strongswan.git
10 years agoremoved debug output in IMC bind functions
Andreas Steffen [Thu, 11 Nov 2010 06:51:56 +0000 (07:51 +0100)]
removed debug output in IMC bind functions

10 years agoadded get_preferred_language() to tnc_imc
Andreas Steffen [Thu, 11 Nov 2010 06:30:13 +0000 (07:30 +0100)]
added get_preferred_language() to tnc_imc

10 years agocreated dummy have_recommendation() function
Andreas Steffen [Wed, 10 Nov 2010 21:42:36 +0000 (22:42 +0100)]
created dummy have_recommendation() function

10 years agoimplemented mutex locking the batch in construction
Andreas Steffen [Wed, 10 Nov 2010 21:22:27 +0000 (22:22 +0100)]
implemented mutex locking the batch in construction

10 years agofixed received test message
Andreas Steffen [Wed, 10 Nov 2010 21:02:20 +0000 (22:02 +0100)]
fixed received test message

10 years agoimplemented mutex locking the recommendations list
Andreas Steffen [Wed, 10 Nov 2010 20:53:17 +0000 (21:53 +0100)]
implemented mutex locking the recommendations list

10 years agodisplay ID of registered IMCs/IMVs
Andreas Steffen [Wed, 10 Nov 2010 20:30:50 +0000 (21:30 +0100)]
display ID of registered IMCs/IMVs

10 years agoimplemented recommendation storage
Andreas Steffen [Wed, 10 Nov 2010 20:23:10 +0000 (21:23 +0100)]
implemented recommendation storage

10 years agocreated enum names for action recommendations and evaluation results
Andreas Steffen [Wed, 10 Nov 2010 20:22:27 +0000 (21:22 +0100)]
created enum names for action recommendations and evaluation results

10 years agoremoved debug output of tnc_imv_bind_functions
Andreas Steffen [Wed, 10 Nov 2010 20:20:53 +0000 (21:20 +0100)]
removed debug output of tnc_imv_bind_functions

10 years agoDo not use CKA_TRUSTED attribute for Cryptoki version < 2.20, handling all certs...
Martin Willi [Wed, 10 Nov 2010 17:34:59 +0000 (18:34 +0100)]
Do not use CKA_TRUSTED attribute for Cryptoki version < 2.20, handling all certs as trusted

10 years agoAdd flags for PKCS#11 libraries with reduced feature set
Martin Willi [Wed, 10 Nov 2010 17:16:17 +0000 (18:16 +0100)]
Add flags for PKCS#11 libraries with reduced feature set

10 years agoenforce_recommendation inserts TNC group membership rules for IKE_SA
Andreas Steffen [Wed, 10 Nov 2010 16:59:41 +0000 (17:59 +0100)]
enforce_recommendation inserts TNC group membership rules for IKE_SA

10 years agodefined PB-TNC types
Andreas Steffen [Wed, 10 Nov 2010 14:44:51 +0000 (15:44 +0100)]
defined PB-TNC types

10 years agoappend any previously collection messages to batch
Andreas Steffen [Wed, 10 Nov 2010 14:44:09 +0000 (15:44 +0100)]
append any previously collection messages to batch

10 years agoread IMC/IMV configurations from /etc/tnc_config
Andreas Steffen [Wed, 10 Nov 2010 09:57:01 +0000 (10:57 +0100)]
read IMC/IMV configurations from /etc/tnc_config

10 years agounload the IMCs and IMVs using dlclose()
Andreas Steffen [Tue, 9 Nov 2010 11:45:21 +0000 (12:45 +0100)]
unload the IMCs and IMVs using dlclose()

10 years agoimplemented separate protocol and connection rwlocks
Andreas Steffen [Tue, 9 Nov 2010 11:30:26 +0000 (12:30 +0100)]
implemented separate protocol and connection rwlocks

10 years agoassign provide_recommendation callback function
Andreas Steffen [Mon, 8 Nov 2010 22:56:20 +0000 (23:56 +0100)]
assign provide_recommendation callback function

10 years agoimplemented batch_ending() and solicit_recommendation() functions
Andreas Steffen [Mon, 8 Nov 2010 22:13:40 +0000 (23:13 +0100)]
implemented batch_ending() and solicit_recommendation() functions

10 years agoadded get_count() method to IMC/IMV managers
Andreas Steffen [Mon, 8 Nov 2010 21:33:01 +0000 (22:33 +0100)]
added get_count() method to IMC/IMV managers

