strongswan.git
15 years agoupdated stroke to allow run-time manipulation of debug levels
Martin Willi [Wed, 18 Oct 2006 11:47:26 +0000 (11:47 -0000)]
updated stroke to allow run-time manipulation of debug levels

15 years agoadded charondebug config parameter to set debug level at startup
Martin Willi [Wed, 18 Oct 2006 11:46:57 +0000 (11:46 -0000)]
added charondebug config parameter to set debug level at startup

15 years agointroduced new logging subsystem using bus:
Martin Willi [Wed, 18 Oct 2006 11:46:13 +0000 (11:46 -0000)]
introduced new logging subsystem using bus:
  passive listeners can register on the bus
  active listeners wait for signals actively
  multiplexing allows multiple listeners to receive debug signals
  a lot more...

15 years agoinclude CREDITS file in distribution
Martin Willi [Wed, 18 Oct 2006 11:41:19 +0000 (11:41 -0000)]
include CREDITS file in distribution

15 years agomoved various scripts in scripts/ dir
Martin Willi [Wed, 18 Oct 2006 11:40:53 +0000 (11:40 -0000)]
moved various scripts in scripts/ dir
add configure script wrappers

15 years agoremoved txt files from doxygen
Martin Willi [Wed, 18 Oct 2006 11:39:12 +0000 (11:39 -0000)]
removed txt files from doxygen

15 years agoremoved module tests, outdated. We need something more system-test like
Martin Willi [Wed, 18 Oct 2006 11:38:43 +0000 (11:38 -0000)]
removed module tests, outdated. We need something more system-test like

15 years agoadded missing -DDEBUG compile option
Andreas Steffen [Wed, 18 Oct 2006 08:07:01 +0000 (08:07 -0000)]
added missing -DDEBUG compile option

15 years agofixed auxillary message data parsing for IPV6 socket
Martin Willi [Mon, 9 Oct 2006 12:28:43 +0000 (12:28 -0000)]
fixed auxillary message data parsing for IPV6 socket
using SOL_* constants for socket level

15 years agofixed IPV6_PKTINFO setsockopt() to work with most kernel headers
Martin Willi [Mon, 9 Oct 2006 12:14:56 +0000 (12:14 -0000)]
fixed IPV6_PKTINFO setsockopt() to work with most kernel headers
replaced strerror(errno) with %m printf specifier

15 years agoadded stronger certs for moon, carol, and dave
Andreas Steffen [Mon, 9 Oct 2006 08:25:20 +0000 (08:25 -0000)]
added stronger certs for moon, carol, and dave

15 years agoadded IPv6 hw and multicast addresses
Andreas Steffen [Mon, 9 Oct 2006 08:24:49 +0000 (08:24 -0000)]
added IPv6 hw and multicast addresses

15 years agoadapted to new tcpdump ipv6 output
Andreas Steffen [Mon, 9 Oct 2006 08:23:38 +0000 (08:23 -0000)]
adapted to new tcpdump ipv6 output

15 years agomulti-level-ca scenarios use unencrypted private key
Andreas Steffen [Mon, 9 Oct 2006 08:23:11 +0000 (08:23 -0000)]
multi-level-ca scenarios use unencrypted private key

15 years agoadded scenario
Andreas Steffen [Mon, 9 Oct 2006 08:20:01 +0000 (08:20 -0000)]
added scenario

15 years agofixed timing
Andreas Steffen [Fri, 6 Oct 2006 07:57:25 +0000 (07:57 -0000)]
fixed timing

15 years agonew gentoo root file system
Andreas Steffen [Fri, 6 Oct 2006 07:54:07 +0000 (07:54 -0000)]
new gentoo root file system

15 years agofixed bug with openldap 2.3
Andreas Steffen [Fri, 6 Oct 2006 07:48:24 +0000 (07:48 -0000)]
fixed bug with openldap 2.3

