strongswan.git
13 years agoadded multi-level-ca-ldap scenario
Andreas Steffen [Fri, 18 May 2007 12:23:31 +0000 (12:23 -0000)]
added multi-level-ca-ldap scenario

13 years agoadded multi-level-ca scenario
Andreas Steffen [Fri, 18 May 2007 12:23:10 +0000 (12:23 -0000)]
added multi-level-ca scenario

13 years agoca-based policy now requires rightca=%any in the two-certs scenario
Andreas Steffen [Fri, 18 May 2007 10:53:58 +0000 (10:53 -0000)]
ca-based policy now requires rightca=%any in the two-certs scenario

13 years agoadd is_ca() method
Andreas Steffen [Fri, 18 May 2007 10:16:10 +0000 (10:16 -0000)]
add is_ca() method

13 years agoadded set_ca_info() and get_ca_info() methods
Andreas Steffen [Fri, 18 May 2007 10:15:23 +0000 (10:15 -0000)]
added set_ca_info() and get_ca_info() methods

13 years agooutput of eap_type_names requires %N format
Andreas Steffen [Fri, 18 May 2007 10:14:01 +0000 (10:14 -0000)]
output of eap_type_names requires %N format

13 years agoadded set_other_ca() and get_other_ca()
Andreas Steffen [Thu, 17 May 2007 17:55:29 +0000 (17:55 -0000)]
added set_other_ca() and get_other_ca()

13 years agoadded set_other_ca() and get_other_ca()
Andreas Steffen [Thu, 17 May 2007 17:55:02 +0000 (17:55 -0000)]
added set_other_ca() and get_other_ca()

13 years agoexport MAX_CA_PATH_LEN
Andreas Steffen [Thu, 17 May 2007 17:19:09 +0000 (17:19 -0000)]
export MAX_CA_PATH_LEN

13 years agocheck self-signedness of certificate at creation time
Andreas Steffen [Thu, 17 May 2007 17:18:38 +0000 (17:18 -0000)]
check self-signedness of certificate at creation time

13 years agoremoved route_job, handled all in interface_manager
Martin Willi [Wed, 16 May 2007 08:49:10 +0000 (08:49 -0000)]
removed route_job, handled all in interface_manager

13 years agorouting/unrouting through interface
Martin Willi [Wed, 16 May 2007 08:32:15 +0000 (08:32 -0000)]
routing/unrouting through interface

13 years agoremoved dead folder
Martin Willi [Wed, 16 May 2007 06:42:52 +0000 (06:42 -0000)]
removed dead folder

13 years agohierarchical display of tests
Andreas Steffen [Tue, 15 May 2007 20:30:21 +0000 (20:30 -0000)]
hierarchical display of tests

13 years agomultiple peer certificate support
Andreas Steffen [Tue, 15 May 2007 19:07:38 +0000 (19:07 -0000)]
multiple peer certificate support

13 years agoremoved reference to radij.c code
Andreas Steffen [Tue, 15 May 2007 19:06:05 +0000 (19:06 -0000)]
removed reference to radij.c code

13 years agoauthentication failure is handled in ike_auth.c
Andreas Steffen [Tue, 15 May 2007 19:05:26 +0000 (19:05 -0000)]
authentication failure is handled in ike_auth.c

13 years agocosmetics
Andreas Steffen [Tue, 15 May 2007 19:04:15 +0000 (19:04 -0000)]
cosmetics

13 years agocosmetics
Andreas Steffen [Tue, 15 May 2007 19:03:23 +0000 (19:03 -0000)]
cosmetics

13 years agoadded two-certs scenario
Andreas Steffen [Tue, 15 May 2007 15:54:06 +0000 (15:54 -0000)]
added two-certs scenario

13 years agoadapted authentication failure text to those in the authenticators
Andreas Steffen [Tue, 15 May 2007 14:52:44 +0000 (14:52 -0000)]
adapted authentication failure text to those in the authenticators

13 years agoverification of locally loaded peer certificates
Andreas Steffen [Tue, 15 May 2007 14:51:04 +0000 (14:51 -0000)]
verification of locally loaded peer certificates