10 years agoabort if one of the IMCs or IMVs fail to initialize
Andreas Steffen [Mon, 8 Nov 2010 21:21:53 +0000 (22:21 +0100)]
abort if one of the IMCs or IMVs fail to initialize

10 years agoremoved whitespace
Andreas Steffen [Mon, 8 Nov 2010 18:39:16 +0000 (19:39 +0100)]
removed whitespace

10 years agoimplemented provide_recommendation callback function
Andreas Steffen [Mon, 8 Nov 2010 18:25:25 +0000 (19:25 +0100)]
implemented provide_recommendation callback function

10 years agoadded imc/imv_manager remove method
Andreas Steffen [Mon, 8 Nov 2010 14:53:50 +0000 (15:53 +0100)]
added imc/imv_manager remove method

10 years agoremoved dependencies from libtnc
Andreas Steffen [Mon, 8 Nov 2010 10:41:14 +0000 (11:41 +0100)]
removed dependencies from libtnc

10 years agoinsert IMV/IMC before providing BindFunction
Andreas Steffen [Sun, 7 Nov 2010 23:29:44 +0000 (00:29 +0100)]
insert IMV/IMC before providing BindFunction

10 years agotnc_imc/tnc_imv cosmetics
Andreas Steffen [Sun, 7 Nov 2010 11:16:52 +0000 (12:16 +0100)]
tnc_imc/tnc_imv cosmetics

10 years agotnccs header cosmetics
Andreas Steffen [Sun, 7 Nov 2010 11:03:26 +0000 (12:03 +0100)]
tnccs header cosmetics

10 years agoimv/imc header cosmetics
Andreas Steffen [Sun, 7 Nov 2010 10:56:56 +0000 (11:56 +0100)]
imv/imc header cosmetics

10 years agoimplemented receive_message() function
Andreas Steffen [Sun, 7 Nov 2010 00:17:21 +0000 (01:17 +0100)]
implemented receive_message() function

10 years agosupport of reportMessageTypes() function
Andreas Steffen [Sat, 6 Nov 2010 22:01:59 +0000 (23:01 +0100)]
support of reportMessageTypes() function

10 years agomoved TNCCS callback functions into bind_function.c
Andreas Steffen [Sat, 6 Nov 2010 19:38:59 +0000 (20:38 +0100)]
moved TNCCS callback functions into bind_function.c

10 years agoimplemented send_message() callback function
Andreas Steffen [Sat, 6 Nov 2010 19:13:41 +0000 (20:13 +0100)]
implemented send_message() callback function

10 years agoimplement IMC and IMV manager classes
Andreas Steffen [Fri, 5 Nov 2010 23:54:10 +0000 (00:54 +0100)]
implement IMC and IMV manager classes

10 years agocheck if optional terminate() function exists
Andreas Steffen [Thu, 4 Nov 2010 22:59:31 +0000 (23:59 +0100)]
check if optional terminate() function exists

10 years agoadded connection management to TNCCS manager
Andreas Steffen [Thu, 4 Nov 2010 22:56:16 +0000 (23:56 +0100)]
added connection management to TNCCS manager

10 years agoselect TNCCS protocol via charon.plugins.eap-tnc.protocol
Andreas Steffen [Thu, 4 Nov 2010 21:08:47 +0000 (22:08 +0100)]
select TNCCS protocol via charon.plugins.eap-tnc.protocol

10 years agochanged ACL properties of header files
Andreas Steffen [Thu, 4 Nov 2010 18:42:08 +0000 (19:42 +0100)]
changed ACL properties of header files

10 years agocleaned up whitespace
Andreas Steffen [Thu, 4 Nov 2010 15:19:39 +0000 (16:19 +0100)]
cleaned up whitespace

10 years agoimplemented IMC/IMV handler
Andreas Steffen [Thu, 4 Nov 2010 13:56:34 +0000 (14:56 +0100)]
implemented IMC/IMV handler

10 years agofixed memory leak in EAP-TTLS piggy-back mode
Andreas Steffen [Tue, 9 Nov 2010 19:35:53 +0000 (20:35 +0100)]
fixed memory leak in EAP-TTLS piggy-back mode

10 years agoAdded a stroke rekey command to trigger IKE/CHILD_SA rekeying manually
Martin Willi [Wed, 3 Nov 2010 14:12:05 +0000 (15:12 +0100)]
Added a stroke rekey command to trigger IKE/CHILD_SA rekeying manually

10 years agotwo fixes in tnccs_11
Andreas Steffen [Tue, 2 Nov 2010 09:46:30 +0000 (10:46 +0100)]
two fixes in tnccs_11

10 years agoRemoved signing artifact.
Tobias Brunner [Tue, 2 Nov 2010 08:30:09 +0000 (09:30 +0100)]
Removed signing artifact.

