strongswan.git
9 years agoAdded IKE config option to fake NAT situations
Martin Willi [Tue, 23 Nov 2010 09:43:48 +0000 (10:43 +0100)]
Added IKE config option to fake NAT situations

9 years agoShow SPI in proposal logging hook
Martin Willi [Tue, 23 Nov 2010 09:12:32 +0000 (10:12 +0100)]
Show SPI in proposal logging hook

9 years agoImplemented a hook to inject custom proposals
Martin Willi [Tue, 23 Nov 2010 09:01:42 +0000 (10:01 +0100)]
Implemented a hook to inject custom proposals

9 years agoFixed error reporting
Martin Willi [Tue, 23 Nov 2010 09:01:23 +0000 (10:01 +0100)]
Fixed error reporting

9 years agoRemove unused variable
Martin Willi [Tue, 23 Nov 2010 07:42:57 +0000 (08:42 +0100)]
Remove unused variable

9 years agoAdded hook to log ID payload type and data
Martin Willi [Mon, 15 Nov 2010 13:56:34 +0000 (14:56 +0100)]
Added hook to log ID payload type and data

9 years agoAdded hook to log received KE group
Martin Willi [Mon, 15 Nov 2010 13:47:06 +0000 (14:47 +0100)]
Added hook to log received KE group

9 years agoAdded a hook to modify proposal numbers
Martin Willi [Mon, 15 Nov 2010 13:37:02 +0000 (14:37 +0100)]
Added a hook to modify proposal numbers

9 years agoAdded a hook to print received proposals, including number
Martin Willi [Mon, 15 Nov 2010 13:07:17 +0000 (14:07 +0100)]
Added a hook to print received proposals, including number

9 years agoAdded a hook to alter the payload length field of arbitrary payloads
Martin Willi [Mon, 15 Nov 2010 10:54:35 +0000 (11:54 +0100)]
Added a hook to alter the payload length field of arbitrary payloads

9 years agoDo not update payload length during generation, allows hooks override payload length
Martin Willi [Mon, 15 Nov 2010 10:53:20 +0000 (11:53 +0100)]
Do not update payload length during generation, allows hooks override payload length

9 years agoDo not recalculate payload header length after generation, payloads do length calculation
Martin Willi [Mon, 15 Nov 2010 10:52:30 +0000 (11:52 +0100)]
Do not recalculate payload header length after generation, payloads do length calculation

9 years agoSupport loading of certificate revocation lists
Martin Willi [Fri, 12 Nov 2010 15:10:00 +0000 (16:10 +0100)]
Support loading of certificate revocation lists

9 years agoImplemented a hook that recreates a valid incoming IKE_AUTH response, even if AUTH_FAILED
Martin Willi [Fri, 12 Nov 2010 14:40:29 +0000 (15:40 +0100)]
Implemented a hook that recreates a valid incoming IKE_AUTH response, even if AUTH_FAILED

9 years agoApply IKE major/minor version set on message to IKE header
Martin Willi [Thu, 11 Nov 2010 15:37:26 +0000 (16:37 +0100)]
Apply IKE major/minor version set on message to IKE header

9 years agoAdded setters for IKE major/minor version to ike_header
Martin Willi [Thu, 11 Nov 2010 15:35:35 +0000 (16:35 +0100)]
Added setters for IKE major/minor version to ike_header

9 years agoMigrated ike_header_t to INIT/METHOD macros
Martin Willi [Thu, 11 Nov 2010 15:32:57 +0000 (16:32 +0100)]
Migrated ike_header_t to INIT/METHOD macros

9 years agoAdded hook to set arbitrary IKE major/minor versions in message headers
Martin Willi [Thu, 11 Nov 2010 15:12:58 +0000 (16:12 +0100)]
Added hook to set arbitrary IKE major/minor versions in message headers

9 years agoPrefer test specific over suite specific configuration
Martin Willi [Thu, 11 Nov 2010 14:52:32 +0000 (15:52 +0100)]
Prefer test specific over suite specific configuration

9 years agoAdded a force_hookie hook that requests a COOKIE independent of our COOKIE mechanism
Martin Willi [Thu, 11 Nov 2010 14:38:52 +0000 (15:38 +0100)]
Added a force_hookie hook that requests a COOKIE independent of our COOKIE mechanism

