strongswan.git
9 years agoFinalized State class implementations for Attestation IMV/C
Sansar Choinyambuu [Wed, 17 Aug 2011 14:36:11 +0000 (16:36 +0200)]
Finalized State class implementations for Attestation IMV/C

9 years agoCorrected typo
Sansar Choinyambuu [Wed, 17 Aug 2011 14:35:35 +0000 (16:35 +0200)]
Corrected typo

9 years agoModified the handling switch for Attributes reception on Attestation IMV/C
Sansar Choinyambuu [Fri, 12 Aug 2011 12:46:28 +0000 (14:46 +0200)]
Modified the handling switch for Attributes reception on Attestation IMV/C

9 years agoImplemented TCG PTS File Measurement attribute
Sansar Choinyambuu [Fri, 12 Aug 2011 12:09:33 +0000 (14:09 +0200)]
Implemented TCG PTS File Measurement attribute

9 years agoCorrected wrong parameter name
Sansar Choinyambuu [Fri, 12 Aug 2011 12:08:47 +0000 (14:08 +0200)]
Corrected wrong parameter name

9 years agoImplemented TCG PTS Simple Evidence Final and Request File Measurement attributes
Sansar Choinyambuu [Fri, 12 Aug 2011 08:56:02 +0000 (10:56 +0200)]
Implemented TCG PTS Simple Evidence Final and Request File Measurement attributes

9 years agoImplemented TCG PTS Simple Evidence Final and Request File Measurement attributes
Sansar Choinyambuu [Fri, 12 Aug 2011 08:54:58 +0000 (10:54 +0200)]
Implemented TCG PTS Simple Evidence Final and Request File Measurement attributes

9 years agoChanged the type of hash algorithm to the enum variable
Sansar Choinyambuu [Fri, 12 Aug 2011 08:54:01 +0000 (10:54 +0200)]
Changed the type of hash algorithm to the enum variable
Replaced the values of flag enum variables

9 years agoImplemented TCG PTS Simple Component Evidence Attribute
Sansar Choinyambuu [Wed, 10 Aug 2011 14:44:12 +0000 (16:44 +0200)]
Implemented TCG PTS Simple Component Evidence Attribute

9 years agoUse chunk_t.len instead of sizeof function
Sansar Choinyambuu [Wed, 10 Aug 2011 14:42:57 +0000 (16:42 +0200)]
Use chunk_t.len instead of sizeof function
Bit 0 for the flag fields is the most significant field

9 years agoChanged the type of name field to corresponding enum type
Sansar Choinyambuu [Wed, 10 Aug 2011 08:36:42 +0000 (10:36 +0200)]
Changed the type of name field to corresponding enum type

9 years agoFinalized the implementation of TCG PTS Request Functional Component Evidence Attribute
Sansar Choinyambuu [Wed, 10 Aug 2011 08:25:53 +0000 (10:25 +0200)]
Finalized the implementation of TCG PTS Request Functional Component Evidence Attribute

9 years agoImplemented TCG PTS Generate Attestation Evidence attribute
Sansar Choinyambuu [Mon, 8 Aug 2011 14:49:43 +0000 (16:49 +0200)]
Implemented TCG PTS Generate Attestation Evidence attribute
Added two new Attributes to sources in Makefile

9 years agoDraft version of TCG PTS Request Function Component Evidence Attribute
Sansar Choinyambuu [Mon, 8 Aug 2011 14:42:13 +0000 (16:42 +0200)]
Draft version of TCG PTS Request Function Component Evidence Attribute

9 years agoCommented compiler options Wall Werror for Makefile
Sansar Choinyambuu [Mon, 8 Aug 2011 14:40:59 +0000 (16:40 +0200)]
Commented compiler options Wall Werror for Makefile
Corrected bit 0 for AIK flags to be least significant bit

9 years agoDebugged TCG PTS attributes implementations
Sansar Choinyambuu [Mon, 8 Aug 2011 11:34:13 +0000 (13:34 +0200)]
Debugged TCG PTS attributes implementations

9 years agoChanges according to the new PTS Attributes addition
Sansar Choinyambuu [Fri, 5 Aug 2011 15:46:30 +0000 (17:46 +0200)]
Changes according to the new PTS Attributes addition

9 years agoImplemented TCG PTS Attributes
Sansar Choinyambuu [Fri, 5 Aug 2011 15:42:16 +0000 (17:42 +0200)]
Implemented TCG PTS Attributes

