strongswan.git
11 years agoSet broadcast flag in DHCP requests when sending broadcasts
Martin Willi [Thu, 14 Apr 2011 14:01:47 +0000 (16:01 +0200)]
Set broadcast flag in DHCP requests when sending broadcasts

11 years agoAdd reload support to attr plugin
Martin Willi [Fri, 15 Apr 2011 07:48:17 +0000 (09:48 +0200)]
Add reload support to attr plugin

11 years agoMigrated attr plugin to INIT/METHOD macros
Martin Willi [Fri, 15 Apr 2011 07:28:27 +0000 (09:28 +0200)]
Migrated attr plugin to INIT/METHOD macros

11 years agoAdded reload support to eap-radius plugin
Martin Willi [Tue, 12 Apr 2011 09:36:03 +0000 (11:36 +0200)]
Added reload support to eap-radius plugin

11 years agoReload strongswan.conf and plugins supporting reloading on SIGHUP
Martin Willi [Tue, 12 Apr 2011 09:20:25 +0000 (11:20 +0200)]
Reload strongswan.conf and plugins supporting reloading on SIGHUP

11 years agoAccept NULL files in load_files[_section] as we do in constructor
Martin Willi [Tue, 12 Apr 2011 09:15:54 +0000 (11:15 +0200)]
Accept NULL files in load_files[_section] as we do in constructor

11 years agoAdded a merge option to optionally reload files instead of merging them
Martin Willi [Tue, 12 Apr 2011 09:13:08 +0000 (11:13 +0200)]
Added a merge option to optionally reload files instead of merging them

11 years agoAdded plugin_loader method to reload plugin configurations
Martin Willi [Mon, 11 Apr 2011 17:40:30 +0000 (19:40 +0200)]
Added plugin_loader method to reload plugin configurations

11 years agoAdded a (not yet implemented) plugin_t method to reload plugin configuration
Martin Willi [Mon, 11 Apr 2011 17:12:45 +0000 (19:12 +0200)]
Added a (not yet implemented) plugin_t method to reload plugin configuration

11 years agoAdded a get_name() function to plugin_t, create_plugin_enumerator enumerates over...
Martin Willi [Mon, 11 Apr 2011 16:54:18 +0000 (18:54 +0200)]
Added a get_name() function to plugin_t, create_plugin_enumerator enumerates over plugin_t

11 years agoMigrated remaining plugin_t implementations to INIT/METHOD macros
Martin Willi [Mon, 11 Apr 2011 14:41:25 +0000 (16:41 +0200)]
Migrated remaining plugin_t implementations to INIT/METHOD macros

11 years agoMigrated plugin_loader to INIT/METHOD macros
Martin Willi [Mon, 11 Apr 2011 14:25:58 +0000 (16:25 +0200)]
Migrated plugin_loader to INIT/METHOD macros

11 years agoContinue without client authentication if no matching certificate found
Martin Willi [Thu, 14 Apr 2011 18:00:54 +0000 (20:00 +0200)]
Continue without client authentication if no matching certificate found

11 years agoIgnore TLS certificate requests as peer if peer authentication disabled
Martin Willi [Thu, 14 Apr 2011 17:54:02 +0000 (19:54 +0200)]
Ignore TLS certificate requests as peer if peer authentication disabled

11 years agoSend TLS Server Name Indication as peer if server identity is a FQDN
Martin Willi [Thu, 14 Apr 2011 17:42:32 +0000 (19:42 +0200)]
Send TLS Server Name Indication as peer if server identity is a FQDN

11 years agoFix tls_writer wrap functions
Martin Willi [Thu, 14 Apr 2011 17:41:57 +0000 (19:41 +0200)]
Fix tls_writer wrap functions

11 years agopluto: Fixed check for NAT-T keepalives.
Tobias Brunner [Thu, 14 Apr 2011 16:06:38 +0000 (18:06 +0200)]
pluto: Fixed check for NAT-T keepalives.

