strongswan.git
14 years agocorrected gnome-terminal's --show-menubar option
Andreas Steffen [Thu, 8 May 2008 08:22:07 +0000 (08:22 -0000)]
corrected gnome-terminal's --show-menubar option

14 years agoadded configure check and support for sqlite3 libraries without sqlite3_prepare_v2
Martin Willi [Wed, 7 May 2008 14:41:13 +0000 (14:41 -0000)]
added configure check and support for sqlite3 libraries without sqlite3_prepare_v2

14 years agofixed 3DES encryption
Martin Willi [Wed, 7 May 2008 11:54:30 +0000 (11:54 -0000)]
fixed 3DES encryption

14 years agoprototype of sql pool administration utility
Martin Willi [Wed, 7 May 2008 09:37:08 +0000 (09:37 -0000)]
prototype of sql pool administration utility

14 years agousing capset version 1 if a newer is available
Martin Willi [Wed, 7 May 2008 08:46:37 +0000 (08:46 -0000)]
using capset version 1 if a newer is available

14 years agosupport for @#hex ID_KEY_ID identification_t
Martin Willi [Tue, 6 May 2008 13:45:14 +0000 (13:45 -0000)]
support for @#hex ID_KEY_ID identification_t

14 years agoproviding medation configuration through med_db plugin
Martin Willi [Tue, 6 May 2008 13:44:14 +0000 (13:44 -0000)]
providing medation configuration through med_db plugin

14 years agofixed parsing of openssl format public keys
Martin Willi [Tue, 6 May 2008 12:56:36 +0000 (12:56 -0000)]
fixed parsing of openssl format public keys

14 years agoreturning reference pointer on get_ref()
Martin Willi [Tue, 6 May 2008 10:55:42 +0000 (10:55 -0000)]
returning reference pointer on get_ref()

14 years agoprintf "width" support for hosts (e.g. %15H)
Martin Willi [Mon, 5 May 2008 08:31:43 +0000 (08:31 -0000)]
printf "width" support for hosts (e.g. %15H)

14 years agoresetting old scheduling policy correctly in free() hook
Martin Willi [Mon, 5 May 2008 07:40:21 +0000 (07:40 -0000)]
resetting old scheduling policy correctly in free() hook

14 years agoimplemented XCBC algorithms (signer, prf) for IKE on top of a crypter
Martin Willi [Wed, 30 Apr 2008 14:26:24 +0000 (14:26 -0000)]
implemented XCBC algorithms (signer, prf) for IKE on top of a crypter
supporting ike=...-aesxcbc-... in ipsec.conf
added AUTH_AES_XCBC_96 and PRF_AES128_CBC to default IKE proposal
AES XCBC testcase

14 years agocrypter_t api supports in-place encryption using NULL as output parameter
Martin Willi [Wed, 30 Apr 2008 14:02:25 +0000 (14:02 -0000)]
crypter_t api supports in-place encryption using NULL as output parameter

14 years agosimplified the OpenSSL crypter a bit
Tobias Brunner [Wed, 30 Apr 2008 09:24:22 +0000 (09:24 -0000)]
simplified the OpenSSL crypter a bit

14 years agosimplified the OpenSSL hasher a bit
Tobias Brunner [Wed, 30 Apr 2008 09:23:13 +0000 (09:23 -0000)]
simplified the OpenSSL hasher a bit

14 years agoOpenSSL hasher does not need an internal buffer anymore
Tobias Brunner [Wed, 30 Apr 2008 08:54:36 +0000 (08:54 -0000)]
OpenSSL hasher does not need an internal buffer anymore

14 years agoadding diffie hellman with OpenSSL
Tobias Brunner [Tue, 29 Apr 2008 15:42:34 +0000 (15:42 -0000)]
adding diffie hellman with OpenSSL

14 years agouse SHA-1 as preferred hasher in the OpenSSL plugin
Tobias Brunner [Tue, 29 Apr 2008 09:13:14 +0000 (09:13 -0000)]
use SHA-1 as preferred hasher in the OpenSSL plugin