15 years agoremoved ipsec.conf version information
Andreas Steffen [Fri, 6 Oct 2006 07:47:11 +0000 (07:47 -0000)]
removed ipsec.conf version information

15 years agocarolKey.pem is now protected by 3DES passphrase
Andreas Steffen [Fri, 6 Oct 2006 07:45:42 +0000 (07:45 -0000)]
carolKey.pem is now protected by 3DES passphrase

15 years agoupdated net runlevel scripts
Andreas Steffen [Fri, 6 Oct 2006 07:43:31 +0000 (07:43 -0000)]
updated net runlevel scripts

15 years agoupdated net init scripts
Andreas Steffen [Fri, 6 Oct 2006 07:42:17 +0000 (07:42 -0000)]
updated net init scripts

15 years agonew net configuration format
Andreas Steffen [Fri, 6 Oct 2006 07:40:39 +0000 (07:40 -0000)]
new net configuration format

15 years agoHW addresses must be predefined
Andreas Steffen [Fri, 6 Oct 2006 07:32:02 +0000 (07:32 -0000)]
HW addresses must be predefined

15 years agocosmetics
Andreas Steffen [Fri, 6 Oct 2006 07:24:41 +0000 (07:24 -0000)]
cosmetics

15 years agoadded USE_LIBCURL
Andreas Steffen [Fri, 6 Oct 2006 07:24:05 +0000 (07:24 -0000)]
added USE_LIBCURL

15 years agocosmetics
Andreas Steffen [Fri, 6 Oct 2006 07:23:39 +0000 (07:23 -0000)]
cosmetics

15 years agofound libraries are not appended to LIBS anymore
Andreas Steffen [Fri, 6 Oct 2006 07:22:38 +0000 (07:22 -0000)]
found libraries are not appended to LIBS anymore

15 years agoversion bump to 4.0.5
Andreas Steffen [Tue, 3 Oct 2006 06:52:31 +0000 (06:52 -0000)]
version bump to 4.0.5

15 years agofixed DPD to survive IKE_SA rekeying
Martin Willi [Thu, 28 Sep 2006 06:57:46 +0000 (06:57 -0000)]
fixed DPD to survive IKE_SA rekeying

15 years ago(no commit message)
Martin Willi [Wed, 27 Sep 2006 14:15:49 +0000 (14:15 -0000)]

15 years agointroduced printf() specifiers for:
Martin Willi [Wed, 27 Sep 2006 14:14:44 +0000 (14:14 -0000)]
introduced printf() specifiers for:
  host_t (%H)
  identification_t (%D)
  chunk pointers (%B)
  memory pointer/length (%b)
added a signaling bus:
  receives event and debug messages, sends them to its listeners
  stream_logger, sys_logger, file_logger added, listen to bus
some other tweaks here and there

15 years agoadded often used RFCs and drafts
Martin Willi [Wed, 27 Sep 2006 14:10:32 +0000 (14:10 -0000)]
added often used RFCs and drafts

15 years agoDES for private key encryption is not supported
Andreas Steffen [Mon, 25 Sep 2006 07:31:02 +0000 (07:31 -0000)]
DES for private key encryption is not supported

15 years agoupdated NEWS and ChangeLog for 4.0.4 release
Martin Willi [Mon, 25 Sep 2006 07:26:16 +0000 (07:26 -0000)]
updated NEWS and ChangeLog for 4.0.4 release

15 years agofixed retransmission policy for responder
Martin Willi [Mon, 25 Sep 2006 07:24:08 +0000 (07:24 -0000)]
fixed retransmission policy for responder

15 years agofixed dpd for responder
Martin Willi [Mon, 25 Sep 2006 06:38:58 +0000 (06:38 -0000)]
fixed dpd for responder

15 years agoadded ID_ANY check to matches_binary()
Andreas Steffen [Mon, 25 Sep 2006 06:19:40 +0000 (06:19 -0000)]
added ID_ANY check to matches_binary()