13 years agosupport of multiple certificates with same peer id
Andreas Steffen [Tue, 15 May 2007 12:46:05 +0000 (12:46 -0000)]
support of multiple certificates with same peer id

13 years agocosmetics
Andreas Steffen [Tue, 15 May 2007 12:45:19 +0000 (12:45 -0000)]
cosmetics

13 years agoworking dummy for NetworkManager DBUS interface
Martin Willi [Mon, 14 May 2007 13:22:04 +0000 (13:22 -0000)]
working dummy for NetworkManager DBUS interface
  more a tech demo

13 years agoversion bump to 4.1.3
Andreas Steffen [Thu, 10 May 2007 12:40:09 +0000 (12:40 -0000)]
version bump to 4.1.3

13 years agosimplified capability dropping
Martin Willi [Wed, 9 May 2007 13:12:06 +0000 (13:12 -0000)]
simplified capability dropping

13 years agoproperly implemented interface_managers initiate, terminte_[ike|child]
Martin Willi [Wed, 9 May 2007 12:33:08 +0000 (12:33 -0000)]
properly implemented interface_managers initiate, terminte_[ike|child]
proper thread release when stroke is CTRL+C'ed
fixed some permission issues

13 years agoproperly ignoring signals rised by a thread which is in listening state
Martin Willi [Tue, 8 May 2007 12:58:33 +0000 (12:58 -0000)]
properly ignoring signals rised by a thread which is in listening state

13 years agochanging UID/GID after startup of pluto/charon
Martin Willi [Mon, 7 May 2007 12:38:46 +0000 (12:38 -0000)]
changing UID/GID after startup of pluto/charon
added --with-uid/--with-gid configure option

13 years agoextended interface_manager (more work needed here)
Martin Willi [Thu, 3 May 2007 14:22:52 +0000 (14:22 -0000)]
extended interface_manager (more work needed here)

13 years agoallow to have listening state TRUE while sending singal ourself
Martin Willi [Thu, 3 May 2007 14:22:15 +0000 (14:22 -0000)]
allow to have listening state TRUE while sending singal ourself

13 years agoreducing capabilities of the threads to a minimum
Martin Willi [Thu, 3 May 2007 14:21:22 +0000 (14:21 -0000)]
reducing capabilities of the threads to a minimum
proper flush of pending packets on daemon shutdown
adding local address as gateway address in dynamic route

13 years agosetting MALLOC_CHECK_=0 for charon to not use glibc's malloc checker
Martin Willi [Wed, 2 May 2007 09:59:47 +0000 (09:59 -0000)]
setting MALLOC_CHECK_=0 for charon to not use glibc's malloc checker

13 years agoadded more API documentation to backends/interfaces
Martin Willi [Mon, 30 Apr 2007 10:23:01 +0000 (10:23 -0000)]
added more API documentation to backends/interfaces

13 years agoadded udp.h 4.1.2
Andreas Steffen [Sun, 29 Apr 2007 19:48:54 +0000 (19:48 -0000)]
added udp.h

13 years agofixed include
Andreas Steffen [Sun, 29 Apr 2007 19:31:27 +0000 (19:31 -0000)]
fixed include

13 years agolocal include of pfkeyv2.h and netlink.h
Andreas Steffen [Sun, 29 Apr 2007 19:23:56 +0000 (19:23 -0000)]
local include of pfkeyv2.h and netlink.h

13 years agoreverted to original header files
Andreas Steffen [Sun, 29 Apr 2007 18:19:02 +0000 (18:19 -0000)]
reverted to original header files

13 years agoactually not needed
Andreas Steffen [Sat, 28 Apr 2007 21:32:57 +0000 (21:32 -0000)]
actually not needed

13 years agoactually not needed
Andreas Steffen [Sat, 28 Apr 2007 21:28:19 +0000 (21:28 -0000)]
actually not needed

13 years agoactually not needed
Andreas Steffen [Sat, 28 Apr 2007 21:28:08 +0000 (21:28 -0000)]
actually not needed