11 years agopluto: Properly initialize constants.
Tobias Brunner [Thu, 14 Apr 2011 15:59:53 +0000 (17:59 +0200)]
pluto: Properly initialize constants.

11 years agopluto: Avoid hiding outer parameter.
Tobias Brunner [Thu, 14 Apr 2011 15:48:07 +0000 (17:48 +0200)]
pluto: Avoid hiding outer parameter.

11 years agopluto: Use %zu to print values of type size_t.
Tobias Brunner [Thu, 14 Apr 2011 15:30:07 +0000 (17:30 +0200)]
pluto: Use %zu to print values of type size_t.

11 years agoUse %tx to print a value of type ptrdiff_t.
Tobias Brunner [Thu, 14 Apr 2011 15:28:08 +0000 (17:28 +0200)]
Use %tx to print a value of type ptrdiff_t.

11 years agoRemoved superfluous parameter to printf.
Tobias Brunner [Thu, 14 Apr 2011 15:25:25 +0000 (17:25 +0200)]
Removed superfluous parameter to printf.

11 years agoProper cleanup if IDs in ipsec.secrets cannot be parsed.
Tobias Brunner [Thu, 14 Apr 2011 13:38:43 +0000 (15:38 +0200)]
Proper cleanup if IDs in ipsec.secrets cannot be parsed.

11 years agoFixed potential memory leak in host_create_any.
Tobias Brunner [Thu, 14 Apr 2011 13:32:51 +0000 (15:32 +0200)]
Fixed potential memory leak in host_create_any.

11 years agopluto: Fixed potential memory leak in atoaddr.
Tobias Brunner [Thu, 14 Apr 2011 13:30:47 +0000 (15:30 +0200)]
pluto: Fixed potential memory leak in atoaddr.

11 years agoFixed potential memory leak when processing routes from the kernel.
Tobias Brunner [Thu, 14 Apr 2011 13:14:55 +0000 (15:14 +0200)]
Fixed potential memory leak when processing routes from the kernel.

11 years agoDo proper cleanup in error case in pki req.
Tobias Brunner [Thu, 14 Apr 2011 13:11:20 +0000 (15:11 +0200)]
Do proper cleanup in error case in pki req.

11 years agoDo proper cleanup in some error cases in pki signcrl.
Tobias Brunner [Thu, 14 Apr 2011 13:09:30 +0000 (15:09 +0200)]
Do proper cleanup in some error cases in pki signcrl.

11 years agopluto: Fixed potential memory leak when processing requested virtual IPs.
Tobias Brunner [Thu, 14 Apr 2011 13:01:18 +0000 (15:01 +0200)]
pluto: Fixed potential memory leak when processing requested virtual IPs.

11 years agopluto: Properly free buffer in error cases in read_packet.
Tobias Brunner [Thu, 14 Apr 2011 12:36:40 +0000 (14:36 +0200)]
pluto: Properly free buffer in error cases in read_packet.

11 years agoNeither rekey nor del can be NULL.
Tobias Brunner [Thu, 14 Apr 2011 11:19:09 +0000 (13:19 +0200)]
Neither rekey nor del can be NULL.

11 years agoIn scanf the maxmium length of %s does not include the null-terminator.
Tobias Brunner [Thu, 14 Apr 2011 09:26:25 +0000 (11:26 +0200)]
In scanf the maxmium length of %s does not include the null-terminator.

11 years agostarter_conn_t.id is an unsigned long.
Tobias Brunner [Thu, 14 Apr 2011 09:25:31 +0000 (11:25 +0200)]
starter_conn_t.id is an unsigned long.

11 years agoFix compiler warnings at creation of CRL cache filenames.
Tobias Brunner [Thu, 14 Apr 2011 08:44:19 +0000 (10:44 +0200)]
Fix compiler warnings at creation of CRL cache filenames.