9 years agoThe add_payload hook supports replacing existing payloads of the same type
Martin Willi [Wed, 10 Nov 2010 16:41:51 +0000 (17:41 +0100)]
The add_payload hook supports replacing existing payloads of the same type

9 years agoFix insertion of non hex encoded payload data
Martin Willi [Wed, 10 Nov 2010 16:41:23 +0000 (17:41 +0100)]
Fix insertion of non hex encoded payload data

9 years agoFixed length calculation of unknown payload
Martin Willi [Wed, 10 Nov 2010 16:40:43 +0000 (17:40 +0100)]
Fixed length calculation of unknown payload

9 years agoAdded a hook to set the critical bit on arbitrary payloads
Martin Willi [Wed, 10 Nov 2010 16:23:57 +0000 (17:23 +0100)]
Added a hook to set the critical bit on arbitrary payloads

9 years agoMove critical bit checking to ike_sa, notify payload includes unsupported payload...
Martin Willi [Wed, 10 Nov 2010 15:47:56 +0000 (16:47 +0100)]
Move critical bit checking to ike_sa, notify payload includes unsupported payload type

9 years agoHandle all error notifies in CREATE_CHILD_SA exchanges
Martin Willi [Wed, 10 Nov 2010 15:30:25 +0000 (16:30 +0100)]
Handle all error notifies in CREATE_CHILD_SA exchanges

9 years agoSupport encoding of UKNOWN_DATA
Martin Willi [Wed, 10 Nov 2010 15:29:59 +0000 (16:29 +0100)]
Support encoding of UKNOWN_DATA

9 years agoMoved our substructure identifiers above 255, ignore private payloads properly
Martin Willi [Wed, 10 Nov 2010 14:41:46 +0000 (15:41 +0100)]
Moved our substructure identifiers above 255, ignore private payloads properly

9 years agoCheck for exceeded payload count even if we have a found one flagged as sufficient
Martin Willi [Wed, 10 Nov 2010 14:34:38 +0000 (15:34 +0100)]
Check for exceeded payload count even if we have a found one flagged as sufficient

9 years agoAdded a hook to inject custom payloads with critical bit
Martin Willi [Wed, 10 Nov 2010 13:26:03 +0000 (14:26 +0100)]
Added a hook to inject custom payloads with critical bit

9 years agoAdded a constructor for custom uknown payloads
Martin Willi [Wed, 10 Nov 2010 13:21:23 +0000 (14:21 +0100)]
Added a constructor for custom uknown payloads

9 years agoUse the payloads actual type in unknown_payload_t
Martin Willi [Wed, 10 Nov 2010 13:17:03 +0000 (14:17 +0100)]
Use the payloads actual type in unknown_payload_t

9 years agoMigrated unknown payload to INIT/METHOD macros
Martin Willi [Wed, 10 Nov 2010 12:56:18 +0000 (13:56 +0100)]
Migrated unknown payload to INIT/METHOD macros

9 years agoAdded a short README about the conftest utility
Martin Willi [Tue, 9 Nov 2010 14:37:41 +0000 (15:37 +0100)]
Added a short README about the conftest utility

9 years agoSpecify the type of the certificate to load, currently X509 only
Martin Willi [Tue, 9 Nov 2010 13:19:59 +0000 (14:19 +0100)]
Specify the type of the certificate to load, currently X509 only

9 years agoBe a little more verbose about cert payload injection
Martin Willi [Tue, 9 Nov 2010 11:05:30 +0000 (12:05 +0100)]
Be a little more verbose about cert payload injection

9 years agoSupport hook suffixes to use the same hook multiple times
Martin Willi [Tue, 9 Nov 2010 10:17:20 +0000 (11:17 +0100)]
Support hook suffixes to use the same hook multiple times

9 years agoSupport arbitrary suffixes for actions, same action multiple times
Martin Willi [Tue, 9 Nov 2010 10:07:37 +0000 (11:07 +0100)]
Support arbitrary suffixes for actions, same action multiple times

9 years agoAdded a hook to ignore specific messages
Martin Willi [Tue, 9 Nov 2010 09:19:56 +0000 (10:19 +0100)]
Added a hook to ignore specific messages