13 years agoadded compiler.h filter.h in.h and udp.h to src/include/linux/
Andreas Steffen [Sat, 28 Apr 2007 21:18:56 +0000 (21:18 -0000)]
added compiler.h filter.h in.h and udp.h to src/include/linux/

13 years agoadded netlink.h and rtnetlink.h to src/include/linux
Andreas Steffen [Sat, 28 Apr 2007 20:35:23 +0000 (20:35 -0000)]
added netlink.h and rtnetlink.h to src/include/linux

13 years agomoved linux26/rtnetlink.h and linux26/netlink.h to src/include/linux
Andreas Steffen [Sat, 28 Apr 2007 20:35:06 +0000 (20:35 -0000)]
moved linux26/rtnetlink.h and linux26/netlink.h to src/include/linux

13 years agoadded netlink.h and rtnetlink.h to src/include/linux
Andreas Steffen [Sat, 28 Apr 2007 20:33:19 +0000 (20:33 -0000)]
added netlink.h and rtnetlink.h to src/include/linux

13 years agomoved linux26/rtnetlink.h and linux26/netlink.h to src/include/linux
Andreas Steffen [Sat, 28 Apr 2007 20:31:40 +0000 (20:31 -0000)]
moved linux26/rtnetlink.h and linux26/netlink.h to src/include/linux

13 years agoadded esp-alg-aesxcbc scenario
Andreas Steffen [Sat, 28 Apr 2007 20:01:06 +0000 (20:01 -0000)]
added esp-alg-aesxcbc scenario

13 years agofixed evaltest.dat
Andreas Steffen [Sat, 28 Apr 2007 20:00:39 +0000 (20:00 -0000)]
fixed evaltest.dat

13 years agocrlNumber is now listed by ipsec listcrls
Andreas Steffen [Fri, 27 Apr 2007 22:45:24 +0000 (22:45 -0000)]
crlNumber is now listed by ipsec listcrls

13 years agolist crlnumber
Andreas Steffen [Fri, 27 Apr 2007 22:36:29 +0000 (22:36 -0000)]
list crlnumber

13 years agolist crlnumber
Andreas Steffen [Fri, 27 Apr 2007 22:27:22 +0000 (22:27 -0000)]
list crlnumber

13 years agoadded crlNumber OID
Andreas Steffen [Fri, 27 Apr 2007 22:04:08 +0000 (22:04 -0000)]
added crlNumber OID

13 years agoadded crlNumber OID
Andreas Steffen [Fri, 27 Apr 2007 22:03:46 +0000 (22:03 -0000)]
added crlNumber OID

13 years agogenerated new winnetou certificate
Andreas Steffen [Fri, 27 Apr 2007 21:41:27 +0000 (21:41 -0000)]
generated new winnetou certificate

13 years agoadded crlnumber
Andreas Steffen [Fri, 27 Apr 2007 21:41:07 +0000 (21:41 -0000)]
added crlnumber

13 years agoadded interface.h
Andreas Steffen [Fri, 27 Apr 2007 21:29:31 +0000 (21:29 -0000)]
added interface.h

13 years agofixed casting
Andreas Steffen [Fri, 27 Apr 2007 21:28:54 +0000 (21:28 -0000)]
fixed casting

13 years agoadded writeable_backend.h
Andreas Steffen [Fri, 27 Apr 2007 20:58:45 +0000 (20:58 -0000)]
added writeable_backend.h

13 years agofixed typo
Andreas Steffen [Fri, 27 Apr 2007 18:13:57 +0000 (18:13 -0000)]
fixed typo

13 years agoremoved dependencies from /usr/include/linux headers
Andreas Steffen [Fri, 27 Apr 2007 17:33:42 +0000 (17:33 -0000)]
removed dependencies from /usr/include/linux headers

13 years agocosmetics
Andreas Steffen [Fri, 27 Apr 2007 17:31:50 +0000 (17:31 -0000)]
cosmetics