10 years agoremoved strongswan-4.5.0.tar.bz2.bak
Andreas Steffen [Mon, 1 Nov 2010 19:40:38 +0000 (20:40 +0100)]
removed strongswan-4.5.0.tar.bz2.bak

10 years agomoved tnccs-20 plugin in front of tnc-imv and intc-imc
Andreas Steffen [Mon, 1 Nov 2010 17:54:43 +0000 (18:54 +0100)]
moved tnccs-20 plugin in front of tnc-imv and intc-imc

10 years agoversion bump to 4.5.1
Andreas Steffen [Fri, 29 Oct 2010 07:30:57 +0000 (09:30 +0200)]
version bump to 4.5.1

10 years agoversion bump to 4.5.0 4.5.0
Andreas Steffen [Thu, 28 Oct 2010 18:23:59 +0000 (20:23 +0200)]
version bump to 4.5.0

10 years agocompleted NEWS for the 4.5.0 release
Andreas Steffen [Thu, 28 Oct 2010 18:23:22 +0000 (20:23 +0200)]
completed NEWS for the 4.5.0 release

10 years agoStore proposal number in proposal_t to reuse it in the selected proposal
Martin Willi [Thu, 28 Oct 2010 12:40:54 +0000 (14:40 +0200)]
Store proposal number in proposal_t to reuse it in the selected proposal

According to RFC 5996 3.3.1, we MUST reuse the proposal number of
the selected proposal in the SA payload reply.

10 years agoMigrated proposal_t to INIT/METHOD macros
Martin Willi [Thu, 28 Oct 2010 12:33:03 +0000 (14:33 +0200)]
Migrated proposal_t to INIT/METHOD macros

10 years agoMigrated proposal_substructure to INIT/METHOD macros, removed unused methods
Martin Willi [Thu, 28 Oct 2010 12:21:44 +0000 (14:21 +0200)]
Migrated proposal_substructure to INIT/METHOD macros, removed unused methods

10 years agoMigrated sa_payload to INIT/METHOD macros, removed unused methods
Martin Willi [Thu, 28 Oct 2010 12:21:02 +0000 (14:21 +0200)]
Migrated sa_payload to INIT/METHOD macros, removed unused methods

10 years agoRenamed mem_cred_t clear function internally to clear_, fixes potential name conflict
Martin Willi [Thu, 21 Oct 2010 14:35:01 +0000 (16:35 +0200)]
Renamed mem_cred_t clear function internally to clear_, fixes potential name conflict

10 years agopluto: Fixed a regression introduced in f565d0c575.
Tobias Brunner [Fri, 22 Oct 2010 09:34:11 +0000 (11:34 +0200)]
pluto: Fixed a regression introduced in f565d0c575.

Since scx_add could return a previously created smartcard object, using
sc->last_cert to store the newly added certificate could lead to segfaults.

10 years agopluto: Locking fixed in cert_add.
Tobias Brunner [Fri, 22 Oct 2010 09:05:10 +0000 (11:05 +0200)]
pluto: Locking fixed in cert_add.

10 years agopayloads are not aligned to 4 byte boundaries
Andreas Steffen [Mon, 25 Oct 2010 17:31:07 +0000 (19:31 +0200)]
payloads are not aligned to 4 byte boundaries

10 years agoversion bump to 4.5.0rc3
Andreas Steffen [Mon, 25 Oct 2010 16:20:30 +0000 (18:20 +0200)]
version bump to 4.5.0rc3

10 years agofixed 64 bit printf() issue
Andreas Steffen [Sun, 24 Oct 2010 18:30:19 +0000 (20:30 +0200)]
fixed 64 bit printf() issue

10 years agoUpdated Android.mk to latest Makefile.am.
Tobias Brunner [Thu, 21 Oct 2010 13:02:32 +0000 (15:02 +0200)]
Updated Android.mk to latest Makefile.am.

10 years agoAdded missing include for RAND_seed and RAND_status.
Tobias Brunner [Thu, 21 Oct 2010 12:16:09 +0000 (14:16 +0200)]
Added missing include for RAND_seed and RAND_status.

