strongswan.git
12 years agosplit connections with different virtual IPs in different peer_cfgs
Martin Willi [Tue, 5 Feb 2008 12:39:30 +0000 (12:39 -0000)]
split connections with different virtual IPs in different peer_cfgs
respect different peer_cfg's when initiating a CHILD_SA within an existing IKE_SA

12 years ago * replaced __thread with pthread_key_t/pthread_setspecific
Tobias Brunner [Tue, 5 Feb 2008 09:31:21 +0000 (09:31 -0000)]
 * replaced __thread with pthread_key_t/pthread_setspecific
 * use pthread_once to initialize the request handler

12 years agoEAP-SIM server and client test module added
Andreas Steffen [Mon, 4 Feb 2008 20:55:57 +0000 (20:55 -0000)]
EAP-SIM server and client test module added

12 years agoimplemented IKEV2 EAP-SIM server and client test module that use triplets stored...
Andreas Steffen [Mon, 4 Feb 2008 14:52:06 +0000 (14:52 -0000)]
implemented IKEV2 EAP-SIM server and client test module that use triplets stored in a file. For details see the scenario 'ikev2/rw-eap-sim-rsa'

12 years agouse the new options_t class
Andreas Steffen [Mon, 4 Feb 2008 14:46:43 +0000 (14:46 -0000)]
use the new options_t class

12 years agofixed tabs
Andreas Steffen [Mon, 4 Feb 2008 14:45:50 +0000 (14:45 -0000)]
fixed tabs

12 years agorefactored optionsfrom as in an object-oriented way using the options_t class. Elimin...
Andreas Steffen [Mon, 4 Feb 2008 14:44:14 +0000 (14:44 -0000)]
refactored optionsfrom as in an object-oriented way using the options_t class. Eliminated all memory leaks

12 years agouse identifiers in EAP_SUCCESS/EAP_FAILURE payloads
Martin Willi [Mon, 4 Feb 2008 11:43:10 +0000 (11:43 -0000)]
use identifiers in EAP_SUCCESS/EAP_FAILURE payloads

12 years agoparse signedData object with empty content
Andreas Steffen [Sat, 2 Feb 2008 00:29:03 +0000 (00:29 -0000)]
parse signedData object with empty content

12 years agobuild_signedData() now computes messageDigest attribute
Andreas Steffen [Fri, 1 Feb 2008 22:26:01 +0000 (22:26 -0000)]
build_signedData() now computes messageDigest attribute

12 years agoadded set_messageDigest() and get_messageDigest() methods
Andreas Steffen [Fri, 1 Feb 2008 22:24:51 +0000 (22:24 -0000)]
added set_messageDigest() and get_messageDigest() methods

12 years agoextended and debugged PKCS#7 signedData support
Andreas Steffen [Fri, 1 Feb 2008 14:19:26 +0000 (14:19 -0000)]
extended and debugged PKCS#7 signedData support

12 years agoadded S/MIME capabilities OID
Andreas Steffen [Fri, 1 Feb 2008 10:40:03 +0000 (10:40 -0000)]
added S/MIME capabilities OID

12 years agochanged tabs to 4 spaces
Andreas Steffen [Fri, 1 Feb 2008 01:01:17 +0000 (01:01 -0000)]
changed tabs to 4 spaces

12 years agotwo bug fixes
Andreas Steffen [Fri, 1 Feb 2008 00:15:27 +0000 (00:15 -0000)]
two bug fixes

12 years agonext_payload must be of type u_int8_t
Andreas Steffen [Fri, 1 Feb 2008 00:07:56 +0000 (00:07 -0000)]
next_payload must be of type u_int8_t

12 years agoNAT-T conditions were not inherited during IKE_SA rekeying
Andreas Steffen [Tue, 29 Jan 2008 01:41:47 +0000 (01:41 -0000)]
NAT-T conditions were not inherited during IKE_SA rekeying

12 years agofixed comment
Andreas Steffen [Sun, 27 Jan 2008 20:59:22 +0000 (20:59 -0000)]
fixed comment

12 years agoimplemented pkcs1_encrypt()
Andreas Steffen [Sun, 27 Jan 2008 20:58:52 +0000 (20:58 -0000)]
implemented pkcs1_encrypt()

12 years agofixed padding bug in RSA_encrypt()
Andreas Steffen [Sun, 27 Jan 2008 20:17:15 +0000 (20:17 -0000)]
fixed padding bug in RSA_encrypt()