15 years agoreplaced 'missing value' warning by zero length chunk_t value
Andreas Steffen [Mon, 25 Sep 2006 06:18:45 +0000 (06:18 -0000)]
replaced 'missing value' warning by zero length chunk_t value

15 years agodefined maximum hash size
Andreas Steffen [Mon, 25 Sep 2006 06:15:57 +0000 (06:15 -0000)]
defined maximum hash size

15 years agosupport of AES-192-CBC private key encryption
Andreas Steffen [Mon, 25 Sep 2006 06:13:21 +0000 (06:13 -0000)]
support of AES-192-CBC private key encryption

15 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 06:12:22 +0000 (06:12 -0000)]
added hostaccess support

15 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 06:11:36 +0000 (06:11 -0000)]
added hostaccess support

15 years agomoved auth_method to policy
Andreas Steffen [Mon, 25 Sep 2006 06:11:09 +0000 (06:11 -0000)]
moved auth_method to policy

15 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 06:10:28 +0000 (06:10 -0000)]
added hostaccess support

15 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 06:10:02 +0000 (06:10 -0000)]
added hostaccess support

15 years agomore consistent authentication logging
Andreas Steffen [Mon, 25 Sep 2006 05:59:38 +0000 (05:59 -0000)]
more consistent authentication logging

15 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 05:58:45 +0000 (05:58 -0000)]
added hostaccess support

15 years agomoved auth_method to policy
Andreas Steffen [Mon, 25 Sep 2006 05:52:50 +0000 (05:52 -0000)]
moved auth_method to policy

15 years agomoved auth_method to policy
Andreas Steffen [Mon, 25 Sep 2006 05:52:13 +0000 (05:52 -0000)]
moved auth_method to policy

15 years agoadded hostaccess support; moved auth_method to policy
Andreas Steffen [Mon, 25 Sep 2006 05:51:16 +0000 (05:51 -0000)]
added hostaccess support; moved auth_method to policy

15 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 05:49:36 +0000 (05:49 -0000)]
added hostaccess support

15 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 05:46:56 +0000 (05:46 -0000)]
added hostaccess support

15 years agoadded new test scenarios
Andreas Steffen [Mon, 25 Sep 2006 05:42:13 +0000 (05:42 -0000)]
added new test scenarios

15 years agofixed some compiler warnings 4.0.4
Martin Willi [Thu, 21 Sep 2006 09:17:13 +0000 (09:17 -0000)]
fixed some compiler warnings

15 years agoextended statusall output
Martin Willi [Thu, 21 Sep 2006 07:03:21 +0000 (07:03 -0000)]
extended statusall output
  added job/event-queue statistics
  added allocation statistics when using LEAK_DETECTIVE

15 years agofixed include typo
Martin Willi [Thu, 21 Sep 2006 05:55:07 +0000 (05:55 -0000)]
fixed include typo

15 years agopublic declaration of all HASH_SIZEs in hasher.h
Martin Willi [Wed, 20 Sep 2006 06:45:19 +0000 (06:45 -0000)]
public declaration of all HASH_SIZEs in hasher.h

15 years agosupport of encrypted private key files
Andreas Steffen [Wed, 20 Sep 2006 05:48:54 +0000 (05:48 -0000)]
support of encrypted private key files

15 years agosupport of encrypted private key files
Andreas Steffen [Wed, 20 Sep 2006 05:48:27 +0000 (05:48 -0000)]
support of encrypted private key files

15 years agoadded copyright notice to sha2_hasher
Martin Willi [Tue, 19 Sep 2006 14:54:01 +0000 (14:54 -0000)]
added copyright notice to sha2_hasher
included SHA2 in build process

15 years agoimplemented sha2_hasher which supports SHA-256, SHA-384 and SHA-512
Martin Willi [Tue, 19 Sep 2006 14:49:47 +0000 (14:49 -0000)]
implemented sha2_hasher which supports SHA-256, SHA-384 and SHA-512