This was not really a problem because ptr is the first member of a chunk_t
and it contains a null-terminated string at that point.  But it's clearer
this way.

11 years agoFixed output in ietf_attributes_t.get_string.
Tobias Brunner [Thu, 14 Apr 2011 08:24:46 +0000 (10:24 +0200)]
Fixed output in ietf_attributes_t.get_string.

11 years agoFix "set nexthop to him when instantiating rightallowyes template with leftnexthop...
Tobias Brunner [Thu, 14 Apr 2011 07:31:26 +0000 (09:31 +0200)]
Fix "set nexthop to him when instantiating rightallowyes template with leftnexthop == right"

This fixes commit 280f6b1ab2.

11 years agoadded TLS renegotiation_info extension
Andreas Steffen [Thu, 14 Apr 2011 14:54:34 +0000 (16:54 +0200)]
added TLS renegotiation_info extension

11 years agoShow full blown traffic selector in log_ts hook
Martin Willi [Thu, 14 Apr 2011 07:12:08 +0000 (09:12 +0200)]
Show full blown traffic selector in log_ts hook

11 years agoFixed check for member of stroke_msg_t in pop_string.
Tobias Brunner [Wed, 13 Apr 2011 16:18:03 +0000 (18:18 +0200)]
Fixed check for member of stroke_msg_t in pop_string.

Because of the cast to char** the length of the message was multiplied
by sizeof(char*), i.e. 4 or 8 bytes (depending on the architecture) instead
of by 1 (sizeof(char)).

11 years agopluto: Properly initialize a.continuation.
Tobias Brunner [Tue, 12 Apr 2011 15:39:11 +0000 (17:39 +0200)]
pluto: Properly initialize a.continuation.

11 years agopluto: Properly initialize ta.encrypter.
Tobias Brunner [Tue, 12 Apr 2011 15:22:50 +0000 (17:22 +0200)]
pluto: Properly initialize ta.encrypter.

11 years agopluto: Fixed off by one error when reading private keys.
Tobias Brunner [Tue, 12 Apr 2011 13:54:29 +0000 (15:54 +0200)]
pluto: Fixed off by one error when reading private keys.

11 years agoRemoved unused variables.
Tobias Brunner [Tue, 12 Apr 2011 12:28:18 +0000 (14:28 +0200)]
Removed unused variables.

11 years agoFix compiler warning after fetcher_t.fetch signature change
Martin Willi [Mon, 11 Apr 2011 16:56:08 +0000 (18:56 +0200)]
Fix compiler warning after fetcher_t.fetch signature change

11 years agoversion bump to 4.5.2dr5
Andreas Steffen [Mon, 11 Apr 2011 04:24:31 +0000 (06:24 +0200)]
version bump to 4.5.2dr5

11 years agoupdated NEWS
Andreas Steffen [Mon, 11 Apr 2011 04:23:52 +0000 (06:23 +0200)]
updated NEWS

11 years agoUse an IV size of zero for DES in ECB mode
Martin Willi [Fri, 8 Apr 2011 12:55:46 +0000 (14:55 +0200)]
Use an IV size of zero for DES in ECB mode

11 years agoFixed debug statement if algorithm benchmarking enabled
Martin Willi [Fri, 8 Apr 2011 12:55:10 +0000 (14:55 +0200)]
Fixed debug statement if algorithm benchmarking enabled

11 years agowith the 2.6.38 kernel alice is preferred for handling the IKE connections
Andreas Steffen [Fri, 8 Apr 2011 05:50:05 +0000 (07:50 +0200)]
with the 2.6.38 kernel alice is preferred for handling the IKE connections

11 years agofixed bit mask
Duncan Salerno [Thu, 7 Apr 2011 19:41:41 +0000 (21:41 +0200)]
fixed bit mask

