strongswan.git
10 years agoMigrated sha1_hasher to INIT/METHOD macros
Andreas Steffen [Wed, 28 Sep 2011 01:52:43 +0000 (03:52 +0200)]
Migrated sha1_hasher to INIT/METHOD macros

10 years agoMigrated md5_hasher to INIT/METHOD macros
Andreas Steffen [Wed, 28 Sep 2011 01:44:02 +0000 (03:44 +0200)]
Migrated md5_hasher to INIT/METHOD macros

10 years agoMigrated md4_hasher to INIT/METHOD macros
Andreas Steffen [Wed, 28 Sep 2011 01:39:04 +0000 (03:39 +0200)]
Migrated md4_hasher to INIT/METHOD macros

10 years agoMigrated pubkey_cert to INIT/METHOD macros
Andreas Steffen [Wed, 28 Sep 2011 01:28:43 +0000 (03:28 +0200)]
Migrated pubkey_cert to INIT/METHOD macros

10 years agoDocumented the strict flag (!) for ike and esp options in ipsec.conf.
Tobias Brunner [Mon, 26 Sep 2011 15:48:16 +0000 (17:48 +0200)]
Documented the strict flag (!) for ike and esp options in ipsec.conf.

10 years agoLoad eap-aka plugin before shared simaka helpers depending on it
Martin Willi [Mon, 26 Sep 2011 13:43:38 +0000 (13:43 +0000)]
Load eap-aka plugin before shared simaka helpers depending on it

10 years agoversion bump to 4.6.0dr4
Andreas Steffen [Tue, 13 Sep 2011 21:32:03 +0000 (23:32 +0200)]
version bump to 4.6.0dr4

10 years agoSend AT_NEXT_PSEUDONYM also if an AT_NEXT_REAUTH_ID is already added.
Tobias Brunner [Tue, 13 Sep 2011 09:09:07 +0000 (11:09 +0200)]
Send AT_NEXT_PSEUDONYM also if an AT_NEXT_REAUTH_ID is already added.

10 years agoPTS log group documented in man pages.
Tobias Brunner [Mon, 12 Sep 2011 13:05:43 +0000 (15:05 +0200)]
PTS log group documented in man pages.

10 years agoDocument charon's default log levels in ipsec.conf(5).
Tobias Brunner [Mon, 12 Sep 2011 12:54:26 +0000 (14:54 +0200)]
Document charon's default log levels in ipsec.conf(5).

10 years agoReturn allocated variable in INIT()
Martin Willi [Thu, 19 May 2011 11:42:17 +0000 (13:42 +0200)]
Return allocated variable in INIT()

10 years agoClear traps during shutdown before unloading kernel plugins
Martin Willi [Wed, 29 Jun 2011 10:08:24 +0000 (12:08 +0200)]
Clear traps during shutdown before unloading kernel plugins

10 years agoDestroy kernel interface during deregistration, as the plugin goes afterwards
Martin Willi [Wed, 29 Jun 2011 09:59:43 +0000 (11:59 +0200)]
Destroy kernel interface during deregistration, as the plugin goes afterwards

10 years agoAdd missing semicolon
Martin Willi [Thu, 19 May 2011 11:41:31 +0000 (13:41 +0200)]
Add missing semicolon

10 years agoadded PTS debug class
Andreas Steffen [Sat, 10 Sep 2011 22:11:04 +0000 (00:11 +0200)]
added PTS debug class

10 years agoused request ID in message request output
Andreas Steffen [Sat, 10 Sep 2011 21:01:29 +0000 (23:01 +0200)]
used request ID in message request output

10 years agointroduced a PA-TNC attribute manager
Andreas Steffen [Sat, 10 Sep 2011 20:35:43 +0000 (22:35 +0200)]
introduced a PA-TNC attribute manager

10 years agocorrectly initialize error_code
Andreas Steffen [Sat, 10 Sep 2011 09:57:17 +0000 (11:57 +0200)]
correctly initialize error_code

10 years agodefine attr_info only once
Andreas Steffen [Sat, 10 Sep 2011 09:56:43 +0000 (11:56 +0200)]
define attr_info only once

