strongswan.git
14 years agoadded two-certs scenario
Andreas Steffen [Tue, 15 May 2007 15:54:06 +0000 (15:54 -0000)]
added two-certs scenario

14 years agoadapted authentication failure text to those in the authenticators
Andreas Steffen [Tue, 15 May 2007 14:52:44 +0000 (14:52 -0000)]
adapted authentication failure text to those in the authenticators

14 years agoverification of locally loaded peer certificates
Andreas Steffen [Tue, 15 May 2007 14:51:04 +0000 (14:51 -0000)]
verification of locally loaded peer certificates

14 years agosupport of multiple certificates with same peer id
Andreas Steffen [Tue, 15 May 2007 12:46:05 +0000 (12:46 -0000)]
support of multiple certificates with same peer id

14 years agocosmetics
Andreas Steffen [Tue, 15 May 2007 12:45:19 +0000 (12:45 -0000)]
cosmetics

14 years agoworking dummy for NetworkManager DBUS interface
Martin Willi [Mon, 14 May 2007 13:22:04 +0000 (13:22 -0000)]
working dummy for NetworkManager DBUS interface
  more a tech demo

14 years agoversion bump to 4.1.3
Andreas Steffen [Thu, 10 May 2007 12:40:09 +0000 (12:40 -0000)]
version bump to 4.1.3

14 years agosimplified capability dropping
Martin Willi [Wed, 9 May 2007 13:12:06 +0000 (13:12 -0000)]
simplified capability dropping

14 years agoproperly implemented interface_managers initiate, terminte_[ike|child]
Martin Willi [Wed, 9 May 2007 12:33:08 +0000 (12:33 -0000)]
properly implemented interface_managers initiate, terminte_[ike|child]
proper thread release when stroke is CTRL+C'ed
fixed some permission issues

14 years agoproperly ignoring signals rised by a thread which is in listening state
Martin Willi [Tue, 8 May 2007 12:58:33 +0000 (12:58 -0000)]
properly ignoring signals rised by a thread which is in listening state

14 years agochanging UID/GID after startup of pluto/charon
Martin Willi [Mon, 7 May 2007 12:38:46 +0000 (12:38 -0000)]
changing UID/GID after startup of pluto/charon
added --with-uid/--with-gid configure option

14 years agoextended interface_manager (more work needed here)
Martin Willi [Thu, 3 May 2007 14:22:52 +0000 (14:22 -0000)]
extended interface_manager (more work needed here)

14 years agoallow to have listening state TRUE while sending singal ourself
Martin Willi [Thu, 3 May 2007 14:22:15 +0000 (14:22 -0000)]
allow to have listening state TRUE while sending singal ourself

14 years agoreducing capabilities of the threads to a minimum
Martin Willi [Thu, 3 May 2007 14:21:22 +0000 (14:21 -0000)]
reducing capabilities of the threads to a minimum
proper flush of pending packets on daemon shutdown
adding local address as gateway address in dynamic route

14 years agosetting MALLOC_CHECK_=0 for charon to not use glibc's malloc checker
Martin Willi [Wed, 2 May 2007 09:59:47 +0000 (09:59 -0000)]
setting MALLOC_CHECK_=0 for charon to not use glibc's malloc checker

14 years agoadded more API documentation to backends/interfaces
Martin Willi [Mon, 30 Apr 2007 10:23:01 +0000 (10:23 -0000)]
added more API documentation to backends/interfaces

14 years agoadded udp.h 4.1.2
Andreas Steffen [Sun, 29 Apr 2007 19:48:54 +0000 (19:48 -0000)]
added udp.h

14 years agofixed include
Andreas Steffen [Sun, 29 Apr 2007 19:31:27 +0000 (19:31 -0000)]
fixed include

14 years agolocal include of pfkeyv2.h and netlink.h
Andreas Steffen [Sun, 29 Apr 2007 19:23:56 +0000 (19:23 -0000)]
local include of pfkeyv2.h and netlink.h

14 years agoreverted to original header files
Andreas Steffen [Sun, 29 Apr 2007 18:19:02 +0000 (18:19 -0000)]
reverted to original header files

