strongswan.git
9 years agoRefactored stroke_cred_t to use mem_cred_t.
Tobias Brunner [Fri, 19 Nov 2010 16:37:11 +0000 (17:37 +0100)]
Refactored stroke_cred_t to use mem_cred_t.

9 years agoFunction add_crl added to mem_cred_t.
Tobias Brunner [Fri, 19 Nov 2010 16:28:46 +0000 (17:28 +0100)]
Function add_crl added to mem_cred_t.

9 years agoFunction added to clear secrets (but not certs) from mem_cred_t.
Tobias Brunner [Fri, 19 Nov 2010 16:28:12 +0000 (17:28 +0100)]
Function added to clear secrets (but not certs) from mem_cred_t.

9 years agoAlternative to mem_cred_t.add_cert added, which returns the certificate.
Tobias Brunner [Fri, 19 Nov 2010 16:26:33 +0000 (17:26 +0100)]
Alternative to mem_cred_t.add_cert added, which returns the certificate.

If the certificate is already cached, the cached version is returned.

9 years agoFunction added to mem_cred_t to add shared secret with a linked list of owners.
Tobias Brunner [Fri, 19 Nov 2010 16:21:00 +0000 (17:21 +0100)]
Function added to mem_cred_t to add shared secret with a linked list of owners.

9 years agoAdded functions to modify/create settings in settings_t.
Tobias Brunner [Thu, 18 Nov 2010 12:59:29 +0000 (13:59 +0100)]
Added functions to modify/create settings in settings_t.

9 years agoAdded an option to create non-existing key/value pairs during search.
Tobias Brunner [Thu, 18 Nov 2010 12:55:44 +0000 (13:55 +0100)]
Added an option to create non-existing key/value pairs during search.

9 years agoCompare shorter "boolean" values first.
Tobias Brunner [Thu, 18 Nov 2010 12:47:43 +0000 (13:47 +0100)]
Compare shorter "boolean" values first.

9 years agoHelper functions added to easily convert enumerated values.
Tobias Brunner [Mon, 15 Nov 2010 12:07:10 +0000 (13:07 +0100)]
Helper functions added to easily convert enumerated values.

9 years agoEnsure that sections exist when using load_files_section.
Tobias Brunner [Fri, 12 Nov 2010 16:35:04 +0000 (17:35 +0100)]
Ensure that sections exist when using load_files_section.

9 years agoSkip values and sections without key.
Tobias Brunner [Fri, 12 Nov 2010 14:34:33 +0000 (15:34 +0100)]
Skip values and sections without key.

9 years agoSome refactorings in lookup code in settings_t.
Tobias Brunner [Fri, 12 Nov 2010 13:29:09 +0000 (14:29 +0100)]
Some refactorings in lookup code in settings_t.

9 years agoAdded documentation about new features of settings_t.
Tobias Brunner [Fri, 12 Nov 2010 12:51:28 +0000 (13:51 +0100)]
Added documentation about new features of settings_t.

9 years agoMade settings_t thread-safe.
Tobias Brunner [Fri, 12 Nov 2010 10:55:21 +0000 (11:55 +0100)]
Made settings_t thread-safe.

9 years agoAdded functions to settings_t to load files dynamically at runtime.
Tobias Brunner [Fri, 12 Nov 2010 10:20:29 +0000 (11:20 +0100)]
Added functions to settings_t to load files dynamically at runtime.

9 years agoAllow inclusion of other files in strongswan.conf.
Tobias Brunner [Thu, 11 Nov 2010 15:43:09 +0000 (16:43 +0100)]
Allow inclusion of other files in strongswan.conf.

9 years agoLoading of strongswan.conf refactored to a separate function.
Tobias Brunner [Thu, 11 Nov 2010 15:15:38 +0000 (16:15 +0100)]
Loading of strongswan.conf refactored to a separate function.

9 years agoAllow to replace/extend previously defined values/sections in strongswan.conf.
Tobias Brunner [Thu, 11 Nov 2010 15:02:30 +0000 (16:02 +0100)]
Allow to replace/extend previously defined values/sections in strongswan.conf.

9 years agoDon't create a section in parse_section.
Tobias Brunner [Thu, 11 Nov 2010 14:21:25 +0000 (15:21 +0100)]
Don't create a section in parse_section.