10 years agoremoved whitespace
Andreas Steffen [Sat, 10 Sep 2011 09:34:52 +0000 (11:34 +0200)]
removed whitespace

10 years agodecoupled request ID from files table primary key
Andreas Steffen [Sat, 10 Sep 2011 09:24:39 +0000 (11:24 +0200)]
decoupled request ID from files table primary key

10 years agocosmetics
Andreas Steffen [Sat, 10 Sep 2011 09:02:19 +0000 (11:02 +0200)]
cosmetics

10 years agoproperly close Tspi_Context
Andreas Steffen [Sat, 10 Sep 2011 08:55:21 +0000 (10:55 +0200)]
properly close Tspi_Context

10 years agowhitelist glibc instead of TrouSerS functions
Andreas Steffen [Sat, 10 Sep 2011 08:54:33 +0000 (10:54 +0200)]
whitelist glibc instead of TrouSerS functions

10 years agodetermine machine architecture programmatically
Andreas Steffen [Fri, 9 Sep 2011 18:50:36 +0000 (20:50 +0200)]
determine machine architecture programmatically

10 years agodetermine version for various Linux releases
Andreas Steffen [Fri, 9 Sep 2011 17:18:40 +0000 (19:18 +0200)]
determine version for various Linux releases

10 years agoImplemented PTS attributes Request File Metadata, Unix-Style File Metadata
Sansar Choinyambuu [Fri, 9 Sep 2011 13:48:16 +0000 (15:48 +0200)]
Implemented PTS attributes Request File Metadata, Unix-Style File Metadata

10 years agoFile not Found, Invalid path, Invalid Delimiter PTS errors case checks implemented
Sansar Choinyambuu [Fri, 9 Sep 2011 09:23:19 +0000 (11:23 +0200)]
File not Found, Invalid path, Invalid Delimiter PTS errors case checks implemented

10 years agodue to a bug fix reverted to the previous RULE_CRL_VALIDATION check
Andreas Steffen [Fri, 9 Sep 2011 07:25:44 +0000 (09:25 +0200)]
due to a bug fix reverted to the previous RULE_CRL_VALIDATION check

10 years agoadded Gentoo UML file measurements
Andreas Steffen [Thu, 8 Sep 2011 17:32:19 +0000 (19:32 +0200)]
added Gentoo UML file measurements

10 years agoredirect stderr of command to /dev/null
Andreas Steffen [Thu, 8 Sep 2011 16:29:52 +0000 (18:29 +0200)]
redirect stderr of command to /dev/null

10 years agoadded leaky TrouSerS functions to whitelist
Andreas Steffen [Thu, 8 Sep 2011 16:22:43 +0000 (18:22 +0200)]
added leaky TrouSerS functions to whitelist

10 years agofixed memory leak
Andreas Steffen [Thu, 8 Sep 2011 16:21:49 +0000 (18:21 +0200)]
fixed memory leak

10 years agocheck if pts_credmgr exists
Andreas Steffen [Thu, 8 Sep 2011 15:28:07 +0000 (17:28 +0200)]
check if pts_credmgr exists

10 years agomove state change to head of section
Andreas Steffen [Thu, 8 Sep 2011 15:15:20 +0000 (17:15 +0200)]
move state change to head of section

10 years agocreated libpts
Andreas Steffen [Thu, 8 Sep 2011 10:05:55 +0000 (12:05 +0200)]
created libpts

10 years agocheck files in alphabetical order
Andreas Steffen [Wed, 7 Sep 2011 23:42:09 +0000 (01:42 +0200)]
check files in alphabetical order

10 years agolittle bug fix
Andreas Steffen [Wed, 7 Sep 2011 23:34:24 +0000 (01:34 +0200)]
little bug fix

10 years agobeautified AIK verification
Andreas Steffen [Wed, 7 Sep 2011 23:13:36 +0000 (01:13 +0200)]
beautified AIK verification

10 years agorefactored measurement verification
Andreas Steffen [Wed, 7 Sep 2011 22:49:19 +0000 (00:49 +0200)]
refactored measurement verification

10 years agorefactored file measurement request list
Andreas Steffen [Wed, 7 Sep 2011 20:39:03 +0000 (22:39 +0200)]
refactored file measurement request list