11 years agoadded EAP-PEAP options to strongswan.conf
Andreas Steffen [Wed, 6 Apr 2011 18:08:56 +0000 (20:08 +0200)]
added EAP-PEAP options to strongswan.conf

11 years agodefine MSCHAPv2 as default phase2 algorithm for EAP-PEAP
Andreas Steffen [Wed, 6 Apr 2011 18:07:59 +0000 (20:07 +0200)]
define MSCHAPv2 as default phase2 algorithm for EAP-PEAP

11 years agoadded ikev2/rw-eap-peap-mschapv2 scenario
Andreas Steffen [Wed, 6 Apr 2011 17:44:58 +0000 (19:44 +0200)]
added ikev2/rw-eap-peap-mschapv2 scenario

11 years agoadded ikev2/rw-eap-peap-md5 scenario
Andreas Steffen [Wed, 6 Apr 2011 17:44:30 +0000 (19:44 +0200)]
added ikev2/rw-eap-peap-md5 scenario

11 years agoadded ikev2/rw-eap-peap-radius scenario
Andreas Steffen [Wed, 6 Apr 2011 17:42:52 +0000 (19:42 +0200)]
added ikev2/rw-eap-peap-radius scenario

11 years agoallow multi-pass authentication schemes as e.g. MSCHAPv2
Andreas Steffen [Wed, 6 Apr 2011 17:39:00 +0000 (19:39 +0200)]
allow multi-pass authentication schemes as e.g. MSCHAPv2

11 years agodisplay EAP identifiers in HEX format
Andreas Steffen [Wed, 6 Apr 2011 15:34:27 +0000 (17:34 +0200)]
display EAP identifiers in HEX format

11 years agono EAP identifier offset required in build() function
Andreas Steffen [Wed, 6 Apr 2011 15:33:01 +0000 (17:33 +0200)]
no EAP identifier offset required in build() function

11 years agoadded missing function pointers in eap_identity_create_server()
Andreas Steffen [Wed, 6 Apr 2011 13:47:49 +0000 (15:47 +0200)]
added missing function pointers in eap_identity_create_server()

11 years agoimplemented the PEAP tunneling protocol as an EAP plugin
Andreas Steffen [Wed, 6 Apr 2011 12:42:02 +0000 (14:42 +0200)]
implemented the PEAP tunneling protocol as an EAP plugin

11 years agoadded get|set_identifier() methods to eap_tnc_t
Andreas Steffen [Wed, 6 Apr 2011 05:50:42 +0000 (07:50 +0200)]
added get|set_identifier() methods to eap_tnc_t

11 years agoadded EAP identifier to debug output
Andreas Steffen [Tue, 5 Apr 2011 18:53:46 +0000 (20:53 +0200)]
added EAP identifier to debug output

11 years agoadded get|set_identifier() methods to eap_tls_t and eap_ttls_t
Andreas Steffen [Tue, 5 Apr 2011 16:35:22 +0000 (18:35 +0200)]
added get|set_identifier() methods to eap_tls_t and eap_ttls_t

11 years agoadded TLS_PURPOSE_EAP_PEAP
Andreas Steffen [Tue, 5 Apr 2011 16:16:28 +0000 (18:16 +0200)]
added TLS_PURPOSE_EAP_PEAP

11 years agoimplemented get|set_identifier() for tls_eap_t
Andreas Steffen [Tue, 5 Apr 2011 16:14:58 +0000 (18:14 +0200)]
implemented get|set_identifier() for tls_eap_t

11 years agoeap_packet_t definition moved to libstrongswan/eap/eap.h
Andreas Steffen [Tue, 5 Apr 2011 16:04:45 +0000 (18:04 +0200)]
eap_packet_t definition moved to libstrongswan/eap/eap.h

11 years agoadded EAP PEAP and MSTLV protocols
Andreas Steffen [Tue, 5 Apr 2011 15:59:49 +0000 (17:59 +0200)]
added EAP PEAP and MSTLV protocols