14 years agoset Id keyword
Andreas Steffen [Mon, 28 Apr 2008 18:44:21 +0000 (18:44 -0000)]
set Id keyword

14 years agoprototype of dumm GUI
Martin Willi [Mon, 28 Apr 2008 16:43:30 +0000 (16:43 -0000)]
prototype of dumm GUI

14 years agocosmetics
Andreas Steffen [Mon, 28 Apr 2008 16:02:53 +0000 (16:02 -0000)]
cosmetics

14 years agointroduced ASN1_EXIT command in ASN.1 object syntax definition
Andreas Steffen [Mon, 28 Apr 2008 16:00:52 +0000 (16:00 -0000)]
introduced ASN1_EXIT command in ASN.1 object syntax definition

14 years agoadded wrapper for OpenSSL hashers
Tobias Brunner [Mon, 28 Apr 2008 15:56:44 +0000 (15:56 -0000)]
added wrapper for OpenSSL hashers

14 years agoalgo lookup corrected
Tobias Brunner [Mon, 28 Apr 2008 15:26:38 +0000 (15:26 -0000)]
algo lookup corrected

14 years agomade algo struct static
Tobias Brunner [Mon, 28 Apr 2008 14:52:58 +0000 (14:52 -0000)]
made algo struct static

14 years agotypos
Tobias Brunner [Mon, 28 Apr 2008 14:32:18 +0000 (14:32 -0000)]
typos

14 years agoadded a wrapper plugin for OpenSSL crypters (AES, 3DES, Blowfish etc.)
Tobias Brunner [Mon, 28 Apr 2008 14:25:19 +0000 (14:25 -0000)]
added a wrapper plugin for OpenSSL crypters (AES, 3DES, Blowfish etc.)

14 years agomade some stuff static
Tobias Brunner [Mon, 28 Apr 2008 14:19:25 +0000 (14:19 -0000)]
made some stuff static

14 years agofixed javascript include using <script> tag
Martin Willi [Mon, 28 Apr 2008 08:52:17 +0000 (08:52 -0000)]
fixed javascript include using <script> tag

14 years agosome scenario fixes
Andreas Steffen [Sun, 27 Apr 2008 14:15:29 +0000 (14:15 -0000)]
some scenario fixes

14 years agoend->srcip string must be removed if it contains %config
Andreas Steffen [Sun, 27 Apr 2008 11:28:58 +0000 (11:28 -0000)]
end->srcip string must be removed if it contains %config

14 years agofixed starter_cmp_end()
Andreas Steffen [Sun, 27 Apr 2008 11:04:13 +0000 (11:04 -0000)]
fixed starter_cmp_end()

14 years agofixed memory corruption problem in starter
Andreas Steffen [Sun, 27 Apr 2008 10:49:31 +0000 (10:49 -0000)]
fixed memory corruption problem in starter

14 years agooptimized parser->success()
Andreas Steffen [Sat, 26 Apr 2008 11:08:36 +0000 (11:08 -0000)]
optimized parser->success()

14 years agoported ASN.1 changes to pkcs7
Andreas Steffen [Sat, 26 Apr 2008 10:20:51 +0000 (10:20 -0000)]
ported ASN.1 changes to pkcs7

14 years agodoxygen fix for fips.h
Andreas Steffen [Sat, 26 Apr 2008 09:40:22 +0000 (09:40 -0000)]
doxygen fix for fips.h

14 years agorefactoring of the ASN.1 parser
Andreas Steffen [Sat, 26 Apr 2008 09:24:14 +0000 (09:24 -0000)]
refactoring of the ASN.1 parser

14 years agosupporting multiple comma seperated subnets in left/rightsubnet definition
Martin Willi [Fri, 25 Apr 2008 12:41:37 +0000 (12:41 -0000)]
supporting multiple comma seperated subnets in left/rightsubnet definition
e.g. leftsubnet=10.2.0.0/16,10.4.0.0/16

14 years agoadded simple Makefile to build scripts
Martin Willi [Fri, 25 Apr 2008 11:18:09 +0000 (11:18 -0000)]
added simple Makefile to build scripts