14 years agoactually not needed
Andreas Steffen [Sat, 28 Apr 2007 21:32:57 +0000 (21:32 -0000)]
actually not needed

14 years agoactually not needed
Andreas Steffen [Sat, 28 Apr 2007 21:28:19 +0000 (21:28 -0000)]
actually not needed

14 years agoactually not needed
Andreas Steffen [Sat, 28 Apr 2007 21:28:08 +0000 (21:28 -0000)]
actually not needed

14 years agoadded compiler.h filter.h in.h and udp.h to src/include/linux/
Andreas Steffen [Sat, 28 Apr 2007 21:18:56 +0000 (21:18 -0000)]
added compiler.h filter.h in.h and udp.h to src/include/linux/

14 years agoadded netlink.h and rtnetlink.h to src/include/linux
Andreas Steffen [Sat, 28 Apr 2007 20:35:23 +0000 (20:35 -0000)]
added netlink.h and rtnetlink.h to src/include/linux

14 years agomoved linux26/rtnetlink.h and linux26/netlink.h to src/include/linux
Andreas Steffen [Sat, 28 Apr 2007 20:35:06 +0000 (20:35 -0000)]
moved linux26/rtnetlink.h and linux26/netlink.h to src/include/linux

14 years agoadded netlink.h and rtnetlink.h to src/include/linux
Andreas Steffen [Sat, 28 Apr 2007 20:33:19 +0000 (20:33 -0000)]
added netlink.h and rtnetlink.h to src/include/linux

14 years agomoved linux26/rtnetlink.h and linux26/netlink.h to src/include/linux
Andreas Steffen [Sat, 28 Apr 2007 20:31:40 +0000 (20:31 -0000)]
moved linux26/rtnetlink.h and linux26/netlink.h to src/include/linux

14 years agoadded esp-alg-aesxcbc scenario
Andreas Steffen [Sat, 28 Apr 2007 20:01:06 +0000 (20:01 -0000)]
added esp-alg-aesxcbc scenario

14 years agofixed evaltest.dat
Andreas Steffen [Sat, 28 Apr 2007 20:00:39 +0000 (20:00 -0000)]
fixed evaltest.dat

14 years agocrlNumber is now listed by ipsec listcrls
Andreas Steffen [Fri, 27 Apr 2007 22:45:24 +0000 (22:45 -0000)]
crlNumber is now listed by ipsec listcrls

14 years agolist crlnumber
Andreas Steffen [Fri, 27 Apr 2007 22:36:29 +0000 (22:36 -0000)]
list crlnumber

14 years agolist crlnumber
Andreas Steffen [Fri, 27 Apr 2007 22:27:22 +0000 (22:27 -0000)]
list crlnumber

14 years agoadded crlNumber OID
Andreas Steffen [Fri, 27 Apr 2007 22:04:08 +0000 (22:04 -0000)]
added crlNumber OID

14 years agoadded crlNumber OID
Andreas Steffen [Fri, 27 Apr 2007 22:03:46 +0000 (22:03 -0000)]
added crlNumber OID

14 years agogenerated new winnetou certificate
Andreas Steffen [Fri, 27 Apr 2007 21:41:27 +0000 (21:41 -0000)]
generated new winnetou certificate

14 years agoadded crlnumber
Andreas Steffen [Fri, 27 Apr 2007 21:41:07 +0000 (21:41 -0000)]
added crlnumber

14 years agoadded interface.h
Andreas Steffen [Fri, 27 Apr 2007 21:29:31 +0000 (21:29 -0000)]
added interface.h

14 years agofixed casting
Andreas Steffen [Fri, 27 Apr 2007 21:28:54 +0000 (21:28 -0000)]
fixed casting

14 years agoadded writeable_backend.h
Andreas Steffen [Fri, 27 Apr 2007 20:58:45 +0000 (20:58 -0000)]
added writeable_backend.h

14 years agofixed typo
Andreas Steffen [Fri, 27 Apr 2007 18:13:57 +0000 (18:13 -0000)]
fixed typo

