strongswan.git
10 years agoDebugged TCG PTS attributes implementations
Sansar Choinyambuu [Mon, 8 Aug 2011 11:34:13 +0000 (13:34 +0200)]
Debugged TCG PTS attributes implementations

10 years agoChanges according to the new PTS Attributes addition
Sansar Choinyambuu [Fri, 5 Aug 2011 15:46:30 +0000 (17:46 +0200)]
Changes according to the new PTS Attributes addition

10 years agoImplemented TCG PTS Attributes
Sansar Choinyambuu [Fri, 5 Aug 2011 15:42:16 +0000 (17:42 +0200)]
Implemented TCG PTS Attributes

10 years agochanged DBG_IMC to DBG_IMV
Andreas Steffen [Wed, 3 Aug 2011 08:40:36 +0000 (10:40 +0200)]
changed DBG_IMC to DBG_IMV

10 years agoadded support of INVALID_PARAMETER PA-Error
Andreas Steffen [Wed, 3 Aug 2011 08:38:44 +0000 (10:38 +0200)]
added support of INVALID_PARAMETER PA-Error

10 years agoIMC/IMV directory change to imcvs
Andreas Steffen [Wed, 3 Aug 2011 08:37:37 +0000 (10:37 +0200)]
IMC/IMV directory change to imcvs

10 years agoremoved conflicts
Andreas Steffen [Wed, 3 Aug 2011 08:35:58 +0000 (10:35 +0200)]
removed conflicts

10 years agoadded missing endif in Makefile
Andreas Steffen [Wed, 3 Aug 2011 08:35:20 +0000 (10:35 +0200)]
added missing endif in Makefile

10 years agocorrected typo
Andreas Steffen [Fri, 24 Jun 2011 15:48:01 +0000 (17:48 +0200)]
corrected typo

10 years agoparameters of change_state() method changed
Andreas Steffen [Fri, 24 Jun 2011 15:47:41 +0000 (17:47 +0200)]
parameters of change_state() method changed

10 years agoAttestation IMC/IMV pair uses TCG_PTS subtype
Andreas Steffen [Fri, 24 Jun 2011 15:41:58 +0000 (17:41 +0200)]
Attestation IMC/IMV pair uses TCG_PTS subtype

10 years agochanged copyright to Sansar
Andreas Steffen [Tue, 21 Jun 2011 07:35:56 +0000 (09:35 +0200)]
changed copyright to Sansar

10 years agoprepare automatic parsing of TCG PTS attributes
Andreas Steffen [Mon, 20 Jun 2011 14:52:31 +0000 (16:52 +0200)]
prepare automatic parsing of TCG PTS attributes

10 years agocreated empty imc_attestation and imv_attestation plugin hulls
Andreas Steffen [Mon, 20 Jun 2011 14:30:23 +0000 (16:30 +0200)]
created empty imc_attestation and imv_attestation plugin hulls

10 years agoNetworkManager-strongSwan Debian release 1.3.0
Martin Willi [Wed, 7 Sep 2011 13:39:36 +0000 (15:39 +0200)]
NetworkManager-strongSwan Debian release 1.3.0

10 years agoFixed compiler warnings in openssl plugin
Martin Willi [Wed, 7 Sep 2011 12:23:27 +0000 (14:23 +0200)]
Fixed compiler warnings in openssl plugin

10 years agoMigrated NM frontend plugin to NetworkManager 0.9
Martin Willi [Mon, 5 Sep 2011 15:12:04 +0000 (17:12 +0200)]
Migrated NM frontend plugin to NetworkManager 0.9

Use GtkBuilder, drop gconf dependency.

10 years agoRemove obsolete values from builder_part_names
Thomas Egerer [Thu, 1 Sep 2011 12:18:24 +0000 (14:18 +0200)]
Remove obsolete values from builder_part_names

Adds removal of builder parts obsoleted with git commit
15177f5785bcec6700f2a1a698cd8392c9bba5e9.