9 years agoIngore messages with exchange type altered to UNDEFINED in message() hook
Martin Willi [Tue, 9 Nov 2010 09:19:09 +0000 (10:19 +0100)]
Ingore messages with exchange type altered to UNDEFINED in message() hook

9 years agoAdded a hook to send unencrypted notifies in established IKE_SAs
Martin Willi [Tue, 9 Nov 2010 08:59:56 +0000 (09:59 +0100)]
Added a hook to send unencrypted notifies in established IKE_SAs

9 years agoFail silently without INVALID_SYNTAX if message not verified
Martin Willi [Tue, 9 Nov 2010 08:55:20 +0000 (09:55 +0100)]
Fail silently without INVALID_SYNTAX if message not verified

9 years agoInclude suiteb test suite config in distribution
Martin Willi [Mon, 8 Nov 2010 15:45:48 +0000 (16:45 +0100)]
Include suiteb test suite config in distribution

9 years agoFixed loading of credentials using a relative path
Martin Willi [Tue, 2 Nov 2010 15:12:29 +0000 (16:12 +0100)]
Fixed loading of credentials using a relative path

9 years agoImplemented a add_notify hook to inject arbitrary Notify payloads
Martin Willi [Tue, 2 Nov 2010 14:51:56 +0000 (15:51 +0100)]
Implemented a add_notify hook to inject arbitrary Notify payloads

9 years agoMoved message()-hook invocation to generate_message(), catch pre-generated IKE_SA_INI...
Martin Willi [Tue, 2 Nov 2010 14:49:09 +0000 (15:49 +0100)]
Moved message()-hook invocation to generate_message(), catch pre-generated IKE_SA_INITs, too

9 years agoImplemented a hook to unsort payloads in messages
Martin Willi [Tue, 2 Nov 2010 13:55:18 +0000 (14:55 +0100)]
Implemented a hook to unsort payloads in messages

9 years agoSupport removal of payloads from messages
Martin Willi [Tue, 2 Nov 2010 13:30:45 +0000 (14:30 +0100)]
Support removal of payloads from messages

9 years agoAdded a message_t option to disable automatic payload sorting
Martin Willi [Tue, 2 Nov 2010 13:21:38 +0000 (14:21 +0100)]
Added a message_t option to disable automatic payload sorting

9 years agoAdded a fist hook to fill up IKE_AUTH messages with dummy certificates (1.1.1/1.2.1)
Martin Willi [Tue, 2 Nov 2010 11:14:03 +0000 (12:14 +0100)]
Added a fist hook to fill up IKE_AUTH messages with dummy certificates (1.1.1/1.2.1)

9 years agoImplemented cert payload constructor for custom encoding types
Martin Willi [Tue, 2 Nov 2010 11:13:03 +0000 (12:13 +0100)]
Implemented cert payload constructor for custom encoding types

9 years agoFix segfault if config not found
Martin Willi [Tue, 2 Nov 2010 11:12:42 +0000 (12:12 +0100)]
Fix segfault if config not found

9 years agoRead actions from test config, delayed execution
Martin Willi [Fri, 29 Oct 2010 13:45:58 +0000 (15:45 +0200)]
Read actions from test config, delayed execution

9 years agoSupport manually triggerd DPD check, even if DPD disabled in config
Martin Willi [Fri, 29 Oct 2010 13:36:19 +0000 (15:36 +0200)]
Support manually triggerd DPD check, even if DPD disabled in config

9 years agoLoad private keys from suite and test configs
Martin Willi [Fri, 29 Oct 2010 09:55:19 +0000 (11:55 +0200)]
Load private keys from suite and test configs

9 years agoLoad certificates from both, suite and test config
Martin Willi [Fri, 29 Oct 2010 09:47:25 +0000 (11:47 +0200)]
Load certificates from both, suite and test config

9 years agoLoad test and suite specific connection configurations
Martin Willi [Fri, 29 Oct 2010 08:34:08 +0000 (10:34 +0200)]
Load test and suite specific connection configurations

9 years agoLoad hooks based on listener dynamically
Martin Willi [Tue, 26 Oct 2010 08:51:28 +0000 (10:51 +0200)]
Load hooks based on listener dynamically

9 years agoLoad certificates from global suite configuration file
Martin Willi [Thu, 21 Oct 2010 14:36:40 +0000 (16:36 +0200)]
Load certificates from global suite configuration file