10 years agoAdded Check_Measurement function to pts_database instead of returning enumerator...
Sansar Choinyambuu [Wed, 7 Sep 2011 14:45:37 +0000 (16:45 +0200)]
Added Check_Measurement function to pts_database instead of returning enumerator over hashes
List of requested files/directories are kept within imv state now
Allocated memory for entries in files_in_dir_with_meas list

10 years agoAdded Check_Measurement function to pts_database instead of returning enumerator...
Sansar Choinyambuu [Wed, 7 Sep 2011 13:38:58 +0000 (15:38 +0200)]
Added Check_Measurement function to pts_database instead of returning enumerator over hashes
List of requested files/directories are kept within imv state now
Allocated memory for entries in files_in_dir_with_meas list

10 years agocheck if AIK certificate is trusted
Andreas Steffen [Wed, 7 Sep 2011 09:00:46 +0000 (11:00 +0200)]
check if AIK certificate is trusted

10 years agofixed typo
Andreas Steffen [Wed, 7 Sep 2011 08:43:28 +0000 (10:43 +0200)]
fixed typo

10 years agolexparser was not used
Andreas Steffen [Wed, 7 Sep 2011 07:44:59 +0000 (09:44 +0200)]
lexparser was not used

10 years agouse arch instead of uname -p
Andreas Steffen [Wed, 7 Sep 2011 07:02:47 +0000 (09:02 +0200)]
use arch instead of uname -p

10 years agoAdded destroy functions for linked lists
Sansar Choinyambuu [Wed, 7 Sep 2011 06:50:13 +0000 (08:50 +0200)]
Added destroy functions for linked lists

10 years agoadded strongswan.conf attributes for attestation IMC/IMV
Andreas Steffen [Wed, 7 Sep 2011 06:02:44 +0000 (08:02 +0200)]
added strongswan.conf attributes for attestation IMC/IMV

10 years agoallow to override platform info
Andreas Steffen [Wed, 7 Sep 2011 05:48:08 +0000 (07:48 +0200)]
allow to override platform info

10 years agocosmetics
Andreas Steffen [Wed, 7 Sep 2011 05:40:42 +0000 (07:40 +0200)]
cosmetics

10 years agochange measurement not found debug level
Andreas Steffen [Tue, 6 Sep 2011 23:14:26 +0000 (01:14 +0200)]
change measurement not found debug level

10 years agoget platform info from IMC
Andreas Steffen [Tue, 6 Sep 2011 22:48:25 +0000 (00:48 +0200)]
get platform info from IMC

10 years agoadded some more entries to file hashes database
Andreas Steffen [Mon, 5 Sep 2011 20:32:17 +0000 (22:32 +0200)]
added some more entries to file hashes database

10 years agoadded libxt_udp.so and libxt_tcp.so for Ubuntu 11.4 i686
Andreas Steffen [Mon, 5 Sep 2011 18:58:19 +0000 (20:58 +0200)]
added libxt_udp.so and libxt_tcp.so for Ubuntu 11.4 i686

10 years agoadded a PTS credential set
Andreas Steffen [Mon, 5 Sep 2011 16:19:50 +0000 (18:19 +0200)]
added a PTS credential set

10 years agoVerification of directory contents measurements implemented
Sansar Choinyambuu [Mon, 5 Sep 2011 15:52:31 +0000 (17:52 +0200)]
Verification of directory contents measurements implemented

10 years agoAdded measurements for libxt_udp.so and libxt_tcp.so to check dir measuring
Sansar Choinyambuu [Mon, 5 Sep 2011 15:51:37 +0000 (17:51 +0200)]
Added measurements for libxt_udp.so and libxt_tcp.so to check dir measuring

10 years agoAdded directory column with default value of zero into file_hashes table
Sansar Choinyambuu [Mon, 5 Sep 2011 15:50:49 +0000 (17:50 +0200)]
Added directory column with default value of zero into file_hashes table

10 years agoreverted aik_cert and aik_key parameters
Andreas Steffen [Mon, 5 Sep 2011 11:01:53 +0000 (13:01 +0200)]
reverted aik_cert and aik_key parameters

10 years agodebug output while loading AIK credentials
Andreas Steffen [Mon, 5 Sep 2011 10:44:54 +0000 (12:44 +0200)]
debug output while loading AIK credentials