10 years agoSet ownership of all HA ClusterIP control files
Martin Willi [Wed, 20 Oct 2010 10:30:22 +0000 (12:30 +0200)]
Set ownership of all HA ClusterIP control files

10 years agoSet ownership/permissions of HA control socket
Martin Willi [Wed, 20 Oct 2010 10:29:45 +0000 (12:29 +0200)]
Set ownership/permissions of HA control socket

10 years agoChanged some minor stuff in ipsec.conf(5) man page.
Tobias Brunner [Tue, 19 Oct 2010 15:17:15 +0000 (17:17 +0200)]
Changed some minor stuff in ipsec.conf(5) man page.

Also added some "links" to strongswan.conf(5).

10 years agoAdded accepted values to all options in ipsec.conf(5) man page.
Tobias Brunner [Tue, 19 Oct 2010 15:16:07 +0000 (17:16 +0200)]
Added accepted values to all options in ipsec.conf(5) man page.

10 years agoRemoved unsupported options from ipsec.conf(5) man page.
Tobias Brunner [Tue, 19 Oct 2010 15:06:57 +0000 (17:06 +0200)]
Removed unsupported options from ipsec.conf(5) man page.

10 years agoFixed SEE ALSO references in main man pages.
Tobias Brunner [Tue, 19 Oct 2010 08:52:01 +0000 (10:52 +0200)]
Fixed SEE ALSO references in main man pages.

10 years agoAdded notes about expiry and rekey to ipsec.conf(5) man page.
Tobias Brunner [Tue, 19 Oct 2010 08:44:43 +0000 (10:44 +0200)]
Added notes about expiry and rekey to ipsec.conf(5) man page.

10 years agoPrefer the 'server identifier' attribute address to send DHCP requests to
Martin Willi [Mon, 18 Oct 2010 10:31:48 +0000 (12:31 +0200)]
Prefer the 'server identifier' attribute address to send DHCP requests to

10 years agoversion bump to 4.5.0rc2
Andreas Steffen [Sat, 16 Oct 2010 18:47:38 +0000 (20:47 +0200)]
version bump to 4.5.0rc2

10 years agodefine state_story for STATE_UNDEFINED
Andreas Steffen [Sat, 16 Oct 2010 14:15:10 +0000 (16:15 +0200)]
define state_story for STATE_UNDEFINED

10 years agoAdded some NEWS about Maemo, MOBIKE and the kernel interfaces.
Tobias Brunner [Fri, 15 Oct 2010 16:17:09 +0000 (18:17 +0200)]
Added some NEWS about Maemo, MOBIKE and the kernel interfaces.

10 years agoSome Doxygen fixes.
Tobias Brunner [Fri, 15 Oct 2010 16:14:48 +0000 (18:14 +0200)]
Some Doxygen fixes.

10 years agoMissed one unneeded destructor.
Tobias Brunner [Fri, 15 Oct 2010 15:33:57 +0000 (17:33 +0200)]
Missed one unneeded destructor.

10 years agoDeferred instantiation of socket implmentations until registration.
Tobias Brunner [Fri, 15 Oct 2010 15:24:23 +0000 (17:24 +0200)]
Deferred instantiation of socket implmentations until registration.

Instantiating the implementations on plugin load was problematic
in case multiple socket plugins were loaded. Now, the first one
registered is instantiated.

10 years agofix segfault when reading certificate from smartcard
Egbert Koening [Fri, 15 Oct 2010 09:09:24 +0000 (11:09 +0200)]
fix segfault when reading certificate from smartcard

10 years agoAdded some generated files to .gitignore.
Tobias Brunner [Fri, 15 Oct 2010 08:23:32 +0000 (10:23 +0200)]
Added some generated files to .gitignore.

