output in IMC bind functions
Andreas Steffen [Thu, 11 Nov 2010 06:51:56 +0000 (07:51 +0100)]
removed debug output in IMC bind functions

10 years agoadded get_preferred_language() to tnc_imc
Andreas Steffen [Thu, 11 Nov 2010 06:30:13 +0000 (07:30 +0100)]
added get_preferred_language() to tnc_imc

10 years agocreated dummy have_recommendation() function
Andreas Steffen [Wed, 10 Nov 2010 21:42:36 +0000 (22:42 +0100)]
created dummy have_recommendation() function

10 years agoimplemented mutex locking the batch in construction
Andreas Steffen [Wed, 10 Nov 2010 21:22:27 +0000 (22:22 +0100)]
implemented mutex locking the batch in construction

10 years agofixed received test message
Andreas Steffen [Wed, 10 Nov 2010 21:02:20 +0000 (22:02 +0100)]
fixed received test message

10 years agoimplemented mutex locking the recommendations list
Andreas Steffen [Wed, 10 Nov 2010 20:53:17 +0000 (21:53 +0100)]
implemented mutex locking the recommendations list

10 years agodisplay ID of registered IMCs/IMVs
Andreas Steffen [Wed, 10 Nov 2010 20:30:50 +0000 (21:30 +0100)]
display ID of registered IMCs/IMVs

10 years agoimplemented recommendation storage
Andreas Steffen [Wed, 10 Nov 2010 20:23:10 +0000 (21:23 +0100)]
implemented recommendation storage

10 years agocreated enum names for action recommendations and evaluation results
Andreas Steffen [Wed, 10 Nov 2010 20:22:27 +0000 (21:22 +0100)]
created enum names for action recommendations and evaluation results

10 years agoremoved debug output of tnc_imv_bind_functions
Andreas Steffen [Wed, 10 Nov 2010 20:20:53 +0000 (21:20 +0100)]
removed debug output of tnc_imv_bind_functions

10 years agoDo not use CKA_TRUSTED attribute for Cryptoki version < 2.20, handling all certs...
Martin Willi [Wed, 10 Nov 2010 17:34:59 +0000 (18:34 +0100)]
Do not use CKA_TRUSTED attribute for Cryptoki version < 2.20, handling all certs as trusted

10 years agoAdd flags for PKCS#11 libraries with reduced feature set
Martin Willi [Wed, 10 Nov 2010 17:16:17 +0000 (18:16 +0100)]
Add flags for PKCS#11 libraries with reduced feature set

10 years agoenforce_recommendation inserts TNC group membership rules for IKE_SA
Andreas Steffen [Wed, 10 Nov 2010 16:59:41 +0000 (17:59 +0100)]
enforce_recommendation inserts TNC group membership rules for IKE_SA

10 years agodefined PB-TNC types
Andreas Steffen [Wed, 10 Nov 2010 14:44:51 +0000 (15:44 +0100)]
defined PB-TNC types

10 years agoappend any previously collection messages to batch
Andreas Steffen [Wed, 10 Nov 2010 14:44:09 +0000 (15:44 +0100)]
append any previously collection messages to batch

10 years agoread IMC/IMV configurations from /etc/tnc_config
Andreas Steffen [Wed, 10 Nov 2010 09:57:01 +0000 (10:57 +0100)]
read IMC/IMV configurations from /etc/tnc_config

10 years agounload the IMCs and IMVs using dlclose()
Andreas Steffen [Tue, 9 Nov 2010 11:45:21 +0000 (12:45 +0100)]
unload the IMCs and IMVs using dlclose()

10 years agoimplemented separate protocol and connection rwlocks
Andreas Steffen [Tue, 9 Nov 2010 11:30:26 +0000 (12:30 +0100)]
implemented separate protocol and connection rwlocks

10 years agoassign provide_recommendation callback function
Andreas Steffen [Mon, 8 Nov 2010 22:56:20 +0000 (23:56 +0100)]
assign provide_recommendation callback function

10 years agoimplemented batch_ending() and solicit_recommendation() functions
Andreas Steffen [Mon, 8 Nov 2010 22:13:40 +0000 (23:13 +0100)]
implemented batch_ending() and solicit_recommendation() functions

10 years agoadded get_count() method to IMC/IMV managers
Andreas Steffen [Mon, 8 Nov 2010 21:33:01 +0000 (22:33 +0100)]
added get_count() method to IMC/IMV managers

10 years agoabort if one of the IMCs or IMVs fail to initialize
Andreas Steffen [Mon, 8 Nov 2010 21:21:53 +0000 (22:21 +0100)]
abort if one of the IMCs or IMVs fail to initialize

10 years agoremoved whitespace
Andreas Steffen [Mon, 8 Nov 2010 18:39:16 +0000 (19:39 +0100)]
removed whitespace

10 years agoimplemented provide_recommendation callback function
Andreas Steffen [Mon, 8 Nov 2010 18:25:25 +0000 (19:25 +0100)]
implemented provide_recommendation callback function

10 years agoadded imc/imv_manager remove method
Andreas Steffen [Mon, 8 Nov 2010 14:53:50 +0000 (15:53 +0100)]
added imc/imv_manager remove method