11 years agoimplemented get|set_identifier() for eap_sim_t
Andreas Steffen [Tue, 5 Apr 2011 15:01:28 +0000 (17:01 +0200)]
implemented get|set_identifier() for eap_sim_t

11 years agoMigrated eap_sim plugin to INIT/METHOD macros
Andreas Steffen [Tue, 5 Apr 2011 14:12:38 +0000 (16:12 +0200)]
Migrated eap_sim plugin to INIT/METHOD macros

11 years agoimplemented get|set_identifier() for eap_radius_t
Andreas Steffen [Tue, 5 Apr 2011 13:57:00 +0000 (15:57 +0200)]
implemented get|set_identifier() for eap_radius_t

11 years agostore EAP identifier on peer side
Andreas Steffen [Tue, 5 Apr 2011 13:45:51 +0000 (15:45 +0200)]
store EAP identifier on peer side

11 years agoimplemented get|set_identifier() for eap_aka_t
Andreas Steffen [Tue, 5 Apr 2011 13:38:54 +0000 (15:38 +0200)]
implemented get|set_identifier() for eap_aka_t

11 years agoAdded support for DES_ECB to af-alg, required for eap-mschapv2
Martin Willi [Tue, 5 Apr 2011 13:11:17 +0000 (15:11 +0200)]
Added support for DES_ECB to af-alg, required for eap-mschapv2

11 years agoMigrated eap_aka plugin to INIT/METHOD macros
Andreas Steffen [Tue, 5 Apr 2011 13:20:22 +0000 (15:20 +0200)]
Migrated eap_aka plugin to INIT/METHOD macros

11 years agoimplemented get|set_identifier() for eap_gtc_t
Andreas Steffen [Tue, 5 Apr 2011 12:47:19 +0000 (14:47 +0200)]
implemented get|set_identifier() for eap_gtc_t

11 years agoMigrated eap_gtc plugin to INIT/METHOD macros
Andreas Steffen [Tue, 5 Apr 2011 12:44:26 +0000 (14:44 +0200)]
Migrated eap_gtc plugin to INIT/METHOD macros

11 years agoimplemented get|set_identifier() for eap_mschapv2_t
Andreas Steffen [Tue, 5 Apr 2011 12:44:09 +0000 (14:44 +0200)]
implemented get|set_identifier() for eap_mschapv2_t

11 years agoMigrated eap_mschapv2 plugin to INIT/METHOD macros
Andreas Steffen [Tue, 5 Apr 2011 12:23:59 +0000 (14:23 +0200)]
Migrated eap_mschapv2 plugin to INIT/METHOD macros

11 years agoimplemented get|set_identifier() for eap_identity_t and eap_md5_t
Andreas Steffen [Tue, 5 Apr 2011 12:22:58 +0000 (14:22 +0200)]
implemented get|set_identifier() for eap_identity_t and eap_md5_t

11 years agolog the EAP identifier also for vendor specific EAP methods
Andreas Steffen [Tue, 5 Apr 2011 11:57:37 +0000 (13:57 +0200)]
log the EAP identifier also for vendor specific EAP methods

11 years agolog the initial value of the EAP identifier
Andreas Steffen [Tue, 5 Apr 2011 11:54:26 +0000 (13:54 +0200)]
log the initial value of the EAP identifier

11 years agoadded get_identifier() and set_identifier() methods
Andreas Steffen [Tue, 5 Apr 2011 11:31:32 +0000 (13:31 +0200)]
added get_identifier() and set_identifier() methods

11 years agoMigrated eap_sim_pcsc plugin to INIT/METHOD macros
Martin Willi [Mon, 4 Apr 2011 07:31:45 +0000 (09:31 +0200)]
Migrated eap_sim_pcsc plugin to INIT/METHOD macros

11 years agoSlightly reformatted SIM pcsc code
Martin Willi [Mon, 4 Apr 2011 07:21:54 +0000 (09:21 +0200)]
Slightly reformatted SIM pcsc code