Just add subsections and values to the passed section.

9 years agoRemoved unused static variable "lev".
Tobias Brunner [Thu, 11 Nov 2010 12:04:25 +0000 (13:04 +0100)]
Removed unused static variable "lev".

9 years agoAvoid calling globfree twice on failure.
Tobias Brunner [Thu, 11 Nov 2010 11:52:48 +0000 (12:52 +0100)]
Avoid calling globfree twice on failure.

9 years agoremoved superfluous whitespace
Andreas Steffen [Fri, 3 Dec 2010 10:26:13 +0000 (11:26 +0100)]
removed superfluous whitespace

9 years agoPB-TNC messages implemented
Sansar Choinyambuu [Fri, 3 Dec 2010 09:22:51 +0000 (10:22 +0100)]
PB-TNC messages implemented

9 years agoMigrated asn1_parser_t to INIT/METHOD macros
Andreas Steffen [Thu, 2 Dec 2010 21:12:02 +0000 (22:12 +0100)]
Migrated asn1_parser_t to INIT/METHOD macros

9 years agoMigrated settings_t to INIT/METHOD macros
Andreas Steffen [Thu, 2 Dec 2010 05:25:59 +0000 (06:25 +0100)]
Migrated settings_t to INIT/METHOD macros

9 years agoMigrated printf_hook_t to INIT/METHOD macros
Andreas Steffen [Thu, 2 Dec 2010 05:17:24 +0000 (06:17 +0100)]
Migrated printf_hook_t to INIT/METHOD macros

9 years agoMigrated integrity_checker_t to INIT/METHOD macros
Andreas Steffen [Thu, 2 Dec 2010 05:10:50 +0000 (06:10 +0100)]
Migrated integrity_checker_t to INIT/METHOD macros

9 years agoadded SQL database extensions to NEWS
Andreas Steffen [Wed, 1 Dec 2010 09:09:21 +0000 (10:09 +0100)]
added SQL database extensions to NEWS

9 years agoversion bump to 4.5.1dr2
Andreas Steffen [Wed, 1 Dec 2010 09:08:49 +0000 (10:08 +0100)]
version bump to 4.5.1dr2

9 years agouse a composite test proposal
Andreas Steffen [Wed, 1 Dec 2010 09:05:28 +0000 (10:05 +0100)]
use a composite test proposal

9 years agocheck for malformed IKE and ESP proposals
Andreas Steffen [Wed, 1 Dec 2010 08:50:30 +0000 (09:50 +0100)]
check for malformed IKE and ESP proposals

9 years agoMigrated sql_plugin_t to INIT/METHOD macros
Andreas Steffen [Tue, 30 Nov 2010 22:31:24 +0000 (23:31 +0100)]
Migrated sql_plugin_t to INIT/METHOD macros

9 years agoMigrated sql_config_t to INIT/METHOD macros
Andreas Steffen [Tue, 30 Nov 2010 22:27:51 +0000 (23:27 +0100)]
Migrated sql_config_t to INIT/METHOD macros

9 years agorenamed algorithm to proposal
Andreas Steffen [Tue, 30 Nov 2010 16:38:49 +0000 (17:38 +0100)]
renamed algorithm to proposal

9 years agostore IKE and ESP proposals in SQL database
Andreas Steffen [Tue, 30 Nov 2010 16:03:21 +0000 (17:03 +0100)]
store IKE and ESP proposals in SQL database

9 years agoconfigured various DPD modes in sql scenarios
Andreas Steffen [Sun, 28 Nov 2010 16:41:27 +0000 (17:41 +0100)]
configured various DPD modes in sql scenarios

9 years agoadded sql/net2net-route-pem scenario
Andreas Steffen [Sun, 28 Nov 2010 11:00:44 +0000 (12:00 +0100)]
added sql/net2net-route-pem scenario

9 years agoadded sql/net2net-start-pem scenario
Andreas Steffen [Sun, 28 Nov 2010 11:00:19 +0000 (12:00 +0100)]
added sql/net2net-start-pem scenario

9 years agostart and route connections defined in an SQL database via start_action field and...
Andreas Steffen [Sun, 28 Nov 2010 10:57:49 +0000 (11:57 +0100)]
start and route connections defined in an SQL database via start_action field and ipsec up %startall command