9 years agochanged DBG_IMC to DBG_IMV
Andreas Steffen [Wed, 3 Aug 2011 08:40:36 +0000 (10:40 +0200)]
changed DBG_IMC to DBG_IMV

9 years agoadded support of INVALID_PARAMETER PA-Error
Andreas Steffen [Wed, 3 Aug 2011 08:38:44 +0000 (10:38 +0200)]
added support of INVALID_PARAMETER PA-Error

9 years agoIMC/IMV directory change to imcvs
Andreas Steffen [Wed, 3 Aug 2011 08:37:37 +0000 (10:37 +0200)]
IMC/IMV directory change to imcvs

9 years agoremoved conflicts
Andreas Steffen [Wed, 3 Aug 2011 08:35:58 +0000 (10:35 +0200)]
removed conflicts

9 years agoadded missing endif in Makefile
Andreas Steffen [Wed, 3 Aug 2011 08:35:20 +0000 (10:35 +0200)]
added missing endif in Makefile

9 years agocorrected typo
Andreas Steffen [Fri, 24 Jun 2011 15:48:01 +0000 (17:48 +0200)]
corrected typo

9 years agoparameters of change_state() method changed
Andreas Steffen [Fri, 24 Jun 2011 15:47:41 +0000 (17:47 +0200)]
parameters of change_state() method changed

9 years agoAttestation IMC/IMV pair uses TCG_PTS subtype
Andreas Steffen [Fri, 24 Jun 2011 15:41:58 +0000 (17:41 +0200)]
Attestation IMC/IMV pair uses TCG_PTS subtype

9 years agochanged copyright to Sansar
Andreas Steffen [Tue, 21 Jun 2011 07:35:56 +0000 (09:35 +0200)]
changed copyright to Sansar

9 years agoprepare automatic parsing of TCG PTS attributes
Andreas Steffen [Mon, 20 Jun 2011 14:52:31 +0000 (16:52 +0200)]
prepare automatic parsing of TCG PTS attributes

9 years agocreated empty imc_attestation and imv_attestation plugin hulls
Andreas Steffen [Mon, 20 Jun 2011 14:30:23 +0000 (16:30 +0200)]
created empty imc_attestation and imv_attestation plugin hulls

9 years agoNetworkManager-strongSwan Debian release 1.3.0
Martin Willi [Wed, 7 Sep 2011 13:39:36 +0000 (15:39 +0200)]
NetworkManager-strongSwan Debian release 1.3.0

9 years agoFixed compiler warnings in openssl plugin
Martin Willi [Wed, 7 Sep 2011 12:23:27 +0000 (14:23 +0200)]
Fixed compiler warnings in openssl plugin

9 years agoMigrated NM frontend plugin to NetworkManager 0.9
Martin Willi [Mon, 5 Sep 2011 15:12:04 +0000 (17:12 +0200)]
Migrated NM frontend plugin to NetworkManager 0.9

Use GtkBuilder, drop gconf dependency.

9 years agoRemove obsolete values from builder_part_names
Thomas Egerer [Thu, 1 Sep 2011 12:18:24 +0000 (14:18 +0200)]
Remove obsolete values from builder_part_names

Adds removal of builder parts obsoleted with git commit
15177f5785bcec6700f2a1a698cd8392c9bba5e9.

9 years agoSupport resolution of "allow_any" DNS names in charon (%hostname)
Martin Willi [Fri, 2 Sep 2011 11:42:45 +0000 (13:42 +0200)]
Support resolution of "allow_any" DNS names in charon (%hostname)

9 years agoCheck if ClearSilver actually requires zlib
Martin Willi [Thu, 1 Sep 2011 11:23:37 +0000 (13:23 +0200)]
Check if ClearSilver actually requires zlib

9 years agoadded tnc-ifmap.ssl_passphrase to strongswan.conf
Andreas Steffen [Fri, 2 Sep 2011 04:38:39 +0000 (06:38 +0200)]
added tnc-ifmap.ssl_passphrase to strongswan.conf

9 years agoRenamed 'use' database column as that is a keyword in MySQL.
Tobias Brunner [Thu, 1 Sep 2011 07:57:03 +0000 (09:57 +0200)]
Renamed 'use' database column as that is a keyword in MySQL.

Reported by Stefan Tomas.