15 years agoadded support for 3DES encryption algorithm in IKE
Martin Willi [Tue, 19 Sep 2006 11:18:35 +0000 (11:18 -0000)]
added support for 3DES encryption algorithm in IKE

15 years agofixed the ids parsing bug
Andreas Steffen [Tue, 19 Sep 2006 06:17:06 +0000 (06:17 -0000)]
fixed the ids parsing bug

15 years agofixed the ids parsing bug
Andreas Steffen [Tue, 19 Sep 2006 06:16:48 +0000 (06:16 -0000)]
fixed the ids parsing bug

15 years agoupdated TODOs
Martin Willi [Mon, 18 Sep 2006 11:41:04 +0000 (11:41 -0000)]
updated TODOs

15 years agofixed memleak
Martin Willi [Mon, 18 Sep 2006 11:39:53 +0000 (11:39 -0000)]
fixed memleak
fixed proper handling of id parsing errors
proper return value when no PSK found

15 years agoadded HOST_ACCESS for firewall script as default
Martin Willi [Mon, 18 Sep 2006 11:38:37 +0000 (11:38 -0000)]
added HOST_ACCESS for firewall script as default

15 years agomore debugging output for PSK authentication
Martin Willi [Mon, 18 Sep 2006 11:38:11 +0000 (11:38 -0000)]
more debugging output for PSK authentication

15 years agosome cleanups here and there
Martin Willi [Mon, 18 Sep 2006 11:37:40 +0000 (11:37 -0000)]
some cleanups here and there

15 years agoadded auth_method field
Andreas Steffen [Mon, 18 Sep 2006 07:46:16 +0000 (07:46 -0000)]
added auth_method field

15 years agoadded auth_method field
Andreas Steffen [Mon, 18 Sep 2006 07:45:16 +0000 (07:45 -0000)]
added auth_method field

15 years agocosmetics
Andreas Steffen [Mon, 18 Sep 2006 07:44:41 +0000 (07:44 -0000)]
cosmetics

15 years agoverify_emsa_pkcs1_signature returns status_t
Andreas Steffen [Mon, 18 Sep 2006 07:44:16 +0000 (07:44 -0000)]
verify_emsa_pkcs1_signature returns status_t

15 years agocosmetics
Andreas Steffen [Mon, 18 Sep 2006 07:43:44 +0000 (07:43 -0000)]
cosmetics

15 years agoadded PSK support
Andreas Steffen [Mon, 18 Sep 2006 07:42:57 +0000 (07:42 -0000)]
added PSK support

15 years agoenabled firewall support
Andreas Steffen [Mon, 18 Sep 2006 07:41:54 +0000 (07:41 -0000)]
enabled firewall support

15 years agoadded
Andreas Steffen [Mon, 18 Sep 2006 07:41:22 +0000 (07:41 -0000)]
added

15 years agoadded
Andreas Steffen [Mon, 18 Sep 2006 07:41:09 +0000 (07:41 -0000)]
added

15 years agoadded
Andreas Steffen [Mon, 18 Sep 2006 07:40:37 +0000 (07:40 -0000)]
added

15 years agoproper error handling for socket creation
Martin Willi [Mon, 18 Sep 2006 06:44:38 +0000 (06:44 -0000)]
proper error handling for socket creation

15 years agohandle certificate parsing error more generous
Martin Willi [Thu, 14 Sep 2006 13:14:58 +0000 (13:14 -0000)]
handle certificate parsing error more generous

15 years agofixed certificate verification bug!
Martin Willi [Thu, 14 Sep 2006 12:22:08 +0000 (12:22 -0000)]
fixed certificate verification bug!