10 years agoSupport resolution of "allow_any" DNS names in charon (%hostname)
Martin Willi [Fri, 2 Sep 2011 11:42:45 +0000 (13:42 +0200)]
Support resolution of "allow_any" DNS names in charon (%hostname)

10 years agoCheck if ClearSilver actually requires zlib
Martin Willi [Thu, 1 Sep 2011 11:23:37 +0000 (13:23 +0200)]
Check if ClearSilver actually requires zlib

10 years agoadded tnc-ifmap.ssl_passphrase to strongswan.conf
Andreas Steffen [Fri, 2 Sep 2011 04:38:39 +0000 (06:38 +0200)]
added tnc-ifmap.ssl_passphrase to strongswan.conf

10 years agoRenamed 'use' database column as that is a keyword in MySQL.
Tobias Brunner [Thu, 1 Sep 2011 07:57:03 +0000 (09:57 +0200)]
Renamed 'use' database column as that is a keyword in MySQL.

Reported by Stefan Tomas.

10 years agoProperly remove listener when listen() times out
Martin Willi [Wed, 31 Aug 2011 14:42:02 +0000 (16:42 +0200)]
Properly remove listener when listen() times out

10 years agostarter passes unresolved DNS names to charon
Martin Willi [Mon, 29 Aug 2011 07:58:18 +0000 (09:58 +0200)]
starter passes unresolved DNS names to charon

Based on an initial patch by Mirko Parthey.

10 years agoFix file descriptor leak
Thomas Jarosch [Fri, 26 Aug 2011 18:57:10 +0000 (20:57 +0200)]
Fix file descriptor leak

Credit goes to "cppcheck".

Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
10 years agoRemove redundant assignment
Thomas Jarosch [Fri, 26 Aug 2011 18:56:38 +0000 (20:56 +0200)]
Remove redundant assignment

Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
10 years agoFix file descriptor leak on error
Thomas Jarosch [Fri, 26 Aug 2011 18:55:55 +0000 (20:55 +0200)]
Fix file descriptor leak on error

Credit goes to cppcheck.

Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
10 years agobus->listen() and the controller wrappers accept a timeout to wait for callbacks
Martin Willi [Fri, 26 Aug 2011 08:42:42 +0000 (10:42 +0200)]
bus->listen() and the controller wrappers accept a timeout to wait for callbacks

10 years agosupport optional SSL passphrase for Axis2/C connection
Andreas Steffen [Wed, 24 Aug 2011 19:27:34 +0000 (21:27 +0200)]
support optional SSL passphrase for Axis2/C connection

10 years agoRegister manager of pkcs11 plugin as library object
Martin Willi [Wed, 24 Aug 2011 13:45:59 +0000 (15:45 +0200)]
Register manager of pkcs11 plugin as library object

10 years agolog entry for outbound hash-and-url
Andreas Steffen [Wed, 24 Aug 2011 04:05:27 +0000 (06:05 +0200)]
log entry for outbound hash-and-url

10 years agoauto-detect OS name
Riaan Kruger [Tue, 23 Aug 2011 05:54:15 +0000 (07:54 +0200)]
auto-detect OS name

10 years agoAdded a certexpire empty_string option
Martin Willi [Fri, 19 Aug 2011 07:12:54 +0000 (09:12 +0200)]
Added a certexpire empty_string option

10 years agoImplemented CSV export functionality in certexpire plugin
Martin Willi [Fri, 5 Aug 2011 09:31:33 +0000 (11:31 +0200)]
Implemented CSV export functionality in certexpire plugin

10 years agoAdded generic cron style callback execution to certexpire plugin
Martin Willi [Thu, 4 Aug 2011 15:31:54 +0000 (17:31 +0200)]
Added generic cron style callback execution to certexpire plugin

10 years agoCache trustchain lifetimes for export
Martin Willi [Thu, 4 Aug 2011 13:09:55 +0000 (15:09 +0200)]
Cache trustchain lifetimes for export

10 years agoRegister a certexpire listener collecting trustchain information
Martin Willi [Thu, 4 Aug 2011 09:52:57 +0000 (11:52 +0200)]
Register a certexpire listener collecting trustchain information

10 years agoAdded missing auth_rule_names
Martin Willi [Thu, 4 Aug 2011 08:29:23 +0000 (10:29 +0200)]
Added missing auth_rule_names

10 years agoMoved auth_rule_names back to auth_cfg.c
Martin Willi [Thu, 4 Aug 2011 08:27:05 +0000 (10:27 +0200)]
Moved auth_rule_names back to auth_cfg.c

10 years agoAdded plugin stub of certexpire plugin
Martin Willi [Wed, 3 Aug 2011 13:16:41 +0000 (15:16 +0200)]
Added plugin stub of certexpire plugin

