strongswan.git
13 years agoadding attribute certficates to a chained list
Andreas Steffen [Tue, 14 Aug 2007 12:27:02 +0000 (12:27 -0000)]
adding attribute certficates to a chained list

13 years agosoft-limit treatment of unmatched certificate requests using a priority metric
Andreas Steffen [Tue, 14 Aug 2007 12:26:22 +0000 (12:26 -0000)]
soft-limit treatment of unmatched certificate requests using a priority metric

13 years agoreplaced hex_str() by fprintf(#B) for printing unknown OIDs
Andreas Steffen [Tue, 14 Aug 2007 12:24:35 +0000 (12:24 -0000)]
replaced hex_str() by fprintf(#B) for printing unknown OIDs

13 years agofixed bug occuring with multiple occurences of the same cacert on a smartcard
Andreas Steffen [Mon, 13 Aug 2007 07:47:47 +0000 (07:47 -0000)]
fixed bug occuring with multiple occurences of the same cacert on a smartcard

13 years agohas_rsa_private_key() must also be protected by keys_mutex
Andreas Steffen [Fri, 10 Aug 2007 12:10:36 +0000 (12:10 -0000)]
has_rsa_private_key() must also be protected by keys_mutex

13 years agocorrected debug output
Andreas Steffen [Fri, 10 Aug 2007 11:23:45 +0000 (11:23 -0000)]
corrected debug output

13 years agoset default to uml=false
Andreas Steffen [Fri, 10 Aug 2007 10:47:48 +0000 (10:47 -0000)]
set default to uml=false

13 years agoadded listaacerts,listacerts,rereadsecerts,rereadocspcerts,rereadaacerts,rereadacerts...
Andreas Steffen [Fri, 10 Aug 2007 10:19:53 +0000 (10:19 -0000)]
added listaacerts,listacerts,rereadsecerts,rereadocspcerts,rereadaacerts,rereadacerts to stroke

13 years agofixed typo stroke keyword list
Andreas Steffen [Fri, 10 Aug 2007 10:00:59 +0000 (10:00 -0000)]
fixed typo stroke keyword list

13 years agoipsec stroke rereadsecrets|rereadaacerts|rereadacerts|listacerts supported
Andreas Steffen [Fri, 10 Aug 2007 09:19:58 +0000 (09:19 -0000)]
ipsec stroke rereadsecrets|rereadaacerts|rereadacerts|listacerts supported

13 years agoipsec stroke rereadaacerts|rereadacerts supported
Andreas Steffen [Fri, 10 Aug 2007 09:17:34 +0000 (09:17 -0000)]
ipsec stroke rereadaacerts|rereadacerts supported

13 years agofixed build without --enable-uml
Martin Willi [Fri, 10 Aug 2007 09:14:20 +0000 (09:14 -0000)]
fixed build without --enable-uml

13 years agofixed build without --enable-uml
Martin Willi [Fri, 10 Aug 2007 08:58:37 +0000 (08:58 -0000)]
fixed build without --enable-uml

13 years agoset STROKE_REREAD_FIRST to STROKE_REREAD_SECRETS
Andreas Steffen [Fri, 10 Aug 2007 08:49:20 +0000 (08:49 -0000)]
set STROKE_REREAD_FIRST to STROKE_REREAD_SECRETS

13 years agoset STROKE_REREAD_FIRST to STROKE_REREAD_SECRETS
Andreas Steffen [Fri, 10 Aug 2007 08:49:03 +0000 (08:49 -0000)]
set STROKE_REREAD_FIRST to STROKE_REREAD_SECRETS

13 years agoadded rereadsecrets keyword to stroke
Andreas Steffen [Fri, 10 Aug 2007 08:05:03 +0000 (08:05 -0000)]
added rereadsecrets keyword to stroke

13 years agosupport of ipsec rereadsecrets for stroke
Andreas Steffen [Fri, 10 Aug 2007 07:16:32 +0000 (07:16 -0000)]
support of ipsec rereadsecrets for stroke

13 years agoreread notify socket when interrupted (EINTR) through sigchild
Martin Willi [Fri, 10 Aug 2007 06:01:03 +0000 (06:01 -0000)]
reread notify socket when interrupted (EINTR) through sigchild