10 years agoAdded NEWS about multiple RADIUS servers, LED plugin
Martin Willi [Fri, 15 Oct 2010 08:13:35 +0000 (10:13 +0200)]
Added NEWS about multiple RADIUS servers, LED plugin

10 years agoFixed IKEv2 RFC number in NEWS
Martin Willi [Fri, 15 Oct 2010 08:00:55 +0000 (10:00 +0200)]
Fixed IKEv2 RFC number in NEWS

10 years agoIKEv2 is now the default key exchange protocol
Andreas Steffen [Thu, 14 Oct 2010 19:28:05 +0000 (21:28 +0200)]
IKEv2 is now the default key exchange protocol

10 years agoadded TNC support to NEWS
Andreas Steffen [Thu, 14 Oct 2010 19:20:27 +0000 (21:20 +0200)]
added TNC support to NEWS

10 years agodo not send certificate requests in EAP-ONLY scenarios
Andreas Steffen [Thu, 14 Oct 2010 19:10:03 +0000 (21:10 +0200)]
do not send certificate requests in EAP-ONLY scenarios

10 years agosuport certificate-based client authentication with EAP-TTLS
Andreas Steffen [Thu, 14 Oct 2010 19:00:26 +0000 (21:00 +0200)]
suport certificate-based client authentication with EAP-TTLS

10 years agoadded ikev2/rw-eap-tnc-ls scenario
Andreas Steffen [Thu, 14 Oct 2010 18:55:21 +0000 (20:55 +0200)]
added ikev2/rw-eap-tnc-ls scenario

10 years agoMoved sources of the NetworkManager plugin to src/frontends.
Tobias Brunner [Thu, 14 Oct 2010 15:45:19 +0000 (17:45 +0200)]
Moved sources of the NetworkManager plugin to src/frontends.

10 years agoMaemo: Added a basic debian package for charon.
Tobias Brunner [Thu, 14 Oct 2010 15:33:42 +0000 (17:33 +0200)]
Maemo: Added a basic debian package for charon.

10 years agoAvoid recursive loop if no socket implementations are loaded.
Tobias Brunner [Thu, 14 Oct 2010 15:10:13 +0000 (17:10 +0200)]
Avoid recursive loop if no socket implementations are loaded.

10 years agoMaemo: Added a widget to "unselect" a certificate.
Tobias Brunner [Thu, 14 Oct 2010 15:01:08 +0000 (17:01 +0200)]
Maemo: Added a widget to "unselect" a certificate.

10 years agoAvoid duplicate certificates in mem_cred_t.
Tobias Brunner [Thu, 14 Oct 2010 13:25:57 +0000 (15:25 +0200)]
Avoid duplicate certificates in mem_cred_t.

10 years agoMaemo: Load CA certificates from system directories.
Tobias Brunner [Thu, 14 Oct 2010 13:00:19 +0000 (15:00 +0200)]
Maemo: Load CA certificates from system directories.

10 years agoMaemo: OK is default response in password dialog.
Tobias Brunner [Thu, 30 Sep 2010 13:22:59 +0000 (15:22 +0200)]
Maemo: OK is default response in password dialog.

10 years agoMaemo: Handle status changes from charon.
Tobias Brunner [Thu, 30 Sep 2010 11:50:28 +0000 (13:50 +0200)]
Maemo: Handle status changes from charon.

Use synchronous invocation for "Connect" again.

10 years agoMaemo: Track the status of the current SA and send changes to the frontend.
Tobias Brunner [Thu, 30 Sep 2010 11:46:50 +0000 (13:46 +0200)]
Maemo: Track the status of the current SA and send changes to the frontend.

10 years agoMaemo: Properly unregister the RPC callbacks.
Tobias Brunner [Thu, 30 Sep 2010 11:43:58 +0000 (13:43 +0200)]
Maemo: Properly unregister the RPC callbacks.

10 years agoMaemo: Plugin implements the listener_t interface.
Tobias Brunner [Fri, 24 Sep 2010 14:45:33 +0000 (16:45 +0200)]
Maemo: Plugin implements the listener_t interface.

10 years agoMaemo: Extracted most plugin code to a separate class, so we can use that as listener.
Tobias Brunner [Fri, 24 Sep 2010 14:37:18 +0000 (16:37 +0200)]
Maemo: Extracted most plugin code to a separate class, so we can use that as listener.

10 years agoMaemo: Initiate consumes a child_sa reference, so get an additional one.
Tobias Brunner [Fri, 24 Sep 2010 14:27:02 +0000 (16:27 +0200)]
Maemo: Initiate consumes a child_sa reference, so get an additional one.

10 years agoMaemo: Basic functionality added to notify the applet about status updates.
Tobias Brunner [Fri, 24 Sep 2010 14:15:04 +0000 (16:15 +0200)]
Maemo: Basic functionality added to notify the applet about status updates.

10 years agoMaemo: Clear the credentials before each connection attempt.
Tobias Brunner [Fri, 24 Sep 2010 12:37:11 +0000 (14:37 +0200)]
Maemo: Clear the credentials before each connection attempt.