10 years agoDon't rekey but delete CHILD_SA to resying against NATed Windows clients
Martin Willi [Wed, 10 Aug 2011 14:59:13 +0000 (16:59 +0200)]
Don't rekey but delete CHILD_SA to resying against NATed Windows clients

10 years agoSync newer IKE_SA condition/extension flags in ha plugin
Martin Willi [Wed, 10 Aug 2011 14:58:46 +0000 (16:58 +0200)]
Sync newer IKE_SA condition/extension flags in ha plugin

10 years agoTry to detect Windows Clients by looking for INTERNAL_IP4/6_SERVER attribute
Martin Willi [Wed, 10 Aug 2011 14:57:59 +0000 (16:57 +0200)]
Try to detect Windows Clients by looking for INTERNAL_IP4/6_SERVER attribute

10 years agoshortened XAUTH and UNITY attribute short names
Andreas Steffen [Tue, 16 Aug 2011 21:37:09 +0000 (23:37 +0200)]
shortened XAUTH and UNITY attribute short names

10 years agofix double delete of old IKE_SA during reauthentication
Andreas Steffen [Tue, 16 Aug 2011 21:25:45 +0000 (23:25 +0200)]
fix double delete of old IKE_SA during reauthentication

10 years agoincreased message buffer to cope with NCP's innumerable UNITY Configuration Payloads
Andreas Steffen [Tue, 16 Aug 2011 21:22:20 +0000 (23:22 +0200)]
increased message buffer to cope with NCP's innumerable UNITY Configuration Payloads

10 years agosome more typos
Andreas Steffen [Mon, 15 Aug 2011 19:38:23 +0000 (21:38 +0200)]
some more typos

10 years agotypos: initator->initiator, authenticaion->authentication.
Tobias Brunner [Mon, 15 Aug 2011 14:31:04 +0000 (16:31 +0200)]
typos: initator->initiator, authenticaion->authentication.

10 years agopluto: Some whitespace cleanup.
Tobias Brunner [Fri, 12 Aug 2011 08:39:54 +0000 (10:39 +0200)]
pluto: Some whitespace cleanup.

10 years agoconverted libimcv into a dynamic library
Andreas Steffen [Sun, 14 Aug 2011 07:27:43 +0000 (09:27 +0200)]
converted libimcv into a dynamic library

10 years agoversion bump to 4.6.0dr3
Andreas Steffen [Sun, 14 Aug 2011 07:26:21 +0000 (09:26 +0200)]
version bump to 4.6.0dr3

10 years agoupdated strongswan.conf
Andreas Steffen [Fri, 12 Aug 2011 16:11:32 +0000 (18:11 +0200)]
updated strongswan.conf

10 years agoimplement MAP client certificate authentication
Andreas Steffen [Fri, 12 Aug 2011 13:16:05 +0000 (15:16 +0200)]
implement MAP client certificate authentication

10 years agocosmetics
Andreas Steffen [Fri, 12 Aug 2011 11:18:49 +0000 (13:18 +0200)]
cosmetics

10 years agoimplemented enforcement-report metadata
Andreas Steffen [Fri, 12 Aug 2011 11:16:02 +0000 (13:16 +0200)]
implemented enforcement-report metadata

10 years agouse EAP identity
Andreas Steffen [Fri, 12 Aug 2011 09:34:56 +0000 (11:34 +0200)]
use EAP identity

10 years agodefined mapping of IKEv2 identity types to IF-MAP identity types
Andreas Steffen [Fri, 12 Aug 2011 09:07:29 +0000 (11:07 +0200)]
defined mapping of IKEv2 identity types to IF-MAP identity types

10 years agoIf we close a duplicate SA, it is also no authentication failure.
Tobias Brunner [Fri, 12 Aug 2011 08:11:39 +0000 (10:11 +0200)]
If we close a duplicate SA, it is also no authentication failure.

10 years agoIf local authentication fails, it is not really a peer auth failure.
Tobias Brunner [Wed, 10 Aug 2011 15:42:30 +0000 (17:42 +0200)]
If local authentication fails, it is not really a peer auth failure.

10 years agoThrow an alert if authentication of the peer fails (not only for initiator).
Tobias Brunner [Wed, 10 Aug 2011 15:29:06 +0000 (17:29 +0200)]
Throw an alert if authentication of the peer fails (not only for initiator).