13 years agofixed libstrongswan linking for libdumm
Martin Willi [Thu, 9 Aug 2007 12:50:01 +0000 (12:50 -0000)]
fixed libstrongswan linking for libdumm

13 years agomade linked lists invoke() method consistent to clone_*() and destroy_*() methods
Martin Willi [Thu, 9 Aug 2007 12:43:11 +0000 (12:43 -0000)]
made linked lists invoke() method consistent to clone_*() and destroy_*() methods

13 years agoremoved Makefile from svn
Martin Willi [Thu, 9 Aug 2007 07:14:56 +0000 (07:14 -0000)]
removed Makefile from svn
support for scenario switching

13 years agobuild UML stuff only on --enable-uml
Martin Willi [Wed, 8 Aug 2007 14:24:25 +0000 (14:24 -0000)]
build UML stuff only on --enable-uml

13 years agoadded UML modeler to autotools
Martin Willi [Wed, 8 Aug 2007 14:03:55 +0000 (14:03 -0000)]
added UML modeler to autotools

13 years agousable without scenarios
Martin Willi [Wed, 8 Aug 2007 12:35:24 +0000 (12:35 -0000)]
usable without scenarios

13 years agoversion bump to 4.1.6
Andreas Steffen [Wed, 8 Aug 2007 08:17:48 +0000 (08:17 -0000)]
version bump to 4.1.6

13 years agobug fix in linked_list deletion - instead of acerts destroyed certs twice 4.1.5
Andreas Steffen [Wed, 8 Aug 2007 06:02:59 +0000 (06:02 -0000)]
bug fix in linked_list deletion - instead of acerts destroyed certs twice

13 years agoversion bumps
Andreas Steffen [Tue, 7 Aug 2007 21:14:06 +0000 (21:14 -0000)]
version bumps

13 years agoimplemented listing of attribute certificates
Andreas Steffen [Tue, 7 Aug 2007 20:32:11 +0000 (20:32 -0000)]
implemented listing of attribute certificates

13 years agoupdated NEWS for 4.1.5
Martin Willi [Tue, 7 Aug 2007 06:48:48 +0000 (06:48 -0000)]
updated NEWS for 4.1.5

13 years agofixed segfault when sourceip in stroke message is NULL
Martin Willi [Mon, 6 Aug 2007 12:35:28 +0000 (12:35 -0000)]
fixed segfault when sourceip in stroke message is NULL

13 years agotolerate DNS lookup failures
Andreas Steffen [Mon, 6 Aug 2007 12:02:12 +0000 (12:02 -0000)]
tolerate DNS lookup failures

13 years agoseparate the PSK IDs by spaces
Andreas Steffen [Mon, 6 Aug 2007 11:52:21 +0000 (11:52 -0000)]
separate the PSK IDs by spaces

13 years agocowfs is bootable now!
Martin Willi [Mon, 6 Aug 2007 11:42:32 +0000 (11:42 -0000)]
cowfs is bootable now!

13 years agodebug info on preshared secrets
Andreas Steffen [Mon, 6 Aug 2007 11:05:11 +0000 (11:05 -0000)]
debug info on preshared secrets

13 years agoallow starter to initiate connections simultaneously (on auto=start)
Martin Willi [Mon, 6 Aug 2007 07:41:19 +0000 (07:41 -0000)]
allow starter to initiate connections simultaneously (on auto=start)

13 years agoadded doxygen comments
Andreas Steffen [Sat, 4 Aug 2007 10:54:26 +0000 (10:54 -0000)]
added doxygen comments

13 years agodoxygen cosmetics
Andreas Steffen [Sat, 4 Aug 2007 07:32:37 +0000 (07:32 -0000)]
doxygen cosmetics

13 years agoimproved source routing table creation
Andreas Steffen [Fri, 3 Aug 2007 17:59:13 +0000 (17:59 -0000)]
improved source routing table creation

13 years agoID_FQDN lost its @ prefix
Andreas Steffen [Fri, 3 Aug 2007 13:36:28 +0000 (13:36 -0000)]
ID_FQDN lost its @ prefix