9 years agoProperly remove listener when listen() times out
Martin Willi [Wed, 31 Aug 2011 14:42:02 +0000 (16:42 +0200)]
Properly remove listener when listen() times out

9 years agostarter passes unresolved DNS names to charon
Martin Willi [Mon, 29 Aug 2011 07:58:18 +0000 (09:58 +0200)]
starter passes unresolved DNS names to charon

Based on an initial patch by Mirko Parthey.

9 years agoFix file descriptor leak
Thomas Jarosch [Fri, 26 Aug 2011 18:57:10 +0000 (20:57 +0200)]
Fix file descriptor leak

Credit goes to "cppcheck".

Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
9 years agoRemove redundant assignment
Thomas Jarosch [Fri, 26 Aug 2011 18:56:38 +0000 (20:56 +0200)]
Remove redundant assignment

Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
9 years agoFix file descriptor leak on error
Thomas Jarosch [Fri, 26 Aug 2011 18:55:55 +0000 (20:55 +0200)]
Fix file descriptor leak on error

Credit goes to cppcheck.

Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
9 years agobus->listen() and the controller wrappers accept a timeout to wait for callbacks
Martin Willi [Fri, 26 Aug 2011 08:42:42 +0000 (10:42 +0200)]
bus->listen() and the controller wrappers accept a timeout to wait for callbacks

9 years agosupport optional SSL passphrase for Axis2/C connection
Andreas Steffen [Wed, 24 Aug 2011 19:27:34 +0000 (21:27 +0200)]
support optional SSL passphrase for Axis2/C connection

9 years agoRegister manager of pkcs11 plugin as library object
Martin Willi [Wed, 24 Aug 2011 13:45:59 +0000 (15:45 +0200)]
Register manager of pkcs11 plugin as library object

9 years agolog entry for outbound hash-and-url
Andreas Steffen [Wed, 24 Aug 2011 04:05:27 +0000 (06:05 +0200)]
log entry for outbound hash-and-url

9 years agoauto-detect OS name
Riaan Kruger [Tue, 23 Aug 2011 05:54:15 +0000 (07:54 +0200)]
auto-detect OS name

9 years agoAdded a certexpire empty_string option
Martin Willi [Fri, 19 Aug 2011 07:12:54 +0000 (09:12 +0200)]
Added a certexpire empty_string option

9 years agoImplemented CSV export functionality in certexpire plugin
Martin Willi [Fri, 5 Aug 2011 09:31:33 +0000 (11:31 +0200)]
Implemented CSV export functionality in certexpire plugin

9 years agoAdded generic cron style callback execution to certexpire plugin
Martin Willi [Thu, 4 Aug 2011 15:31:54 +0000 (17:31 +0200)]
Added generic cron style callback execution to certexpire plugin

9 years agoCache trustchain lifetimes for export
Martin Willi [Thu, 4 Aug 2011 13:09:55 +0000 (15:09 +0200)]
Cache trustchain lifetimes for export

9 years agoRegister a certexpire listener collecting trustchain information
Martin Willi [Thu, 4 Aug 2011 09:52:57 +0000 (11:52 +0200)]
Register a certexpire listener collecting trustchain information

9 years agoAdded missing auth_rule_names
Martin Willi [Thu, 4 Aug 2011 08:29:23 +0000 (10:29 +0200)]
Added missing auth_rule_names

9 years agoMoved auth_rule_names back to auth_cfg.c
Martin Willi [Thu, 4 Aug 2011 08:27:05 +0000 (10:27 +0200)]
Moved auth_rule_names back to auth_cfg.c

9 years agoAdded plugin stub of certexpire plugin
Martin Willi [Wed, 3 Aug 2011 13:16:41 +0000 (15:16 +0200)]
Added plugin stub of certexpire plugin

9 years agoDon't rekey but delete CHILD_SA to resying against NATed Windows clients
Martin Willi [Wed, 10 Aug 2011 14:59:13 +0000 (16:59 +0200)]
Don't rekey but delete CHILD_SA to resying against NATed Windows clients

9 years agoSync newer IKE_SA condition/extension flags in ha plugin
Martin Willi [Wed, 10 Aug 2011 14:58:46 +0000 (16:58 +0200)]
Sync newer IKE_SA condition/extension flags in ha plugin

9 years agoTry to detect Windows Clients by looking for INTERNAL_IP4/6_SERVER attribute
Martin Willi [Wed, 10 Aug 2011 14:57:59 +0000 (16:57 +0200)]
Try to detect Windows Clients by looking for INTERNAL_IP4/6_SERVER attribute