10 years agoThrow an alert when the peer address cannot be resolved during initiation.
Tobias Brunner [Wed, 10 Aug 2011 13:45:41 +0000 (15:45 +0200)]
Throw an alert when the peer address cannot be resolved during initiation.

10 years agoThrow an alert via bus_t when remote authentication fails.
Tobias Brunner [Wed, 10 Aug 2011 13:17:40 +0000 (15:17 +0200)]
Throw an alert via bus_t when remote authentication fails.

10 years agosupport capability metadata
Andreas Steffen [Thu, 11 Aug 2011 13:06:01 +0000 (15:06 +0200)]
support capability metadata

10 years agoVerify that executables are available and set (pluto|charon)start accordingly.
Tobias Brunner [Thu, 11 Aug 2011 11:38:05 +0000 (13:38 +0200)]
Verify that executables are available and set (pluto|charon)start accordingly.

Some distributions enable both daemons but then distribute the
executables in two separate packages.  If only one package is installed
but both daemons are enabled in ipsec.conf, starter will try to start
the non existing daemon over and over again, and will each time readd
the configs to the other daemon.

10 years agoversion bump to 4.6.0dr2
Andreas Steffen [Thu, 11 Aug 2011 05:56:42 +0000 (07:56 +0200)]
version bump to 4.6.0dr2

10 years agoadded tnc-ifmap attributes to manpage
Andreas Steffen [Wed, 10 Aug 2011 13:58:18 +0000 (15:58 +0200)]
added tnc-ifmap attributes to manpage

10 years agoversion bump to 4.6.0dr1
Andreas Steffen [Wed, 10 Aug 2011 07:28:31 +0000 (09:28 +0200)]
version bump to 4.6.0dr1

10 years agodefine server_cert in strongswan.conf
Andreas Steffen [Wed, 10 Aug 2011 04:13:21 +0000 (06:13 +0200)]
define server_cert in strongswan.conf

10 years agogetting rid of axis2.html configuration
Andreas Steffen [Tue, 9 Aug 2011 19:09:37 +0000 (21:09 +0200)]
getting rid of axis2.html configuration

10 years agooutput PEP device addresses as metadata
Andreas Steffen [Mon, 8 Aug 2011 18:13:32 +0000 (20:13 +0200)]
output PEP device addresses as metadata

10 years agoclassify an EAP identity as a username
Andreas Steffen [Mon, 8 Aug 2011 17:03:50 +0000 (19:03 +0200)]
classify an EAP identity as a username

10 years agorefactoring of tnc-ifmap plugin
Andreas Steffen [Mon, 8 Aug 2011 15:48:56 +0000 (17:48 +0200)]
refactoring of tnc-ifmap plugin

10 years agopublish all IKE_SA metadata after tnc-ifmap plugin reload
Andreas Steffen [Mon, 8 Aug 2011 07:49:35 +0000 (09:49 +0200)]
publish all IKE_SA metadata after tnc-ifmap plugin reload

10 years agoimplemented tnc-ifmap reload method
Andreas Steffen [Mon, 8 Aug 2011 06:48:18 +0000 (08:48 +0200)]
implemented tnc-ifmap reload method

10 years agomoved ifmap code into tnc_ifmap_soap
Andreas Steffen [Mon, 8 Aug 2011 06:29:43 +0000 (08:29 +0200)]
moved ifmap code into tnc_ifmap_soap

10 years agofree device_name in destroy()
Andreas Steffen [Sun, 7 Aug 2011 22:19:08 +0000 (00:19 +0200)]
free device_name in destroy()

10 years agoset device_name via strongswan.conf
Andreas Steffen [Sun, 7 Aug 2011 22:13:36 +0000 (00:13 +0200)]
set device_name via strongswan.conf

10 years agofixed delete filters
Andreas Steffen [Sun, 7 Aug 2011 21:41:05 +0000 (23:41 +0200)]
fixed delete filters

10 years agocheck for publishReceived response
Andreas Steffen [Sun, 7 Aug 2011 20:40:21 +0000 (22:40 +0200)]
check for publishReceived response

10 years agoadded authenticated-by metadata
Andreas Steffen [Sun, 7 Aug 2011 17:54:43 +0000 (19:54 +0200)]
added authenticated-by metadata