9 years agoversion bump to 4.5.1dr1
Andreas Steffen [Sun, 28 Nov 2010 10:55:40 +0000 (11:55 +0100)]
version bump to 4.5.1dr1

9 years agoMigrated stroke_config_t to INIT/METHOD macros
Andreas Steffen [Sat, 27 Nov 2010 00:12:58 +0000 (01:12 +0100)]
Migrated stroke_config_t to INIT/METHOD macros

9 years agoMigrated stroke_cat_t to INIT/METHOD macros
Andreas Steffen [Fri, 26 Nov 2010 23:49:15 +0000 (00:49 +0100)]
Migrated stroke_cat_t to INIT/METHOD macros

9 years agoMigrated child_cfg_t to INIT/METHOD macros
Andreas Steffen [Fri, 26 Nov 2010 15:32:15 +0000 (16:32 +0100)]
Migrated child_cfg_t to INIT/METHOD macros

9 years agoMerge branch 'master' of git.strongswan.org:strongswan
Andreas Steffen [Fri, 26 Nov 2010 13:07:18 +0000 (14:07 +0100)]
Merge branch 'master' of git.strongswan.org:strongswan

9 years agosupport PEM-encoded certificates stored in SQL databases
Andreas Steffen [Fri, 26 Nov 2010 12:46:16 +0000 (13:46 +0100)]
support PEM-encoded certificates stored in SQL databases

9 years agocommas, commas, ..
Andreas Steffen [Thu, 25 Nov 2010 22:25:01 +0000 (23:25 +0100)]
commas, commas, ..

9 years agoMigrated resolve_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:19:33 +0000 (23:19 +0100)]
Migrated resolve_plugin_t to INIT/METHOD macros

9 years agoMigrated kernel_pfroute_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:17:18 +0000 (23:17 +0100)]
Migrated kernel_pfroute_plugin_t to INIT/METHOD macros

9 years agoMigrated kernel_pfkey_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:14:29 +0000 (23:14 +0100)]
Migrated kernel_pfkey_plugin_t to INIT/METHOD macros

9 years agoMigrated kernel_netlink_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:12:12 +0000 (23:12 +0100)]
Migrated kernel_netlink_plugin_t to INIT/METHOD macros

9 years agoINIT allocates memory
Andreas Steffen [Thu, 25 Nov 2010 22:09:12 +0000 (23:09 +0100)]
INIT allocates memory

9 years agoINIT allocates memory
Andreas Steffen [Thu, 25 Nov 2010 22:08:00 +0000 (23:08 +0100)]
INIT allocates memory

9 years agoMigrated kernel_klips_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:06:20 +0000 (23:06 +0100)]
Migrated kernel_klips_plugin_t to INIT/METHOD macros

9 years agoMigrated attr_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 21:52:32 +0000 (22:52 +0100)]
Migrated attr_plugin_t to INIT/METHOD macros

9 years agoMigrated attr_sql_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 21:49:44 +0000 (22:49 +0100)]
Migrated attr_sql_plugin_t to INIT/METHOD macros

9 years agoMigrated backend_manager_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 21:43:19 +0000 (22:43 +0100)]
Migrated backend_manager_t to INIT/METHOD macros

9 years agofixed a couple of bugs in the prototype
Andreas Steffen [Tue, 23 Nov 2010 15:33:23 +0000 (16:33 +0100)]
fixed a couple of bugs in the prototype

9 years agoset PB_MSG_PA message type
Andreas Steffen [Tue, 23 Nov 2010 15:32:09 +0000 (16:32 +0100)]
set PB_MSG_PA message type

9 years agoprototype implementation using the pb_tnc_message_t class
Andreas Steffen [Tue, 23 Nov 2010 13:44:16 +0000 (14:44 +0100)]
prototype implementation using the pb_tnc_message_t class

9 years agodefined a pb_tnc_message_t interface
Andreas Steffen [Tue, 23 Nov 2010 13:27:57 +0000 (14:27 +0100)]
defined a pb_tnc_message_t interface