9 years agoshortened XAUTH and UNITY attribute short names
Andreas Steffen [Tue, 16 Aug 2011 21:37:09 +0000 (23:37 +0200)]
shortened XAUTH and UNITY attribute short names

9 years agofix double delete of old IKE_SA during reauthentication
Andreas Steffen [Tue, 16 Aug 2011 21:25:45 +0000 (23:25 +0200)]
fix double delete of old IKE_SA during reauthentication

9 years agoincreased message buffer to cope with NCP's innumerable UNITY Configuration Payloads
Andreas Steffen [Tue, 16 Aug 2011 21:22:20 +0000 (23:22 +0200)]
increased message buffer to cope with NCP's innumerable UNITY Configuration Payloads

9 years agosome more typos
Andreas Steffen [Mon, 15 Aug 2011 19:38:23 +0000 (21:38 +0200)]
some more typos

9 years agotypos: initator->initiator, authenticaion->authentication.
Tobias Brunner [Mon, 15 Aug 2011 14:31:04 +0000 (16:31 +0200)]
typos: initator->initiator, authenticaion->authentication.

9 years agopluto: Some whitespace cleanup.
Tobias Brunner [Fri, 12 Aug 2011 08:39:54 +0000 (10:39 +0200)]
pluto: Some whitespace cleanup.

9 years agoconverted libimcv into a dynamic library
Andreas Steffen [Sun, 14 Aug 2011 07:27:43 +0000 (09:27 +0200)]
converted libimcv into a dynamic library

9 years agoversion bump to 4.6.0dr3
Andreas Steffen [Sun, 14 Aug 2011 07:26:21 +0000 (09:26 +0200)]
version bump to 4.6.0dr3

9 years agoupdated strongswan.conf
Andreas Steffen [Fri, 12 Aug 2011 16:11:32 +0000 (18:11 +0200)]
updated strongswan.conf

9 years agoimplement MAP client certificate authentication
Andreas Steffen [Fri, 12 Aug 2011 13:16:05 +0000 (15:16 +0200)]
implement MAP client certificate authentication

9 years agocosmetics
Andreas Steffen [Fri, 12 Aug 2011 11:18:49 +0000 (13:18 +0200)]
cosmetics

9 years agoimplemented enforcement-report metadata
Andreas Steffen [Fri, 12 Aug 2011 11:16:02 +0000 (13:16 +0200)]
implemented enforcement-report metadata

9 years agouse EAP identity
Andreas Steffen [Fri, 12 Aug 2011 09:34:56 +0000 (11:34 +0200)]
use EAP identity

9 years agodefined mapping of IKEv2 identity types to IF-MAP identity types
Andreas Steffen [Fri, 12 Aug 2011 09:07:29 +0000 (11:07 +0200)]
defined mapping of IKEv2 identity types to IF-MAP identity types

9 years agoIf we close a duplicate SA, it is also no authentication failure.
Tobias Brunner [Fri, 12 Aug 2011 08:11:39 +0000 (10:11 +0200)]
If we close a duplicate SA, it is also no authentication failure.

9 years agoIf local authentication fails, it is not really a peer auth failure.
Tobias Brunner [Wed, 10 Aug 2011 15:42:30 +0000 (17:42 +0200)]
If local authentication fails, it is not really a peer auth failure.

9 years agoThrow an alert if authentication of the peer fails (not only for initiator).
Tobias Brunner [Wed, 10 Aug 2011 15:29:06 +0000 (17:29 +0200)]
Throw an alert if authentication of the peer fails (not only for initiator).

9 years agoThrow an alert when the peer address cannot be resolved during initiation.
Tobias Brunner [Wed, 10 Aug 2011 13:45:41 +0000 (15:45 +0200)]
Throw an alert when the peer address cannot be resolved during initiation.

9 years agoThrow an alert via bus_t when remote authentication fails.
Tobias Brunner [Wed, 10 Aug 2011 13:17:40 +0000 (15:17 +0200)]
Throw an alert via bus_t when remote authentication fails.

9 years agosupport capability metadata
Andreas Steffen [Thu, 11 Aug 2011 13:06:01 +0000 (15:06 +0200)]
support capability metadata

9 years agoVerify that executables are available and set (pluto|charon)start accordingly.
Tobias Brunner [Thu, 11 Aug 2011 11:38:05 +0000 (13:38 +0200)]
Verify that executables are available and set (pluto|charon)start accordingly.