10 years agofirst working publish of metadata
Andreas Steffen [Sun, 7 Aug 2011 15:04:02 +0000 (17:04 +0200)]
first working publish of metadata

10 years agoadded some XML syntax checking
Andreas Steffen [Sat, 6 Aug 2011 22:21:15 +0000 (00:21 +0200)]
added some XML syntax checking

10 years agoimplemented purgePublisher command
Andreas Steffen [Sat, 6 Aug 2011 14:33:28 +0000 (16:33 +0200)]
implemented purgePublisher command

10 years agofixed typo
Andreas Steffen [Fri, 5 Aug 2011 23:02:40 +0000 (01:02 +0200)]
fixed typo

10 years agocombined newSession and newSessionResult
Andreas Steffen [Fri, 5 Aug 2011 22:50:29 +0000 (00:50 +0200)]
combined newSession and newSessionResult

10 years agonewSession and endSession work
Andreas Steffen [Fri, 5 Aug 2011 22:12:55 +0000 (00:12 +0200)]
newSession and endSession work

10 years agocreated tnc-ifmap plugin
Andreas Steffen [Fri, 5 Aug 2011 14:15:55 +0000 (16:15 +0200)]
created tnc-ifmap plugin

10 years agoFixed syntax in MySQL script.
Tobias Brunner [Mon, 8 Aug 2011 14:15:28 +0000 (16:15 +0200)]
Fixed syntax in MySQL script.

10 years agoInstall and use libtls as dynamic library, as we have our private libdir now
Martin Willi [Mon, 8 Aug 2011 11:24:16 +0000 (13:24 +0200)]
Install and use libtls as dynamic library, as we have our private libdir now

10 years agoMigrated simaka_message to INIT/METHOD macros
Martin Willi [Thu, 7 Jul 2011 10:42:15 +0000 (12:42 +0200)]
Migrated simaka_message to INIT/METHOD macros

10 years agoMigratd simaka_crypto to INIT/METHOD macros
Martin Willi [Thu, 7 Jul 2011 10:42:01 +0000 (12:42 +0200)]
Migratd simaka_crypto to INIT/METHOD macros

10 years agoMigrated all SIM/AKA code to libsimaka, use SIM and AKA backend managers registered...
Martin Willi [Thu, 7 Jul 2011 10:31:45 +0000 (12:31 +0200)]
Migrated all SIM/AKA code to libsimaka, use SIM and AKA backend managers registered by name

10 years agoAdd a non-clonig variant of eap_payload_create_data
Martin Willi [Thu, 7 Jul 2011 10:31:02 +0000 (12:31 +0200)]
Add a non-clonig variant of eap_payload_create_data

10 years agoInstall and link libsimaka as dynamic library
Martin Willi [Wed, 6 Jul 2011 13:45:26 +0000 (15:45 +0200)]
Install and link libsimaka as dynamic library

10 years agoProvide generic object registration by name on libstrongswan
Martin Willi [Wed, 6 Jul 2011 13:19:13 +0000 (15:19 +0200)]
Provide generic object registration by name on libstrongswan

10 years agoFixed function descriptions
Martin Willi [Wed, 6 Jul 2011 12:38:23 +0000 (14:38 +0200)]
Fixed function descriptions

10 years agomaemo: New upstream release.
Tobias Brunner [Fri, 5 Aug 2011 12:45:17 +0000 (14:45 +0200)]
maemo: New upstream release.

10 years agomaemo: Define _GNU_SOURCE to make llabs available.
Tobias Brunner [Fri, 5 Aug 2011 12:36:11 +0000 (14:36 +0200)]
maemo: Define _GNU_SOURCE to make llabs available.

llabs is defined in C99, thus requires e.g. _USE_ISOC99 to be defined.
features.h on Maemo defines _USE_ISOC99 in fewer cases than newer versions
of it do on other platforms.

10 years agomaemo: Libraries are installed in lib/ipsec, binaries in libexec not lib.
Tobias Brunner [Fri, 5 Aug 2011 12:30:03 +0000 (14:30 +0200)]
maemo: Libraries are installed in lib/ipsec, binaries in libexec not lib.

10 years agomaemo: Don't overwrite location of libexec.
Tobias Brunner [Fri, 5 Aug 2011 12:28:45 +0000 (14:28 +0200)]
maemo: Don't overwrite location of libexec.