13 years agoproper shutdown
Martin Willi [Fri, 3 Aug 2007 11:47:20 +0000 (11:47 -0000)]
proper shutdown
moved signal handler for SIGCHD and SIGHUP to dumm

13 years agorecognize strongswan-2.8.7 VID
Andreas Steffen [Fri, 3 Aug 2007 11:34:44 +0000 (11:34 -0000)]
recognize strongswan-2.8.7 VID

13 years agore-introduced listing of nexthop in ipsec status
Andreas Steffen [Fri, 3 Aug 2007 11:16:43 +0000 (11:16 -0000)]
re-introduced listing of nexthop in ipsec status

13 years agouse cgecho for green output
Andreas Steffen [Fri, 3 Aug 2007 10:58:45 +0000 (10:58 -0000)]
use cgecho for green output

13 years agocheck source routing table 100
Andreas Steffen [Fri, 3 Aug 2007 10:57:37 +0000 (10:57 -0000)]
check source routing table 100

13 years agore-introduced leftnexthop=%direct
Andreas Steffen [Fri, 3 Aug 2007 10:57:08 +0000 (10:57 -0000)]
re-introduced leftnexthop=%direct

13 years agoadded routing table 50 for passthrough routes
Andreas Steffen [Fri, 3 Aug 2007 10:56:40 +0000 (10:56 -0000)]
added routing table 50 for passthrough routes

13 years agouse table 100 for source routing
Andreas Steffen [Fri, 3 Aug 2007 10:05:15 +0000 (10:05 -0000)]
use table 100 for source routing

13 years agoworking cowfs prototype
Martin Willi [Fri, 3 Aug 2007 09:33:43 +0000 (09:33 -0000)]
working cowfs prototype

13 years agohandle dns lookup failures
Andreas Steffen [Thu, 2 Aug 2007 18:38:28 +0000 (18:38 -0000)]
handle dns lookup failures

13 years agostarted own cowfs implementation
Martin Willi [Tue, 31 Jul 2007 15:23:23 +0000 (15:23 -0000)]
started own cowfs implementation

13 years agoadded two methods to clone linked lists and the contained objects.
Tobias Brunner [Tue, 31 Jul 2007 12:54:17 +0000 (12:54 -0000)]
added two methods to clone linked lists and the contained objects.

13 years agobridging using libbridge
Martin Willi [Mon, 30 Jul 2007 13:20:35 +0000 (13:20 -0000)]
bridging using libbridge
rewrite of guest, does not change cwd anymore
loading of created scenarios

13 years agocorrected typo
Andreas Steffen [Mon, 30 Jul 2007 10:55:09 +0000 (10:55 -0000)]
corrected typo

13 years agoproperly shutdown of clients
Martin Willi [Fri, 27 Jul 2007 10:17:50 +0000 (10:17 -0000)]
properly shutdown of clients

13 years agosupport for killing guests properly
Martin Willi [Fri, 27 Jul 2007 07:37:15 +0000 (07:37 -0000)]
support for killing guests properly

13 years agoimplemented mconsole notification to check if guest came up
Martin Willi [Thu, 26 Jul 2007 13:21:06 +0000 (13:21 -0000)]
implemented mconsole notification to check if guest came up
slightly modified menu commands

13 years agofixed tap device setup (requires open/close for each call)
Martin Willi [Thu, 26 Jul 2007 07:39:49 +0000 (07:39 -0000)]
fixed tap device setup (requires open/close for each call)
using more meaningful names for tap devices

13 years agofixed mconsole when using multiple guests
Martin Willi [Wed, 25 Jul 2007 14:05:06 +0000 (14:05 -0000)]
fixed mconsole when using multiple guests
fixed interface enumeration bug

13 years agoadded dynamic interface manipulation for guests
Martin Willi [Wed, 25 Jul 2007 13:23:45 +0000 (13:23 -0000)]
added dynamic interface manipulation for guests
management of tap devices on the host

13 years agochecked in first draft of "Dynamic Uml Mesh Modeler"
Martin Willi [Tue, 24 Jul 2007 14:22:56 +0000 (14:22 -0000)]
checked in first draft of "Dynamic Uml Mesh Modeler"