10 years agofixed encoding of AIK certificates and public keys
Andreas Steffen [Mon, 5 Sep 2011 10:43:18 +0000 (12:43 +0200)]
fixed encoding of AIK certificates and public keys

10 years agomake encoding of CERT_TRUSTED_PUBKEY configurable
Andreas Steffen [Mon, 5 Sep 2011 10:42:22 +0000 (12:42 +0200)]
make encoding of CERT_TRUSTED_PUBKEY configurable

10 years agoInserted missing "!" mark
Sansar Choinyambuu [Mon, 5 Sep 2011 10:36:56 +0000 (12:36 +0200)]
Inserted missing "!" mark
Changed variable name for AIK cert, key paths in strongswan.conf

10 years agorefactored AIK functionality
Andreas Steffen [Mon, 5 Sep 2011 09:15:34 +0000 (11:15 +0200)]
refactored AIK functionality

10 years agoRemoved identity.c related references and variables
Sansar Choinyambuu [Mon, 5 Sep 2011 09:04:47 +0000 (11:04 +0200)]
Removed identity.c related references and variables

10 years agoDelete unnecessary fake_ek_cert header file
Sansar Choinyambuu [Mon, 5 Sep 2011 08:40:16 +0000 (10:40 +0200)]
Delete unnecessary fake_ek_cert header file

10 years agoRead AIK certificate/ AIK public key from file
Sansar Choinyambuu [Fri, 2 Sep 2011 14:07:39 +0000 (16:07 +0200)]
Read AIK certificate/ AIK public key from file

10 years agoEnforced strongSwan coding rules (tab, if, {)
Sansar Choinyambuu [Fri, 2 Sep 2011 07:39:11 +0000 (09:39 +0200)]
Enforced strongSwan coding rules (tab, if, {)

10 years agoInitialized ekcertlen with 0
Sansar Choinyambuu [Fri, 2 Sep 2011 06:51:04 +0000 (08:51 +0200)]
Initialized ekcertlen with 0

10 years agoremoved static keyword
Sansar Choinyambuu [Fri, 2 Sep 2011 06:48:26 +0000 (08:48 +0200)]
removed static keyword

10 years agoadded fake_ek_cert.h to makefile.am
Sansar Choinyambuu [Fri, 2 Sep 2011 06:45:26 +0000 (08:45 +0200)]
added fake_ek_cert.h to makefile.am

10 years agoIncluded fake_ek_cert header back
Sansar Choinyambuu [Fri, 2 Sep 2011 06:42:19 +0000 (08:42 +0200)]
Included fake_ek_cert header back

10 years agoAdded fake_ek_cert.h
Sansar Choinyambuu [Fri, 2 Sep 2011 06:26:49 +0000 (08:26 +0200)]
Added fake_ek_cert.h

10 years agosend TCG_PTS_TPM_VERS_NOT_SUPPORTED error code
Andreas Steffen [Thu, 1 Sep 2011 19:22:51 +0000 (21:22 +0200)]
send TCG_PTS_TPM_VERS_NOT_SUPPORTED error code

10 years agoimplemented first TCG-PTS error attribute
Andreas Steffen [Thu, 1 Sep 2011 19:00:20 +0000 (21:00 +0200)]
implemented first TCG-PTS error attribute

10 years agoadded some pts database entries
Andreas Steffen [Thu, 1 Sep 2011 15:14:09 +0000 (17:14 +0200)]
added some pts database entries

10 years agodisplay the measured file count
Andreas Steffen [Thu, 1 Sep 2011 14:50:40 +0000 (16:50 +0200)]
display the measured file count

10 years agofixed measurement of directory contents
Andreas Steffen [Thu, 1 Sep 2011 14:27:18 +0000 (16:27 +0200)]
fixed measurement of directory contents

10 years agoadded directory entry to database
Andreas Steffen [Thu, 1 Sep 2011 14:26:30 +0000 (16:26 +0200)]
added directory entry to database

10 years agoreordered file hash entries
Andreas Steffen [Thu, 1 Sep 2011 13:49:34 +0000 (15:49 +0200)]
reordered file hash entries