14 years agoremoved dependencies from /usr/include/linux headers
Andreas Steffen [Fri, 27 Apr 2007 17:33:42 +0000 (17:33 -0000)]
removed dependencies from /usr/include/linux headers

14 years agocosmetics
Andreas Steffen [Fri, 27 Apr 2007 17:31:50 +0000 (17:31 -0000)]
cosmetics

14 years agoremoved dependencies on linux/types.h
Andreas Steffen [Fri, 27 Apr 2007 17:24:20 +0000 (17:24 -0000)]
removed dependencies on linux/types.h

14 years agorestructuring of configuration backends
Martin Willi [Fri, 27 Apr 2007 14:25:08 +0000 (14:25 -0000)]
restructuring of configuration backends
added propotypes of new control interfaces (xml & dbus)
introduced loadable:
  configuration backends
  control interfaces
using pluggable modules as in EAP

14 years agoremoved eap sim config
Martin Willi [Fri, 27 Apr 2007 14:11:18 +0000 (14:11 -0000)]
removed eap sim config

14 years agoforcing proper autoload of af_key kernel module in charon
Martin Willi [Fri, 27 Apr 2007 07:43:42 +0000 (07:43 -0000)]
forcing proper autoload of af_key kernel module in charon

14 years agoupdated news
Martin Willi [Thu, 26 Apr 2007 07:58:50 +0000 (07:58 -0000)]
updated news

14 years agoupdated NEWS
Martin Willi [Thu, 26 Apr 2007 06:33:03 +0000 (06:33 -0000)]
updated NEWS

14 years agoxauth_modules.verify_secret() function now passes the connection name
Andreas Steffen [Wed, 25 Apr 2007 07:51:04 +0000 (07:51 -0000)]
xauth_modules.verify_secret() function now passes the connection name

14 years agoadded conn_name to xauth_module.verify_secret() function call
Andreas Steffen [Wed, 25 Apr 2007 07:00:16 +0000 (07:00 -0000)]
added conn_name to xauth_module.verify_secret() function call

14 years agoproperly checking received IDr as initiator
Martin Willi [Wed, 25 Apr 2007 06:06:13 +0000 (06:06 -0000)]
properly checking received IDr as initiator

14 years agoadded support for AES-XCBC in kernel using e.g. esp=aes128-aesxcbc (>=linux-2.6.20)
Martin Willi [Mon, 23 Apr 2007 13:00:20 +0000 (13:00 -0000)]
added support for AES-XCBC in kernel using e.g. esp=aes128-aesxcbc (>=linux-2.6.20)

14 years agofixed CHILD_SA proposal selection when not using DH exchange
Martin Willi [Mon, 23 Apr 2007 12:59:10 +0000 (12:59 -0000)]
fixed CHILD_SA proposal selection when not using DH exchange

14 years agofixed keyingtries
Martin Willi [Mon, 23 Apr 2007 12:19:23 +0000 (12:19 -0000)]
fixed keyingtries

14 years agogenerated certs for ocsp-strict-ifuri scenario
Andreas Steffen [Fri, 20 Apr 2007 14:54:10 +0000 (14:54 -0000)]
generated certs for ocsp-strict-ifuri scenario

14 years agogenerated certs for ocsp-strict-ifuri scenario
Andreas Steffen [Fri, 20 Apr 2007 14:52:32 +0000 (14:52 -0000)]
generated certs for ocsp-strict-ifuri scenario

14 years agofixed test scenarios
Andreas Steffen [Fri, 20 Apr 2007 14:51:39 +0000 (14:51 -0000)]
fixed test scenarios

14 years agoocsp-strict-ifuri added
Andreas Steffen [Fri, 20 Apr 2007 14:50:42 +0000 (14:50 -0000)]
ocsp-strict-ifuri added

14 years agoocsp-no-signer-cert added
Andreas Steffen [Fri, 20 Apr 2007 14:49:50 +0000 (14:49 -0000)]
ocsp-no-signer-cert added