9 years agoenabled ha plugin in UML scenarios
Andreas Steffen [Sat, 20 Nov 2010 20:52:40 +0000 (21:52 +0100)]
enabled ha plugin in UML scenarios

9 years agofixed iptables script of gateway alice
Andreas Steffen [Sat, 20 Nov 2010 20:01:54 +0000 (21:01 +0100)]
fixed iptables script of gateway alice

9 years agoremoved copy of strongswancCert.pem
Andreas Steffen [Sat, 20 Nov 2010 19:34:21 +0000 (20:34 +0100)]
removed copy of strongswancCert.pem

9 years agoadded ha/both-active scenario
Andreas Steffen [Sat, 20 Nov 2010 19:16:26 +0000 (20:16 +0100)]
added ha/both-active scenario

9 years agocreated certificate and /etc/hosts entry for virtual gateway mars
Andreas Steffen [Sat, 20 Nov 2010 17:20:23 +0000 (18:20 +0100)]
created certificate and /etc/hosts entry for virtual gateway mars

9 years agoimplemented create_reason_enumerator() function
Andreas Steffen [Fri, 19 Nov 2010 16:23:06 +0000 (17:23 +0100)]
implemented create_reason_enumerator() function

9 years agoimplemented request_handshake_retry() function
Andreas Steffen [Fri, 19 Nov 2010 07:51:56 +0000 (08:51 +0100)]
implemented request_handshake_retry() function

9 years agoDo not query for CKA_ALWAYS_AUTHENTICATE if PKCS#11 Cryptoki version < 2.20
Martin Willi [Thu, 18 Nov 2010 07:56:12 +0000 (08:56 +0100)]
Do not query for CKA_ALWAYS_AUTHENTICATE if PKCS#11 Cryptoki version < 2.20

9 years agoUse static args for C_Initialize(), OpenSC does not get a copy of the pointers
Martin Willi [Thu, 18 Nov 2010 07:43:26 +0000 (08:43 +0100)]
Use static args for C_Initialize(), OpenSC does not get a copy of the pointers

9 years agoadded ITA and strongSwan OIDs
Andreas Steffen [Wed, 17 Nov 2010 21:46:28 +0000 (22:46 +0100)]
added ITA and strongSwan OIDs

9 years agocorrected TCGID OID
Andreas Steffen [Wed, 17 Nov 2010 21:13:55 +0000 (22:13 +0100)]
corrected TCGID OID

9 years agoAdded getter for arbitrary environment variables
Martin Willi [Wed, 17 Nov 2010 15:46:23 +0000 (16:46 +0100)]
Added getter for arbitrary environment variables

9 years agoadded IMC and IMV IDs as arguments to send_message()
Andreas Steffen [Tue, 16 Nov 2010 23:04:10 +0000 (00:04 +0100)]
added IMC and IMV IDs as arguments to send_message()

9 years agoget_attribute() and set_attribute() are not allowed to use TNC_CONNECTIONID_ANY
Andreas Steffen [Tue, 16 Nov 2010 21:43:48 +0000 (22:43 +0100)]
get_attribute() and set_attribute() are not allowed to use TNC_CONNECTIONID_ANY

9 years agoinitialize chunks and add debug output
Andreas Steffen [Tue, 16 Nov 2010 21:28:10 +0000 (22:28 +0100)]
initialize chunks and add debug output

9 years agoload IMCs and IMVs with RTLD_LAZY
Andreas Steffen [Tue, 16 Nov 2010 21:14:20 +0000 (22:14 +0100)]
load IMCs and IMVs with RTLD_LAZY

9 years agofixed memory leak
Andreas Steffen [Tue, 16 Nov 2010 20:37:38 +0000 (21:37 +0100)]
fixed memory leak

9 years agoimplement set_attribute() callback function
Andreas Steffen [Tue, 16 Nov 2010 20:07:02 +0000 (21:07 +0100)]
implement set_attribute() callback function

9 years agoimplement GetAttribute() callback function
Andreas Steffen [Tue, 16 Nov 2010 19:14:48 +0000 (20:14 +0100)]
implement GetAttribute() callback function

9 years agocall is_complete() if tls protocol returns with SUCCESS
Andreas Steffen [Tue, 16 Nov 2010 10:52:06 +0000 (11:52 +0100)]
call is_complete() if tls protocol returns with SUCCESS