9 years agoAdded a Suite B conftest utility skeleton using libcharon
Martin Willi [Tue, 19 Oct 2010 12:42:47 +0000 (14:42 +0200)]
Added a Suite B conftest utility skeleton using libcharon

9 years agoAdded a CIDR notation based host constructor
Martin Willi [Fri, 29 Oct 2010 07:54:15 +0000 (09:54 +0200)]
Added a CIDR notation based host constructor

9 years agoMoved logger initialization from libcharon to charon
Martin Willi [Fri, 29 Oct 2010 07:39:19 +0000 (09:39 +0200)]
Moved logger initialization from libcharon to charon

9 years agoremoved superfluous s
Andreas Steffen [Wed, 5 Jan 2011 03:09:19 +0000 (04:09 +0100)]
removed superfluous s

9 years agoremove private_
Andreas Steffen [Wed, 5 Jan 2011 02:44:57 +0000 (03:44 +0100)]
remove private_

9 years agoremove private_
Andreas Steffen [Wed, 5 Jan 2011 02:44:28 +0000 (03:44 +0100)]
remove private_

9 years agocosmetics in debug output
Andreas Steffen [Wed, 5 Jan 2011 01:44:27 +0000 (02:44 +0100)]
cosmetics in debug output

9 years agodetect fragmentation of PB-TNC batch
Andreas Steffen [Wed, 5 Jan 2011 01:41:36 +0000 (02:41 +0100)]
detect fragmentation of PB-TNC batch

9 years agofixed typo
Andreas Steffen [Sun, 2 Jan 2011 05:52:32 +0000 (06:52 +0100)]
fixed typo

9 years agoreplaced spaces by tabs
Andreas Steffen [Thu, 30 Dec 2010 02:45:08 +0000 (03:45 +0100)]
replaced spaces by tabs

9 years agoversion bump to 4.5.1dr5
Andreas Steffen [Mon, 27 Dec 2010 12:49:32 +0000 (13:49 +0100)]
version bump to 4.5.1dr5

9 years agocommas are required
Andreas Steffen [Mon, 27 Dec 2010 07:26:29 +0000 (08:26 +0100)]
commas are required

9 years agoadded Sansar Choinambuu to copryright.c
Andreas Steffen [Mon, 27 Dec 2010 07:24:01 +0000 (08:24 +0100)]
added Sansar Choinambuu to copryright.c

9 years agounset RADIUSHOSTS after before loading new scenario
Andreas Steffen [Mon, 27 Dec 2010 05:26:17 +0000 (06:26 +0100)]
unset RADIUSHOSTS after before loading new scenario

9 years agoadded missing tfc argument to kernel_pfkey_ipsec interface
Andreas Steffen [Mon, 27 Dec 2010 04:53:36 +0000 (05:53 +0100)]
added missing tfc argument to kernel_pfkey_ipsec interface

9 years agoset tfcv3 flag TRUE in ha_dispatcher
Andreas Steffen [Sun, 26 Dec 2010 22:10:57 +0000 (23:10 +0100)]
set tfcv3 flag TRUE in ha_dispatcher

9 years agoimplemented wrap around of registered IKEv1 algorithm names
Andreas Steffen [Sun, 26 Dec 2010 16:11:02 +0000 (17:11 +0100)]
implemented wrap around of registered IKEv1 algorithm names

9 years agodisable AEAD crypto algorithm if no key size is supported
Andreas Steffen [Sat, 25 Dec 2010 15:14:55 +0000 (16:14 +0100)]
disable AEAD crypto algorithm if no key size is supported

9 years agodisable crypto algorithm if no key size is supported
Andreas Steffen [Sat, 25 Dec 2010 15:11:50 +0000 (16:11 +0100)]
disable crypto algorithm if no key size is supported

9 years agolog if an AEAD algorithm does not support a given key size
Andreas Steffen [Sat, 25 Dec 2010 14:53:15 +0000 (15:53 +0100)]
log if an AEAD algorithm does not support a given key size

9 years agolog if a crypto algorithm does not support a given key size
Andreas Steffen [Sat, 25 Dec 2010 14:49:29 +0000 (15:49 +0100)]
log if a crypto algorithm does not support a given key size