14 years agoinitialize isCA to FALSE
Andreas Steffen [Fri, 20 Apr 2007 14:36:55 +0000 (14:36 -0000)]
initialize isCA to FALSE

14 years agoisOcspSigner was not initialized
Andreas Steffen [Fri, 20 Apr 2007 12:38:35 +0000 (12:38 -0000)]
isOcspSigner was not initialized

14 years agowrong delimiters in ipsec.in
Andreas Steffen [Fri, 20 Apr 2007 12:23:03 +0000 (12:23 -0000)]
wrong delimiters in ipsec.in

14 years agoimplementation of strictcrlpolicy=ifuri
Andreas Steffen [Fri, 20 Apr 2007 11:12:08 +0000 (11:12 -0000)]
implementation of strictcrlpolicy=ifuri

14 years agoremoved linux26/xfrm.h
Andreas Steffen [Thu, 19 Apr 2007 15:02:55 +0000 (15:02 -0000)]
removed linux26/xfrm.h

14 years agounshare argument buffers
Andreas Steffen [Thu, 19 Apr 2007 14:26:11 +0000 (14:26 -0000)]
unshare argument buffers

14 years agoupdated man page: proposals using PFS
Martin Willi [Thu, 19 Apr 2007 14:22:53 +0000 (14:22 -0000)]
updated man page: proposals using PFS

14 years agokernel_netlink.c now includes src/include/linux/xfrm.h
Andreas Steffen [Thu, 19 Apr 2007 14:15:00 +0000 (14:15 -0000)]
kernel_netlink.c now includes src/include/linux/xfrm.h

14 years agoupdated TODO
Martin Willi [Thu, 19 Apr 2007 14:14:01 +0000 (14:14 -0000)]
updated TODO

14 years agoadded support for EAP methods not establishing an MSK
Martin Willi [Thu, 19 Apr 2007 12:37:48 +0000 (12:37 -0000)]
added support for EAP methods not establishing an MSK

14 years agoadded most problematic linux headers to distribution
Martin Willi [Thu, 19 Apr 2007 08:59:36 +0000 (08:59 -0000)]
added most problematic linux headers to distribution
  other/real linux header may be selected using --with-linux-headers=dir

14 years agoadded PDF support for CHILD_SAs
Martin Willi [Thu, 19 Apr 2007 08:02:19 +0000 (08:02 -0000)]
added PDF support for CHILD_SAs
support for INVALID_KE_PAYLOAD negotiation for rekeying

14 years agofixed memleak in IKE_SA manager
Martin Willi [Thu, 19 Apr 2007 07:04:35 +0000 (07:04 -0000)]
fixed memleak in IKE_SA manager

14 years agomoved initiate() code to the generic controller_t class
Martin Willi [Mon, 16 Apr 2007 12:52:49 +0000 (12:52 -0000)]
moved initiate() code to the generic controller_t class

14 years agocloning %any ID without zero-byte memleak
Martin Willi [Mon, 16 Apr 2007 08:37:52 +0000 (08:37 -0000)]
cloning %any ID without zero-byte memleak

14 years agoremoved version numbers in autogen
Martin Willi [Mon, 16 Apr 2007 08:34:22 +0000 (08:34 -0000)]
removed version numbers in autogen

14 years agoadded listaacerts, listacerts, listgroups, rereadaacerts, and rereadacerts keywords
Andreas Steffen [Sat, 14 Apr 2007 18:09:44 +0000 (18:09 -0000)]
added listaacerts, listacerts, listgroups, rereadaacerts, and rereadacerts keywords

14 years agofixed destroy() bug
Andreas Steffen [Sat, 14 Apr 2007 17:34:41 +0000 (17:34 -0000)]
fixed destroy() bug

14 years agoexported parse_generalNames()
Andreas Steffen [Sat, 14 Apr 2007 17:34:18 +0000 (17:34 -0000)]
exported parse_generalNames()

14 years agoadded listaacerts, listacerts, listgroups, rereadaacerts, and rereadacerts keywords
Andreas Steffen [Sat, 14 Apr 2007 17:33:29 +0000 (17:33 -0000)]
added listaacerts, listacerts, listgroups, rereadaacerts, and rereadacerts keywords