15 years agofixed memleak when receiving invalid certificate
Martin Willi [Thu, 14 Sep 2006 12:15:41 +0000 (12:15 -0000)]
fixed memleak when receiving invalid certificate

15 years agoversion bump to 4.0.4
Andreas Steffen [Thu, 14 Sep 2006 06:47:21 +0000 (06:47 -0000)]
version bump to 4.0.4

15 years agoversion bump to 4.0.4
Andreas Steffen [Thu, 14 Sep 2006 06:45:16 +0000 (06:45 -0000)]
version bump to 4.0.4

15 years agotwo new test scenarios
Andreas Steffen [Thu, 14 Sep 2006 06:39:14 +0000 (06:39 -0000)]
two new test scenarios

15 years agofixed path to images directory
Andreas Steffen [Thu, 14 Sep 2006 06:38:50 +0000 (06:38 -0000)]
fixed path to images directory

15 years agoimplemented updown script to handle firewalling
Martin Willi [Tue, 12 Sep 2006 13:50:14 +0000 (13:50 -0000)]
implemented updown script to handle firewalling

15 years agoadd priority management for kernel policy
Martin Willi [Fri, 8 Sep 2006 13:10:52 +0000 (13:10 -0000)]
add priority management for kernel policy
let ROUTED policies installed, until manuall removed
introduced new naming scheme to allow proper shutdown of IKE/CHILD_SAs
ike_sa_manager cleanups

15 years agoimplemented handling of dpdaction and dpddelay ipsec.conf parameters
Martin Willi [Fri, 8 Sep 2006 06:12:02 +0000 (06:12 -0000)]
implemented handling of dpdaction and dpddelay ipsec.conf parameters

15 years agoreuse reqid when a ROUTED child_sa gets INSTALLED
Martin Willi [Tue, 5 Sep 2006 14:07:25 +0000 (14:07 -0000)]
reuse reqid when a ROUTED child_sa gets INSTALLED
fixed a bug in retransmission code
added support for the "keyingtries" ipsec.conf parameter
added support for the "dpddelay" ipsec.conf parameter
done some work for "dpdaction" behavior
some other cleanups and fixes

15 years agofixed a at-least-one-year-old bug which caused crashed in the scheduler
Martin Willi [Thu, 31 Aug 2006 06:48:10 +0000 (06:48 -0000)]
fixed a at-least-one-year-old bug which caused crashed in the scheduler

15 years agoadded raw socket filter for IPv6
Martin Willi [Thu, 31 Aug 2006 06:18:15 +0000 (06:18 -0000)]
added raw socket filter for IPv6

15 years agoimplemented NAT detection for IPv6
Martin Willi [Thu, 31 Aug 2006 06:17:41 +0000 (06:17 -0000)]
implemented NAT detection for IPv6

15 years agoremoved unneeded constructor
Martin Willi [Thu, 31 Aug 2006 06:16:52 +0000 (06:16 -0000)]
removed unneeded constructor

15 years agoinitial support for IPv6 (more testing needed)
Martin Willi [Wed, 30 Aug 2006 17:12:56 +0000 (17:12 -0000)]
initial support for IPv6 (more testing needed)
  socket works (without v6 filter)
  traffic selector handle IPv4/v4 cleanly
    improvements in traffic selector code
  kernel interface accepts v6 traffic selectors and hosts
  host_t class has full IPv6 support

15 years agoadded stddef.h include for compilers which do not support the offsetof() directive
Martin Willi [Mon, 28 Aug 2006 09:02:51 +0000 (09:02 -0000)]
added stddef.h include for compilers which do not support the offsetof() directive

15 years agomoved interface enumeration code to socket, where it belongs
Martin Willi [Mon, 28 Aug 2006 08:45:22 +0000 (08:45 -0000)]
moved interface enumeration code to socket, where it belongs
query interfaces every time we need it to respect changes in network config
added address listing on startup and "ipsec statusall"

15 years agoversion bump of UML kernel to 2.6.17.11
Andreas Steffen [Fri, 25 Aug 2006 09:25:12 +0000 (09:25 -0000)]
version bump of UML kernel to 2.6.17.11