13 years agobackports from the p2p-nat-t branch:
Tobias Brunner [Thu, 19 Jul 2007 14:12:19 +0000 (14:12 -0000)]
backports from the p2p-nat-t branch:
 * double assignment of function ''destroy'' in some jobs
 * typos

13 years agoupdated XML interface to new schema
Martin Willi [Thu, 19 Jul 2007 10:57:33 +0000 (10:57 -0000)]
updated XML interface to new schema

13 years agonot touching IKE_SA_INIT from ike_mobike_t anymore
Martin Willi [Thu, 19 Jul 2007 08:08:22 +0000 (08:08 -0000)]
not touching IKE_SA_INIT from ike_mobike_t anymore

13 years agofixed compiler warning
Martin Willi [Mon, 16 Jul 2007 07:10:14 +0000 (07:10 -0000)]
fixed compiler warning

13 years agofixed payload order (Nonce, KE) for IKE_SA_INIT
Martin Willi [Mon, 16 Jul 2007 07:01:49 +0000 (07:01 -0000)]
fixed payload order (Nonce, KE) for IKE_SA_INIT

13 years agoinclude default route also in src address evaluation
Andreas Steffen [Fri, 13 Jul 2007 09:00:39 +0000 (09:00 -0000)]
include default route also in src address evaluation

13 years agoinclude default route with missing dst field into route evaluation
Andreas Steffen [Fri, 13 Jul 2007 06:13:14 +0000 (06:13 -0000)]
include default route with missing dst field into route evaluation

13 years agoadded to ipsec.conf installation path
Andreas Steffen [Wed, 11 Jul 2007 16:22:02 +0000 (16:22 -0000)]
added  to ipsec.conf installation path

13 years agodoing route lookup in userspace to ignore routes installed by us
Martin Willi [Wed, 11 Jul 2007 12:37:24 +0000 (12:37 -0000)]
doing route lookup in userspace to ignore routes installed by us

13 years agousing own routing table for installed routes (table 100, prio 100)
Martin Willi [Wed, 11 Jul 2007 06:55:11 +0000 (06:55 -0000)]
using own routing table for installed routes (table 100, prio 100)

13 years agoversion bump to 4.1.5
Andreas Steffen [Sun, 8 Jul 2007 19:40:11 +0000 (19:40 -0000)]
version bump to 4.1.5

13 years agoversion bump to 4.1.5
Andreas Steffen [Sun, 8 Jul 2007 19:08:31 +0000 (19:08 -0000)]
version bump to 4.1.5

13 years agoadded first draft of SMP relax-ng schema
Martin Willi [Fri, 6 Jul 2007 13:44:43 +0000 (13:44 -0000)]
added first draft of SMP relax-ng schema

13 years agoexecute conntrack -F at the outset 4.1.4
Andreas Steffen [Wed, 4 Jul 2007 18:55:54 +0000 (18:55 -0000)]
execute conntrack -F at the outset

13 years agosuppress stderr in start-switches script
Andreas Steffen [Wed, 4 Jul 2007 18:50:21 +0000 (18:50 -0000)]
suppress stderr in start-switches script

13 years agoadded three mobike scenarios
Andreas Steffen [Wed, 4 Jul 2007 17:39:10 +0000 (17:39 -0000)]
added three mobike scenarios

13 years agooutput crl uri as a printable string instead of a binary blob
Andreas Steffen [Wed, 4 Jul 2007 13:36:41 +0000 (13:36 -0000)]
output crl uri as a printable string instead of a binary blob

13 years agoadded entrustVersInfo OID
Andreas Steffen [Wed, 4 Jul 2007 12:11:38 +0000 (12:11 -0000)]
added entrustVersInfo OID

13 years agoignoring unkown crl/ocsp uris
Martin Willi [Wed, 4 Jul 2007 12:00:33 +0000 (12:00 -0000)]
ignoring unkown crl/ocsp uris

13 years agousing correct nexthop for inserted route
Martin Willi [Wed, 4 Jul 2007 09:10:13 +0000 (09:10 -0000)]
using correct nexthop for inserted route