14 years agoadded listaacerts, listacerts, listgroups, rereadaacerts, and rereadacerts keywords
Andreas Steffen [Sat, 14 Apr 2007 17:33:02 +0000 (17:33 -0000)]
added listaacerts, listacerts, listgroups, rereadaacerts, and rereadacerts keywords

14 years agoadded trailing newline to list()
Andreas Steffen [Thu, 12 Apr 2007 20:16:14 +0000 (20:16 -0000)]
added trailing newline to list()

14 years agoset sleep back to 180 s
Andreas Steffen [Thu, 12 Apr 2007 19:41:24 +0000 (19:41 -0000)]
set sleep back to 180 s

14 years agostarted to parse attribute certificates
Andreas Steffen [Thu, 12 Apr 2007 19:39:11 +0000 (19:39 -0000)]
started to parse attribute certificates

14 years agocosmetics
Andreas Steffen [Thu, 12 Apr 2007 19:33:13 +0000 (19:33 -0000)]
cosmetics

14 years agomoved parse_time() from x509.c to asn1.c
Andreas Steffen [Thu, 12 Apr 2007 18:58:27 +0000 (18:58 -0000)]
moved parse_time() from x509.c to asn1.c

14 years agoreplace cert by this in parse_certificate()
Andreas Steffen [Thu, 12 Apr 2007 18:57:33 +0000 (18:57 -0000)]
replace cert by this in parse_certificate()

14 years agoparse_authorityKeyIdentifier() is made available externally
Andreas Steffen [Thu, 12 Apr 2007 18:56:46 +0000 (18:56 -0000)]
parse_authorityKeyIdentifier() is made available externally

14 years agoexternal functions are defined in asn1.h and x509.h now
Andreas Steffen [Thu, 12 Apr 2007 18:55:44 +0000 (18:55 -0000)]
external functions are defined in asn1.h and x509.h now

14 years agostarted support of X.509 attribute certificates
Andreas Steffen [Thu, 12 Apr 2007 17:49:33 +0000 (17:49 -0000)]
started support of X.509 attribute certificates

14 years agoadded AA and AATR cert paths
Andreas Steffen [Thu, 12 Apr 2007 16:43:21 +0000 (16:43 -0000)]
added AA and AATR cert paths

14 years agofixed output of list_auth_certificates()
Andreas Steffen [Thu, 12 Apr 2007 16:42:07 +0000 (16:42 -0000)]
fixed output of list_auth_certificates()

14 years agofixed output of list_certinfos()
Andreas Steffen [Thu, 12 Apr 2007 16:36:12 +0000 (16:36 -0000)]
fixed output of list_certinfos()

14 years agocorrected copyright statement
Andreas Steffen [Thu, 12 Apr 2007 16:21:02 +0000 (16:21 -0000)]
corrected copyright statement

14 years agoadded missing #include
Martin Willi [Thu, 12 Apr 2007 11:33:43 +0000 (11:33 -0000)]
added missing #include

14 years agoupdated uClibc note in HACKING
Martin Willi [Thu, 12 Apr 2007 11:33:28 +0000 (11:33 -0000)]
updated uClibc note in HACKING

14 years agoremoved %Q, %Y, %W, %U printf handlers
Martin Willi [Thu, 12 Apr 2007 09:44:26 +0000 (09:44 -0000)]
removed %Q, %Y, %W, %U printf handlers

14 years agonot using %m printf handler, as late errno interpration over bus may be problematic
Martin Willi [Thu, 12 Apr 2007 08:52:36 +0000 (08:52 -0000)]
not using %m printf handler, as late errno interpration over bus may be problematic

14 years agofixed DPD delay in peer_cfg
Martin Willi [Thu, 12 Apr 2007 06:20:42 +0000 (06:20 -0000)]
fixed DPD delay in peer_cfg

14 years agofixed payload debug message
Martin Willi [Thu, 12 Apr 2007 06:20:14 +0000 (06:20 -0000)]
fixed payload debug message