11 years agoAdded SIM card backend based on pcsc-lite
Duncan Salerno [Mon, 4 Apr 2011 06:51:50 +0000 (08:51 +0200)]
Added SIM card backend based on pcsc-lite

11 years agoAdded alloc/stream options to fetcher test utility
Martin Willi [Fri, 1 Apr 2011 09:40:18 +0000 (11:40 +0200)]
Added alloc/stream options to fetcher test utility

11 years agoAdded support for FETCH_CALLBACK to soup fetcher
Martin Willi [Fri, 1 Apr 2011 09:30:35 +0000 (11:30 +0200)]
Added support for FETCH_CALLBACK to soup fetcher

11 years agoSupport FETCH_CALLBACK in curl fetcher
Martin Willi [Fri, 1 Apr 2011 09:01:42 +0000 (11:01 +0200)]
Support FETCH_CALLBACK in curl fetcher

11 years agoAdded a new FETCH_CALLBACK option to fetch data without allocation
Martin Willi [Fri, 1 Apr 2011 08:30:42 +0000 (10:30 +0200)]
Added a new FETCH_CALLBACK option to fetch data without allocation

11 years agoMigrated fetcher_manager to INIT/METHOD macros
Martin Willi [Fri, 1 Apr 2011 08:26:24 +0000 (10:26 +0200)]
Migrated fetcher_manager to INIT/METHOD macros

11 years agoversion bump to 4.5.2dr4
Andreas Steffen [Sat, 2 Apr 2011 05:46:16 +0000 (07:46 +0200)]
version bump to 4.5.2dr4

11 years agoupdated ikev2/rw-eap-tnc scenarios
Andreas Steffen [Fri, 1 Apr 2011 17:44:25 +0000 (19:44 +0200)]
updated ikev2/rw-eap-tnc scenarios

11 years agoInstall systemd service file if systemd is available
Miklos Vajna [Mon, 28 Mar 2011 18:04:00 +0000 (20:04 +0200)]
Install systemd service file if systemd is available

11 years agolog TNC PEP decision with level 0
Andreas Steffen [Fri, 25 Mar 2011 11:48:45 +0000 (12:48 +0100)]
log TNC PEP decision with level 0

11 years agoIncrease whitelist message identity buffer to 128 bytes
Martin Willi [Wed, 23 Mar 2011 13:16:13 +0000 (14:16 +0100)]
Increase whitelist message identity buffer to 128 bytes

11 years agoFix order of PURGE_* flags to be compatible with STROKE_PURGE_* keywords
Martin Willi [Wed, 23 Mar 2011 08:28:40 +0000 (09:28 +0100)]
Fix order of PURGE_* flags to be compatible with STROKE_PURGE_* keywords

11 years agoMake availability of glob(3) optional in settings_t.
Tobias Brunner [Tue, 22 Mar 2011 18:17:51 +0000 (19:17 +0100)]
Make availability of glob(3) optional in settings_t.

If glob(3) is not available just try to open the pattern as regular
file. The reason for this change is that glob(3) is not available on Android.

11 years agoMake sure that files included in settings_t are regular files.
Tobias Brunner [Tue, 22 Mar 2011 18:16:19 +0000 (19:16 +0100)]
Make sure that files included in settings_t are regular files.

11 years agoDefine PLUGINDIR in Android.mk even though it is currently not used.
Tobias Brunner [Tue, 22 Mar 2011 16:37:19 +0000 (17:37 +0100)]
Define PLUGINDIR in Android.mk even though it is currently not used.

The combined plugin loader requires PLUGINDIR to be defined.

11 years agoFile lists in Android.mk files updated to those in the Makefiles.
Tobias Brunner [Tue, 22 Mar 2011 16:36:23 +0000 (17:36 +0100)]
File lists in Android.mk files updated to those in the Makefiles.