13 years agoremoved dependencies on linux/types.h
Andreas Steffen [Fri, 27 Apr 2007 17:24:20 +0000 (17:24 -0000)]
removed dependencies on linux/types.h

13 years agorestructuring of configuration backends
Martin Willi [Fri, 27 Apr 2007 14:25:08 +0000 (14:25 -0000)]
restructuring of configuration backends
added propotypes of new control interfaces (xml & dbus)
introduced loadable:
  configuration backends
  control interfaces
using pluggable modules as in EAP

13 years agoremoved eap sim config
Martin Willi [Fri, 27 Apr 2007 14:11:18 +0000 (14:11 -0000)]
removed eap sim config

13 years agoforcing proper autoload of af_key kernel module in charon
Martin Willi [Fri, 27 Apr 2007 07:43:42 +0000 (07:43 -0000)]
forcing proper autoload of af_key kernel module in charon

13 years agoupdated news
Martin Willi [Thu, 26 Apr 2007 07:58:50 +0000 (07:58 -0000)]
updated news

13 years agoupdated NEWS
Martin Willi [Thu, 26 Apr 2007 06:33:03 +0000 (06:33 -0000)]
updated NEWS

13 years agoxauth_modules.verify_secret() function now passes the connection name
Andreas Steffen [Wed, 25 Apr 2007 07:51:04 +0000 (07:51 -0000)]
xauth_modules.verify_secret() function now passes the connection name

13 years agoadded conn_name to xauth_module.verify_secret() function call
Andreas Steffen [Wed, 25 Apr 2007 07:00:16 +0000 (07:00 -0000)]
added conn_name to xauth_module.verify_secret() function call

13 years agoproperly checking received IDr as initiator
Martin Willi [Wed, 25 Apr 2007 06:06:13 +0000 (06:06 -0000)]
properly checking received IDr as initiator

13 years agoadded support for AES-XCBC in kernel using e.g. esp=aes128-aesxcbc (>=linux-2.6.20)
Martin Willi [Mon, 23 Apr 2007 13:00:20 +0000 (13:00 -0000)]
added support for AES-XCBC in kernel using e.g. esp=aes128-aesxcbc (>=linux-2.6.20)

13 years agofixed CHILD_SA proposal selection when not using DH exchange
Martin Willi [Mon, 23 Apr 2007 12:59:10 +0000 (12:59 -0000)]
fixed CHILD_SA proposal selection when not using DH exchange

13 years agofixed keyingtries
Martin Willi [Mon, 23 Apr 2007 12:19:23 +0000 (12:19 -0000)]
fixed keyingtries

13 years agogenerated certs for ocsp-strict-ifuri scenario
Andreas Steffen [Fri, 20 Apr 2007 14:54:10 +0000 (14:54 -0000)]
generated certs for ocsp-strict-ifuri scenario

13 years agogenerated certs for ocsp-strict-ifuri scenario
Andreas Steffen [Fri, 20 Apr 2007 14:52:32 +0000 (14:52 -0000)]
generated certs for ocsp-strict-ifuri scenario

13 years agofixed test scenarios
Andreas Steffen [Fri, 20 Apr 2007 14:51:39 +0000 (14:51 -0000)]
fixed test scenarios

13 years agoocsp-strict-ifuri added
Andreas Steffen [Fri, 20 Apr 2007 14:50:42 +0000 (14:50 -0000)]
ocsp-strict-ifuri added

13 years agoocsp-no-signer-cert added
Andreas Steffen [Fri, 20 Apr 2007 14:49:50 +0000 (14:49 -0000)]
ocsp-no-signer-cert added

13 years agoinitialize isCA to FALSE
Andreas Steffen [Fri, 20 Apr 2007 14:36:55 +0000 (14:36 -0000)]
initialize isCA to FALSE

13 years agoisOcspSigner was not initialized
Andreas Steffen [Fri, 20 Apr 2007 12:38:35 +0000 (12:38 -0000)]
isOcspSigner was not initialized

13 years agowrong delimiters in ipsec.in
Andreas Steffen [Fri, 20 Apr 2007 12:23:03 +0000 (12:23 -0000)]
wrong delimiters in ipsec.in