14 years agoextract_token() now handles whitespace
Andreas Steffen [Fri, 25 Apr 2008 07:04:59 +0000 (07:04 -0000)]
extract_token() now handles whitespace

14 years agochunk_to_hex() adaptations
Andreas Steffen [Fri, 25 Apr 2008 06:39:41 +0000 (06:39 -0000)]
chunk_to_hex() adaptations

14 years agoadded _GNU_SOURCE and limits.h to build against glibc-2.8
Martin Willi [Thu, 24 Apr 2008 13:49:20 +0000 (13:49 -0000)]
added _GNU_SOURCE and limits.h to build against glibc-2.8

14 years agoadded missing base64 chunk test
Martin Willi [Thu, 24 Apr 2008 13:28:18 +0000 (13:28 -0000)]
added missing base64 chunk test

14 years agoreplaced freeswan ttodata by own chunk_{to|from}_{hex|base64} functions
Martin Willi [Thu, 24 Apr 2008 13:26:22 +0000 (13:26 -0000)]
replaced freeswan ttodata by own chunk_{to|from}_{hex|base64} functions

14 years agosome c-libs require _GNU_SOURCE for pthread_rwlock
Martin Willi [Wed, 23 Apr 2008 09:45:02 +0000 (09:45 -0000)]
some c-libs require _GNU_SOURCE for pthread_rwlock

14 years ago'Hash and URL' certificates of research and sales CAs
Andreas Steffen [Tue, 22 Apr 2008 20:36:44 +0000 (20:36 -0000)]
'Hash and URL' certificates of research and sales CAs

14 years agofixed AES-128 test
Martin Willi [Tue, 22 Apr 2008 09:00:27 +0000 (09:00 -0000)]
fixed AES-128 test

14 years agoexperimental Padlock plugin supportin SHA1 and AES-128 for VIA C7 Esther
Martin Willi [Tue, 22 Apr 2008 08:44:56 +0000 (08:44 -0000)]
experimental Padlock plugin supportin SHA1 and AES-128 for VIA C7 Esther

14 years agoadded AES-128 unit test
Martin Willi [Tue, 22 Apr 2008 08:33:55 +0000 (08:33 -0000)]
added AES-128 unit test

14 years agoremoved status result from crypter interface to be consistent with other crypto inter...
Martin Willi [Tue, 22 Apr 2008 07:14:24 +0000 (07:14 -0000)]
removed status result from crypter interface to be consistent with other crypto interfaces

14 years agoproper library initialization for dumm
Martin Willi [Mon, 21 Apr 2008 13:21:21 +0000 (13:21 -0000)]
proper library initialization for dumm

14 years agoversion bump to 4.2.2
Andreas Steffen [Sat, 19 Apr 2008 10:07:32 +0000 (10:07 -0000)]
version bump to 4.2.2

14 years agoedited NEWS 4.2.1
Andreas Steffen [Sat, 19 Apr 2008 09:49:06 +0000 (09:49 -0000)]
edited NEWS

14 years agoupdated testing.conf
Andreas Steffen [Sat, 19 Apr 2008 07:57:24 +0000 (07:57 -0000)]
updated testing.conf

14 years agoadd symbolic link to hash-and-url certs
Andreas Steffen [Sat, 19 Apr 2008 07:48:53 +0000 (07:48 -0000)]
add symbolic link to hash-and-url certs

14 years agofixed iptables/ip6tables switch
Andreas Steffen [Sat, 19 Apr 2008 07:47:00 +0000 (07:47 -0000)]
fixed iptables/ip6tables switch

14 years agoadded hash-and-url certs
Andreas Steffen [Fri, 18 Apr 2008 21:46:26 +0000 (21:46 -0000)]
added hash-and-url certs

14 years agoadded ikev2/rw-hash-and-url scenario
Andreas Steffen [Fri, 18 Apr 2008 21:43:05 +0000 (21:43 -0000)]
added ikev2/rw-hash-and-url scenario

14 years agoupdated NEWS: support of AES_XCBC_MAC and CAMELLIA
Andreas Steffen [Fri, 18 Apr 2008 21:42:31 +0000 (21:42 -0000)]
updated NEWS: support of AES_XCBC_MAC and CAMELLIA