10 years agofinished refactoring of file measurements
Andreas Steffen [Thu, 1 Sep 2011 13:42:35 +0000 (15:42 +0200)]
finished refactoring of file measurements

10 years agosome doxygen fixes
Andreas Steffen [Wed, 31 Aug 2011 15:22:22 +0000 (17:22 +0200)]
some doxygen fixes

10 years agofirst stage of file_meas refactoring
Andreas Steffen [Wed, 31 Aug 2011 14:52:31 +0000 (16:52 +0200)]
first stage of file_meas refactoring

10 years agoObtain AIK and exchange as PEM certificate done
Sansar Choinyambuu [Wed, 31 Aug 2011 15:36:16 +0000 (17:36 +0200)]
Obtain AIK and exchange as PEM certificate done
Fixed the trashy tail of last file name in Request File Measurement

10 years agoStarted implementing obtaining of AIK
Sansar Choinyambuu [Wed, 31 Aug 2011 13:04:05 +0000 (15:04 +0200)]
Started implementing obtaining of AIK

10 years agoRestore flag calculation
Sansar Choinyambuu [Wed, 31 Aug 2011 13:03:21 +0000 (15:03 +0200)]
Restore flag calculation

10 years agoReading and writing flags directly
Sansar Choinyambuu [Wed, 31 Aug 2011 06:46:29 +0000 (08:46 +0200)]
Reading and writing flags directly

10 years agoSHA384 is set as strongest hashing algorithm
Sansar Choinyambuu [Wed, 31 Aug 2011 06:16:53 +0000 (08:16 +0200)]
SHA384 is set as strongest hashing algorithm

10 years agoAdded empty getter/setter for AIK
Sansar Choinyambuu [Fri, 26 Aug 2011 12:16:12 +0000 (14:16 +0200)]
Added empty getter/setter for AIK

10 years agoDeleted switch statement for hashing algorithms, using the integer field directly...
Sansar Choinyambuu [Fri, 26 Aug 2011 12:14:43 +0000 (14:14 +0200)]
Deleted switch statement for hashing algorithms, using the integer field directly for the query

10 years agoReplaced reason strings with temporary ones for File Measurement Comparison
Sansar Choinyambuu [Fri, 26 Aug 2011 09:56:50 +0000 (11:56 +0200)]
Replaced reason strings with temporary ones for File Measurement Comparison

10 years agoProvide recommendation after all received attributes are handled
Sansar Choinyambuu [Fri, 26 Aug 2011 09:22:43 +0000 (11:22 +0200)]
Provide recommendation after all received attributes are handled

10 years agoClone the path chunk before adding to measurements list
Sansar Choinyambuu [Fri, 26 Aug 2011 09:20:47 +0000 (11:20 +0200)]
Clone the path chunk before adding to measurements list

10 years agoDestroy meas_enumerator
Sansar Choinyambuu [Fri, 26 Aug 2011 08:12:33 +0000 (10:12 +0200)]
Destroy meas_enumerator

10 years agoAdded create_meas_enumerator function to pts_database object
Sansar Choinyambuu [Fri, 26 Aug 2011 08:08:16 +0000 (10:08 +0200)]
Added create_meas_enumerator function to pts_database object
Implemented handling part of File Measurement attributes reception
Ending the exchange and allowing access if all measurements match with database isolate if not

10 years agoCorrected output length for SHA256 algorithm
Sansar Choinyambuu [Fri, 26 Aug 2011 08:07:31 +0000 (10:07 +0200)]
Corrected output length for SHA256 algorithm

10 years agoDeleted filter for measurement enumerator
Sansar Choinyambuu [Fri, 26 Aug 2011 08:06:46 +0000 (10:06 +0200)]
Deleted filter for measurement enumerator

10 years agoThe file and directory lists are queried from db
Sansar Choinyambuu [Wed, 24 Aug 2011 14:25:37 +0000 (16:25 +0200)]
The file and directory lists are queried from db
Request File Measurements sending and handling is implemented accordingly
Measuring the file and directories are tested

10 years agoDeleted unnecessary debug statement
Sansar Choinyambuu [Wed, 24 Aug 2011 14:24:43 +0000 (16:24 +0200)]
Deleted unnecessary debug statement