9 years agoreformulated recommendation policies
Andreas Steffen [Tue, 16 Nov 2010 09:59:53 +0000 (10:59 +0100)]
reformulated recommendation policies

9 years agoDo not checkin a previously destroyed SA
Thomas Egerer [Mon, 15 Nov 2010 17:00:40 +0000 (18:00 +0100)]
Do not checkin a previously destroyed SA

9 years agoRemove obsolete pool_size argument in processor_create()
Martin Willi [Tue, 16 Nov 2010 08:38:39 +0000 (09:38 +0100)]
Remove obsolete pool_size argument in processor_create()

9 years agomutex.h is not needed any more
Andreas Steffen [Tue, 16 Nov 2010 08:15:17 +0000 (09:15 +0100)]
mutex.h is not needed any more

9 years agoimv_list consists of linked imv_t instances
Andreas Steffen [Tue, 16 Nov 2010 08:09:39 +0000 (09:09 +0100)]
imv_list consists of linked imv_t instances

9 years agoimplemented have_recommendation() based on a choice of 3 policies
Andreas Steffen [Mon, 15 Nov 2010 16:38:31 +0000 (17:38 +0100)]
implemented have_recommendation() based on a choice of 3 policies

9 years agolog configured recommendation policy
Andreas Steffen [Sun, 14 Nov 2010 10:29:27 +0000 (11:29 +0100)]
log configured recommendation policy

9 years agoconfigure recommendation policy via strongswan.conf
Andreas Steffen [Sun, 14 Nov 2010 10:23:47 +0000 (11:23 +0100)]
configure recommendation policy via strongswan.conf

9 years agore-establish null pointer if IMC/IMV manager plugin could not be installed
Andreas Steffen [Sun, 14 Nov 2010 08:50:01 +0000 (09:50 +0100)]
re-establish null pointer if IMC/IMV manager plugin could not be installed

9 years agomoved recommendation handling to the tnc_imv plugin
Andreas Steffen [Sat, 13 Nov 2010 09:01:46 +0000 (10:01 +0100)]
moved recommendation handling to the tnc_imv plugin

9 years agoExtend connected peers by peer family
Thomas Egerer [Fri, 12 Nov 2010 10:37:06 +0000 (11:37 +0100)]
Extend connected peers by peer family

This allows for simultanious IPv4 and IPv6 tunnel for same peers with
matching identities.

9 years agoAdded a PKCS#11 module option to enforce OS Locking functions
Martin Willi [Fri, 12 Nov 2010 13:45:09 +0000 (14:45 +0100)]
Added a PKCS#11 module option to enforce OS Locking functions

9 years agoPrint full source route on DBG2 that gets installed
Martin Willi [Thu, 11 Nov 2010 08:59:02 +0000 (09:59 +0100)]
Print full source route on DBG2 that gets installed

9 years agoremoved debug output in IMC bind functions
Andreas Steffen [Thu, 11 Nov 2010 06:51:56 +0000 (07:51 +0100)]
removed debug output in IMC bind functions

9 years agoadded get_preferred_language() to tnc_imc
Andreas Steffen [Thu, 11 Nov 2010 06:30:13 +0000 (07:30 +0100)]
added get_preferred_language() to tnc_imc

9 years agocreated dummy have_recommendation() function
Andreas Steffen [Wed, 10 Nov 2010 21:42:36 +0000 (22:42 +0100)]
created dummy have_recommendation() function

9 years agoimplemented mutex locking the batch in construction
Andreas Steffen [Wed, 10 Nov 2010 21:22:27 +0000 (22:22 +0100)]
implemented mutex locking the batch in construction

9 years agofixed received test message
Andreas Steffen [Wed, 10 Nov 2010 21:02:20 +0000 (22:02 +0100)]
fixed received test message

9 years agoimplemented mutex locking the recommendations list
Andreas Steffen [Wed, 10 Nov 2010 20:53:17 +0000 (21:53 +0100)]
implemented mutex locking the recommendations list

9 years agodisplay ID of registered IMCs/IMVs
Andreas Steffen [Wed, 10 Nov 2010 20:30:50 +0000 (21:30 +0100)]
display ID of registered IMCs/IMVs