14 years agoHash and URL cosmetics
Andreas Steffen [Fri, 18 Apr 2008 21:27:08 +0000 (21:27 -0000)]
Hash and URL cosmetics

14 years agoadded ikev1/esp-alg-camellia scenario
Andreas Steffen [Fri, 18 Apr 2008 20:02:42 +0000 (20:02 -0000)]
added ikev1/esp-alg-camellia scenario

14 years agofixed cbc(camellia) netlink configuration error
Andreas Steffen [Fri, 18 Apr 2008 20:01:49 +0000 (20:01 -0000)]
fixed cbc(camellia) netlink configuration error

14 years agouse ip xfrm state in crypto evaltests
Andreas Steffen [Fri, 18 Apr 2008 19:07:46 +0000 (19:07 -0000)]
use ip xfrm state in crypto evaltests

14 years agoadded ikev1/esp-alg-aesxcbc scenario
Andreas Steffen [Fri, 18 Apr 2008 19:06:43 +0000 (19:06 -0000)]
added ikev1/esp-alg-aesxcbc scenario

14 years agofixed aes-xcbc netlink configuration error
Andreas Steffen [Fri, 18 Apr 2008 18:37:57 +0000 (18:37 -0000)]
fixed aes-xcbc netlink configuration error

14 years agosupport of AES_XCBC and CAMELLIA ESP cipher by pluto
Andreas Steffen [Fri, 18 Apr 2008 17:01:45 +0000 (17:01 -0000)]
support of AES_XCBC and CAMELLIA ESP cipher by pluto

14 years agofixed AES default key length
Andreas Steffen [Fri, 18 Apr 2008 17:00:30 +0000 (17:00 -0000)]
fixed AES default key length

14 years agoshipping a default strongswan.conf
Martin Willi [Fri, 18 Apr 2008 12:52:47 +0000 (12:52 -0000)]
shipping a default strongswan.conf

14 years agoupdated pfkeyv2.h
Andreas Steffen [Fri, 18 Apr 2008 12:27:50 +0000 (12:27 -0000)]
updated pfkeyv2.h

14 years agosql pool prototype
Martin Willi [Fri, 18 Apr 2008 11:51:58 +0000 (11:51 -0000)]
sql pool prototype

14 years agofunctions invoked on all linked list items now support up to five additional arguments
Tobias Brunner [Fri, 18 Apr 2008 11:48:53 +0000 (11:48 -0000)]
functions invoked on all linked list items now support up to five additional arguments

14 years agonews (hash and url)
Tobias Brunner [Fri, 18 Apr 2008 11:43:20 +0000 (11:43 -0000)]
news (hash and url)

14 years agoupdated list of ESP and AH algorithms
Andreas Steffen [Fri, 18 Apr 2008 11:25:37 +0000 (11:25 -0000)]
updated list of ESP and AH algorithms

14 years agosupport for hash and URL encoded certificate payloads in charon
Tobias Brunner [Fri, 18 Apr 2008 11:24:45 +0000 (11:24 -0000)]
support for hash and URL encoded certificate payloads in charon

14 years agotypo
Tobias Brunner [Fri, 18 Apr 2008 10:58:36 +0000 (10:58 -0000)]
typo

14 years agofixed peer config equality check
Martin Willi [Fri, 18 Apr 2008 10:30:52 +0000 (10:30 -0000)]
fixed peer config equality check

14 years agotype corrected
Tobias Brunner [Fri, 18 Apr 2008 10:11:41 +0000 (10:11 -0000)]
type corrected

14 years agomore NEWS
Martin Willi [Fri, 18 Apr 2008 08:09:32 +0000 (08:09 -0000)]
more NEWS

14 years agocorrected description
Andreas Steffen [Fri, 18 Apr 2008 07:44:39 +0000 (07:44 -0000)]
corrected description

14 years agofixed another transport mode evaltest
Andreas Steffen [Fri, 18 Apr 2008 07:42:57 +0000 (07:42 -0000)]
fixed another transport mode evaltest