13 years agoimplementation of strictcrlpolicy=ifuri
Andreas Steffen [Fri, 20 Apr 2007 11:12:08 +0000 (11:12 -0000)]
implementation of strictcrlpolicy=ifuri

13 years agoremoved linux26/xfrm.h
Andreas Steffen [Thu, 19 Apr 2007 15:02:55 +0000 (15:02 -0000)]
removed linux26/xfrm.h

13 years agounshare argument buffers
Andreas Steffen [Thu, 19 Apr 2007 14:26:11 +0000 (14:26 -0000)]
unshare argument buffers

13 years agoupdated man page: proposals using PFS
Martin Willi [Thu, 19 Apr 2007 14:22:53 +0000 (14:22 -0000)]
updated man page: proposals using PFS

13 years agokernel_netlink.c now includes src/include/linux/xfrm.h
Andreas Steffen [Thu, 19 Apr 2007 14:15:00 +0000 (14:15 -0000)]
kernel_netlink.c now includes src/include/linux/xfrm.h

13 years agoupdated TODO
Martin Willi [Thu, 19 Apr 2007 14:14:01 +0000 (14:14 -0000)]
updated TODO

13 years agoadded support for EAP methods not establishing an MSK
Martin Willi [Thu, 19 Apr 2007 12:37:48 +0000 (12:37 -0000)]
added support for EAP methods not establishing an MSK

13 years agoadded most problematic linux headers to distribution
Martin Willi [Thu, 19 Apr 2007 08:59:36 +0000 (08:59 -0000)]
added most problematic linux headers to distribution
  other/real linux header may be selected using --with-linux-headers=dir

13 years agoadded PDF support for CHILD_SAs
Martin Willi [Thu, 19 Apr 2007 08:02:19 +0000 (08:02 -0000)]
added PDF support for CHILD_SAs
support for INVALID_KE_PAYLOAD negotiation for rekeying

13 years agofixed memleak in IKE_SA manager
Martin Willi [Thu, 19 Apr 2007 07:04:35 +0000 (07:04 -0000)]
fixed memleak in IKE_SA manager

13 years agomoved initiate() code to the generic controller_t class
Martin Willi [Mon, 16 Apr 2007 12:52:49 +0000 (12:52 -0000)]
moved initiate() code to the generic controller_t class

13 years agocloning %any ID without zero-byte memleak
Martin Willi [Mon, 16 Apr 2007 08:37:52 +0000 (08:37 -0000)]
cloning %any ID without zero-byte memleak

13 years agoremoved version numbers in autogen
Martin Willi [Mon, 16 Apr 2007 08:34:22 +0000 (08:34 -0000)]
removed version numbers in autogen

13 years agoadded listaacerts, listacerts, listgroups, rereadaacerts, and rereadacerts keywords
Andreas Steffen [Sat, 14 Apr 2007 18:09:44 +0000 (18:09 -0000)]
added listaacerts, listacerts, listgroups, rereadaacerts, and rereadacerts keywords

13 years agofixed destroy() bug
Andreas Steffen [Sat, 14 Apr 2007 17:34:41 +0000 (17:34 -0000)]
fixed destroy() bug

13 years agoexported parse_generalNames()
Andreas Steffen [Sat, 14 Apr 2007 17:34:18 +0000 (17:34 -0000)]
exported parse_generalNames()

13 years agoadded listaacerts, listacerts, listgroups, rereadaacerts, and rereadacerts keywords
Andreas Steffen [Sat, 14 Apr 2007 17:33:29 +0000 (17:33 -0000)]
added listaacerts, listacerts, listgroups, rereadaacerts, and rereadacerts keywords

13 years agoadded listaacerts, listacerts, listgroups, rereadaacerts, and rereadacerts keywords
Andreas Steffen [Sat, 14 Apr 2007 17:33:02 +0000 (17:33 -0000)]
added listaacerts, listacerts, listgroups, rereadaacerts, and rereadacerts keywords