9 years agowrap list of IKEv2 algorithms after 120 characters per line
Andreas Steffen [Fri, 24 Dec 2010 16:29:51 +0000 (17:29 +0100)]
wrap list of IKEv2 algorithms after 120 characters per line

9 years agoMigrated stroke_list_t to INIT/METHOD macros
Andreas Steffen [Fri, 24 Dec 2010 13:29:09 +0000 (14:29 +0100)]
Migrated stroke_list_t to INIT/METHOD macros

9 years agoprinted plugin names have a hyphen
Andreas Steffen [Fri, 24 Dec 2010 04:53:27 +0000 (05:53 +0100)]
printed plugin names have a hyphen

9 years agoFixed public key construction from PKCS#11 private key
Martin Willi [Thu, 23 Dec 2010 09:29:01 +0000 (10:29 +0100)]
Fixed public key construction from PKCS#11 private key

9 years agoeliminated whitespace
Andreas Steffen [Tue, 21 Dec 2010 16:51:27 +0000 (17:51 +0100)]
eliminated whitespace

9 years agoMigrated child_create_t to INIT/METHOD macros
Andreas Steffen [Tue, 21 Dec 2010 16:45:10 +0000 (17:45 +0100)]
Migrated child_create_t to INIT/METHOD macros

9 years agoAdded NEWS for af-alg plugin
Martin Willi [Mon, 20 Dec 2010 09:22:14 +0000 (10:22 +0100)]
Added NEWS for af-alg plugin

9 years agoProbe for supported AF_ALG algorithms, register dynamically
Martin Willi [Mon, 8 Nov 2010 13:56:23 +0000 (14:56 +0100)]
Probe for supported AF_ALG algorithms, register dynamically

9 years agoRegister algorithms with dependencies only if dependency available
Martin Willi [Mon, 8 Nov 2010 13:20:15 +0000 (14:20 +0100)]
Register algorithms with dependencies only if dependency available

9 years agoRegister some less common AF_ALG ciphers (cast5, serpent, twofish, blowfish)
Martin Willi [Mon, 8 Nov 2010 10:58:01 +0000 (11:58 +0100)]
Register some less common AF_ALG ciphers (cast5, serpent, twofish, blowfish)

9 years agoImplemented PRFs using AF_ALG
Martin Willi [Mon, 8 Nov 2010 10:41:01 +0000 (11:41 +0100)]
Implemented PRFs using AF_ALG

9 years agoUse the AF_ALG wrapper in hasher, crypter and signer
Martin Willi [Mon, 8 Nov 2010 10:02:35 +0000 (10:02 +0000)]
Use the AF_ALG wrapper in hasher, crypter and signer

9 years agoUse a generic AF_ALG wrapper for common operations
Martin Willi [Mon, 8 Nov 2010 09:59:54 +0000 (10:59 +0100)]
Use a generic AF_ALG wrapper for common operations

9 years agoImplemented crypter on top of AF_ALG
Martin Willi [Sat, 6 Nov 2010 10:03:12 +0000 (11:03 +0100)]
Implemented crypter on top of AF_ALG

9 years agoImplemented signer interface using AF_ALG
Martin Willi [Fri, 5 Nov 2010 20:29:43 +0000 (21:29 +0100)]
Implemented signer interface using AF_ALG

9 years agoImplemented hasher based on AF_ALG
Martin Willi [Fri, 5 Nov 2010 15:55:53 +0000 (15:55 +0000)]
Implemented hasher based on AF_ALG

9 years agoAdded Linux AF_ALG header
Martin Willi [Fri, 5 Nov 2010 15:15:51 +0000 (16:15 +0100)]
Added Linux AF_ALG header

9 years agoAdded plugin stub for AF_ALG
Martin Willi [Fri, 5 Nov 2010 15:15:13 +0000 (16:15 +0100)]
Added plugin stub for AF_ALG

9 years agoAdded NEWS about TFC padding
Martin Willi [Mon, 20 Dec 2010 08:51:33 +0000 (09:51 +0100)]
Added NEWS about TFC padding

9 years agoAdded a tfc ipsec.conf keyword to control Traffic Flow Confidentiality
Martin Willi [Tue, 30 Nov 2010 18:19:56 +0000 (19:19 +0100)]
Added a tfc ipsec.conf keyword to control Traffic Flow Confidentiality