14 years agoadded ipv6/net2net-ipv4-ikev2 scenario
Andreas Steffen [Fri, 18 Apr 2008 07:24:01 +0000 (07:24 -0000)]
added ipv6/net2net-ipv4-ikev2 scenario

14 years agofixed two evaltests
Andreas Steffen [Fri, 18 Apr 2008 07:21:49 +0000 (07:21 -0000)]
fixed two evaltests

14 years agoupdated NEWS
Andreas Steffen [Thu, 17 Apr 2008 20:38:47 +0000 (20:38 -0000)]
updated NEWS

14 years agochanged logging of crl writing to old style
Andreas Steffen [Thu, 17 Apr 2008 20:23:31 +0000 (20:23 -0000)]
changed logging of crl writing to old style

14 years agocorrected variable name
Andreas Steffen [Thu, 17 Apr 2008 18:56:55 +0000 (18:56 -0000)]
corrected variable name

14 years agofixed compiler warning
Martin Willi [Thu, 17 Apr 2008 15:08:48 +0000 (15:08 -0000)]
fixed compiler warning

14 years agorespecting ipsec.conf cachecrls= option
Martin Willi [Thu, 17 Apr 2008 15:01:57 +0000 (15:01 -0000)]
respecting ipsec.conf cachecrls= option

14 years agoadded missing bits for credential caching
Martin Willi [Thu, 17 Apr 2008 15:00:51 +0000 (15:00 -0000)]
added missing bits for credential caching

14 years agocaching of CRLs to /etc/ipsec.d/crls
Martin Willi [Thu, 17 Apr 2008 14:08:38 +0000 (14:08 -0000)]
caching of CRLs to /etc/ipsec.d/crls

14 years agocosmetics to chunk_write()
Martin Willi [Thu, 17 Apr 2008 14:06:37 +0000 (14:06 -0000)]
cosmetics to chunk_write()

14 years agoadded missing credential_set method to stroke_ca
Martin Willi [Thu, 17 Apr 2008 13:00:05 +0000 (13:00 -0000)]
added missing credential_set method to stroke_ca

14 years agoextended credential_set_t interface by a cache_cert() method
Martin Willi [Thu, 17 Apr 2008 11:22:37 +0000 (11:22 -0000)]
extended credential_set_t interface by a cache_cert() method
allows persistent or in-memory caching of fetched certificates

14 years agosplitted IKE_SA manager destroy to allow plugin interaction
Martin Willi [Thu, 17 Apr 2008 10:46:25 +0000 (10:46 -0000)]
splitted IKE_SA manager destroy to allow plugin interaction

14 years agoadding rightsourceip=%poolname properly to peer config
Martin Willi [Thu, 17 Apr 2008 08:55:32 +0000 (08:55 -0000)]
adding rightsourceip=%poolname properly to peer config

14 years agoslightly optimized IKE_SA checkin
Martin Willi [Wed, 16 Apr 2008 08:43:32 +0000 (08:43 -0000)]
slightly optimized IKE_SA checkin

14 years agoparallelized trust chain verification
Martin Willi [Wed, 16 Apr 2008 08:38:15 +0000 (08:38 -0000)]
parallelized trust chain verification
temporary imported certificates are thread-local only
read-write locking on credential manager
credential sets must be thread-save now

14 years agooptimized half-open IKE_SA lookup (no checkout)
Martin Willi [Wed, 16 Apr 2008 08:34:52 +0000 (08:34 -0000)]
optimized half-open IKE_SA lookup (no checkout)

14 years agodisable DPD if dpddelay is set but dpdaction=none
Martin Willi [Wed, 16 Apr 2008 05:50:56 +0000 (05:50 -0000)]
disable DPD if dpddelay is set but dpdaction=none

14 years agoupdated sql testcases to new table schema
Martin Willi [Tue, 15 Apr 2008 15:14:32 +0000 (15:14 -0000)]
updated sql testcases to new table schema

14 years agoupdated sql plugin to respect config changes
Martin Willi [Tue, 15 Apr 2008 15:13:53 +0000 (15:13 -0000)]
updated sql plugin to respect config changes