Some distributions enable both daemons but then distribute the
executables in two separate packages.  If only one package is installed
but both daemons are enabled in ipsec.conf, starter will try to start
the non existing daemon over and over again, and will each time readd
the configs to the other daemon.

9 years agoversion bump to 4.6.0dr2
Andreas Steffen [Thu, 11 Aug 2011 05:56:42 +0000 (07:56 +0200)]
version bump to 4.6.0dr2

9 years agoadded tnc-ifmap attributes to manpage
Andreas Steffen [Wed, 10 Aug 2011 13:58:18 +0000 (15:58 +0200)]
added tnc-ifmap attributes to manpage

9 years agoversion bump to 4.6.0dr1
Andreas Steffen [Wed, 10 Aug 2011 07:28:31 +0000 (09:28 +0200)]
version bump to 4.6.0dr1

9 years agodefine server_cert in strongswan.conf
Andreas Steffen [Wed, 10 Aug 2011 04:13:21 +0000 (06:13 +0200)]
define server_cert in strongswan.conf

9 years agogetting rid of axis2.html configuration
Andreas Steffen [Tue, 9 Aug 2011 19:09:37 +0000 (21:09 +0200)]
getting rid of axis2.html configuration

9 years agooutput PEP device addresses as metadata
Andreas Steffen [Mon, 8 Aug 2011 18:13:32 +0000 (20:13 +0200)]
output PEP device addresses as metadata

9 years agoclassify an EAP identity as a username
Andreas Steffen [Mon, 8 Aug 2011 17:03:50 +0000 (19:03 +0200)]
classify an EAP identity as a username

9 years agorefactoring of tnc-ifmap plugin
Andreas Steffen [Mon, 8 Aug 2011 15:48:56 +0000 (17:48 +0200)]
refactoring of tnc-ifmap plugin

9 years agopublish all IKE_SA metadata after tnc-ifmap plugin reload
Andreas Steffen [Mon, 8 Aug 2011 07:49:35 +0000 (09:49 +0200)]
publish all IKE_SA metadata after tnc-ifmap plugin reload

9 years agoimplemented tnc-ifmap reload method
Andreas Steffen [Mon, 8 Aug 2011 06:48:18 +0000 (08:48 +0200)]
implemented tnc-ifmap reload method

9 years agomoved ifmap code into tnc_ifmap_soap
Andreas Steffen [Mon, 8 Aug 2011 06:29:43 +0000 (08:29 +0200)]
moved ifmap code into tnc_ifmap_soap

9 years agofree device_name in destroy()
Andreas Steffen [Sun, 7 Aug 2011 22:19:08 +0000 (00:19 +0200)]
free device_name in destroy()

9 years agoset device_name via strongswan.conf
Andreas Steffen [Sun, 7 Aug 2011 22:13:36 +0000 (00:13 +0200)]
set device_name via strongswan.conf

9 years agofixed delete filters
Andreas Steffen [Sun, 7 Aug 2011 21:41:05 +0000 (23:41 +0200)]
fixed delete filters

9 years agocheck for publishReceived response
Andreas Steffen [Sun, 7 Aug 2011 20:40:21 +0000 (22:40 +0200)]
check for publishReceived response

9 years agoadded authenticated-by metadata
Andreas Steffen [Sun, 7 Aug 2011 17:54:43 +0000 (19:54 +0200)]
added authenticated-by metadata

9 years agofirst working publish of metadata
Andreas Steffen [Sun, 7 Aug 2011 15:04:02 +0000 (17:04 +0200)]
first working publish of metadata

9 years agoadded some XML syntax checking
Andreas Steffen [Sat, 6 Aug 2011 22:21:15 +0000 (00:21 +0200)]
added some XML syntax checking

9 years agoimplemented purgePublisher command
Andreas Steffen [Sat, 6 Aug 2011 14:33:28 +0000 (16:33 +0200)]
implemented purgePublisher command

9 years agofixed typo
Andreas Steffen [Fri, 5 Aug 2011 23:02:40 +0000 (01:02 +0200)]
fixed typo

9 years agocombined newSession and newSessionResult
Andreas Steffen [Fri, 5 Aug 2011 22:50:29 +0000 (00:50 +0200)]
combined newSession and newSessionResult