10 years agoremoved dependencies from libtnc
Andreas Steffen [Mon, 8 Nov 2010 10:41:14 +0000 (11:41 +0100)]
removed dependencies from libtnc

10 years agoinsert IMV/IMC before providing BindFunction
Andreas Steffen [Sun, 7 Nov 2010 23:29:44 +0000 (00:29 +0100)]
insert IMV/IMC before providing BindFunction

10 years agotnc_imc/tnc_imv cosmetics
Andreas Steffen [Sun, 7 Nov 2010 11:16:52 +0000 (12:16 +0100)]
tnc_imc/tnc_imv cosmetics

10 years agotnccs header cosmetics
Andreas Steffen [Sun, 7 Nov 2010 11:03:26 +0000 (12:03 +0100)]
tnccs header cosmetics

10 years agoimv/imc header cosmetics
Andreas Steffen [Sun, 7 Nov 2010 10:56:56 +0000 (11:56 +0100)]
imv/imc header cosmetics

10 years agoimplemented receive_message() function
Andreas Steffen [Sun, 7 Nov 2010 00:17:21 +0000 (01:17 +0100)]
implemented receive_message() function

10 years agosupport of reportMessageTypes() function
Andreas Steffen [Sat, 6 Nov 2010 22:01:59 +0000 (23:01 +0100)]
support of reportMessageTypes() function

10 years agomoved TNCCS callback functions into bind_function.c
Andreas Steffen [Sat, 6 Nov 2010 19:38:59 +0000 (20:38 +0100)]
moved TNCCS callback functions into bind_function.c

10 years agoimplemented send_message() callback function
Andreas Steffen [Sat, 6 Nov 2010 19:13:41 +0000 (20:13 +0100)]
implemented send_message() callback function

10 years agoimplement IMC and IMV manager classes
Andreas Steffen [Fri, 5 Nov 2010 23:54:10 +0000 (00:54 +0100)]
implement IMC and IMV manager classes

10 years agocheck if optional terminate() function exists
Andreas Steffen [Thu, 4 Nov 2010 22:59:31 +0000 (23:59 +0100)]
check if optional terminate() function exists

10 years agoadded connection management to TNCCS manager
Andreas Steffen [Thu, 4 Nov 2010 22:56:16 +0000 (23:56 +0100)]
added connection management to TNCCS manager

10 years agoselect TNCCS protocol via charon.plugins.eap-tnc.protocol
Andreas Steffen [Thu, 4 Nov 2010 21:08:47 +0000 (22:08 +0100)]
select TNCCS protocol via charon.plugins.eap-tnc.protocol

10 years agochanged ACL properties of header files
Andreas Steffen [Thu, 4 Nov 2010 18:42:08 +0000 (19:42 +0100)]
changed ACL properties of header files

10 years agocleaned up whitespace
Andreas Steffen [Thu, 4 Nov 2010 15:19:39 +0000 (16:19 +0100)]
cleaned up whitespace

10 years agoimplemented IMC/IMV handler
Andreas Steffen [Thu, 4 Nov 2010 13:56:34 +0000 (14:56 +0100)]
implemented IMC/IMV handler

10 years agofixed memory leak in EAP-TTLS piggy-back mode
Andreas Steffen [Tue, 9 Nov 2010 19:35:53 +0000 (20:35 +0100)]
fixed memory leak in EAP-TTLS piggy-back mode

10 years agoAdded a stroke rekey command to trigger IKE/CHILD_SA rekeying manually
Martin Willi [Wed, 3 Nov 2010 14:12:05 +0000 (15:12 +0100)]
Added a stroke rekey command to trigger IKE/CHILD_SA rekeying manually

10 years agotwo fixes in tnccs_11
Andreas Steffen [Tue, 2 Nov 2010 09:46:30 +0000 (10:46 +0100)]
two fixes in tnccs_11

10 years agoRemoved signing artifact.
Tobias Brunner [Tue, 2 Nov 2010 08:30:09 +0000 (09:30 +0100)]
Removed signing artifact.

10 years agoremoved strongswan-4.5.0.tar.bz2.bak
Andreas Steffen [Mon, 1 Nov 2010 19:40:38 +0000 (20:40 +0100)]
removed strongswan-4.5.0.tar.bz2.bak

10 years agomoved tnccs-20 plugin in front of tnc-imv and intc-imc
Andreas Steffen [Mon, 1 Nov 2010 17:54:43 +0000 (18:54 +0100)]
moved tnccs-20 plugin in front of tnc-imv and intc-imc

10 years agoversion bump to 4.5.1
Andreas Steffen [Fri, 29 Oct 2010 07:30:57 +0000 (09:30 +0200)]
version bump to 4.5.1

10 years agoversion bump to 4.5.0 4.5.0
Andreas Steffen [Thu, 28 Oct 2010 18:23:59 +0000 (20:23 +0200)]
version bump to 4.5.0

10 years agocompleted NEWS for the 4.5.0 release
Andreas Steffen [Thu, 28 Oct 2010 18:23:22 +0000 (20:23 +0200)]
completed NEWS for the 4.5.0 release