13 years agochanged mobike behavior to NOT use additional responder addresses until we have path...
Martin Willi [Wed, 4 Jul 2007 07:26:34 +0000 (07:26 -0000)]
changed mobike behavior to NOT use additional responder addresses until we have path discovery

13 years agofixed responder initiated CHILD_SA rekeying when using virtual IPs
Martin Willi [Wed, 4 Jul 2007 06:27:33 +0000 (06:27 -0000)]
fixed responder initiated CHILD_SA rekeying when using virtual IPs

13 years agodescribe eap option in ipsec.conf.5 man page
Andreas Steffen [Wed, 4 Jul 2007 05:42:58 +0000 (05:42 -0000)]
describe eap option in ipsec.conf.5 man page

13 years agocosmetics
Andreas Steffen [Wed, 4 Jul 2007 05:42:09 +0000 (05:42 -0000)]
cosmetics

13 years agoremoved the ipsec.conf version number
Andreas Steffen [Wed, 4 Jul 2007 05:41:51 +0000 (05:41 -0000)]
removed the ipsec.conf version number

13 years agofixed firewall script invocation when interface is not available anymore
Martin Willi [Tue, 3 Jul 2007 13:49:29 +0000 (13:49 -0000)]
fixed firewall script invocation when interface is not available anymore

13 years agoversion bumps
Andreas Steffen [Tue, 3 Jul 2007 13:08:13 +0000 (13:08 -0000)]
version bumps

13 years agorecognize strongswan-2.8.6 VID
Andreas Steffen [Tue, 3 Jul 2007 13:06:27 +0000 (13:06 -0000)]
recognize strongswan-2.8.6 VID

13 years agostarter bug fix and pkcs11initargs patch by Robert Varga
Andreas Steffen [Tue, 3 Jul 2007 12:51:29 +0000 (12:51 -0000)]
starter bug fix and pkcs11initargs patch by Robert Varga

13 years agoimproved MOBIKE:
Martin Willi [Tue, 3 Jul 2007 12:32:38 +0000 (12:32 -0000)]
improved MOBIKE:
  prefer address family already used
  do not change address implicit when mobike supported
  handle multiple simultaneous roaming requests more properly
  proper enabling/disabling of UDP encapsulation

13 years agosupport of PKCS#11 init arguments required by NSS softoken, patch contributed by...
Andreas Steffen [Tue, 3 Jul 2007 09:33:02 +0000 (09:33 -0000)]
support of PKCS#11 init arguments required by NSS softoken, patch contributed by Robert Varga

13 years agosupport of PKCS#11 init arguments required by NSS softoken, patch contributed by...
Andreas Steffen [Tue, 3 Jul 2007 09:26:44 +0000 (09:26 -0000)]
support of PKCS#11 init arguments required by NSS softoken, patch contributed by Robert Varga

13 years agoadded message ID to message log
Martin Willi [Tue, 3 Jul 2007 09:00:16 +0000 (09:00 -0000)]
added message ID to message log

13 years agoshow kind of notify contained in messages in log
Martin Willi [Tue, 3 Jul 2007 08:50:14 +0000 (08:50 -0000)]
show kind of notify contained in messages in log

13 years agoDBG1 level for 'peer supports MOBIKE' debug message
Andreas Steffen [Mon, 2 Jul 2007 20:13:15 +0000 (20:13 -0000)]
DBG1 level for 'peer supports MOBIKE' debug message

13 years agofixed typo
Andreas Steffen [Mon, 2 Jul 2007 20:10:26 +0000 (20:10 -0000)]
fixed typo

13 years agocosmetics
Andreas Steffen [Mon, 2 Jul 2007 17:56:04 +0000 (17:56 -0000)]
cosmetics

13 years agofix of the bug fix, courtesy of Robert Varga
Andreas Steffen [Mon, 2 Jul 2007 17:48:30 +0000 (17:48 -0000)]
fix of the bug fix, courtesy of Robert Varga

13 years agobug fix courtesy of Robert Varga
Andreas Steffen [Mon, 2 Jul 2007 17:42:16 +0000 (17:42 -0000)]
bug fix courtesy of Robert Varga

13 years agoupdated documentation files
Martin Willi [Mon, 2 Jul 2007 12:55:43 +0000 (12:55 -0000)]
updated documentation files