12 years agoadded RCSID
Andreas Steffen [Tue, 22 Jan 2008 10:52:26 +0000 (10:52 -0000)]
added RCSID

12 years agoadded md2WithRSA algorithm identifier
Andreas Steffen [Tue, 22 Jan 2008 10:52:03 +0000 (10:52 -0000)]
added md2WithRSA algorithm identifier

12 years agoextended asn1_algorithmIdentifier() to SHA-2
Andreas Steffen [Tue, 22 Jan 2008 10:34:44 +0000 (10:34 -0000)]
extended asn1_algorithmIdentifier() to SHA-2

12 years agoextended asn1_algorithmIdentifier() to SHA-2
Andreas Steffen [Tue, 22 Jan 2008 10:32:37 +0000 (10:32 -0000)]
extended asn1_algorithmIdentifier() to SHA-2

12 years agox509_t.build_encoding() now supports any hash algorithm
Andreas Steffen [Tue, 22 Jan 2008 01:32:12 +0000 (01:32 -0000)]
x509_t.build_encoding() now supports any hash algorithm

12 years agofully implemented x509_create()
Andreas Steffen [Tue, 22 Jan 2008 01:09:19 +0000 (01:09 -0000)]
fully implemented x509_create()

12 years agofixed destruction of generalNames linked list
Andreas Steffen [Mon, 21 Jan 2008 22:56:58 +0000 (22:56 -0000)]
fixed destruction of generalNames linked list

12 years agofixed parsing and building of generalNames
Andreas Steffen [Mon, 21 Jan 2008 10:00:13 +0000 (10:00 -0000)]
fixed parsing and building of generalNames

12 years agoimplemented rsa_private_key_t.get_public_key()
Andreas Steffen [Mon, 21 Jan 2008 00:36:38 +0000 (00:36 -0000)]
implemented rsa_private_key_t.get_public_key()

12 years agoadded rsa_public_key_create(mpz_t n, mpz_t e)
Andreas Steffen [Mon, 21 Jan 2008 00:34:41 +0000 (00:34 -0000)]
added rsa_public_key_create(mpz_t n, mpz_t e)

12 years agoadded notBefore and notAfter to x509_create()
Andreas Steffen [Mon, 21 Jan 2008 00:30:26 +0000 (00:30 -0000)]
added notBefore and notAfter to x509_create()

12 years agoadded --with-plugindir option
Andreas Steffen [Sun, 20 Jan 2008 17:57:38 +0000 (17:57 -0000)]
added --with-plugindir option

12 years agoadded missing hasher include
Martin Willi [Thu, 3 Jan 2008 10:42:21 +0000 (10:42 -0000)]
added missing hasher include

12 years agoversion bump to 4.2.0
Andreas Steffen [Mon, 24 Dec 2007 18:07:55 +0000 (18:07 -0000)]
version bump to 4.2.0

12 years agoadd ip xfrm state test for ikev1 transport mode
Andreas Steffen [Wed, 19 Dec 2007 21:02:15 +0000 (21:02 -0000)]
add ip xfrm state test for ikev1 transport mode

12 years agoversion bumps
Andreas Steffen [Wed, 19 Dec 2007 21:01:19 +0000 (21:01 -0000)]
version bumps

12 years agoinclude pipe-thin-green icons in distribution 4.1.10
Andreas Steffen [Wed, 19 Dec 2007 21:00:52 +0000 (21:00 -0000)]
include pipe-thin-green icons in distribution

12 years agoadded a-v-m-c-w-med.png topology graph
Andreas Steffen [Wed, 19 Dec 2007 20:59:54 +0000 (20:59 -0000)]
added a-v-m-c-w-med.png topology graph

12 years agoadded behind-same-nat p2p scenario
Andreas Steffen [Wed, 19 Dec 2007 17:55:08 +0000 (17:55 -0000)]
added behind-same-nat p2p scenario

12 years agoset nexthop default value to 0::0 in IPv6 connections
Andreas Steffen [Wed, 19 Dec 2007 00:49:32 +0000 (00:49 -0000)]
set nexthop default value to 0::0 in IPv6 connections

12 years agoset --enable-eap-aka in UML scenarios
Andreas Steffen [Wed, 19 Dec 2007 00:47:56 +0000 (00:47 -0000)]
set --enable-eap-aka in UML scenarios

12 years agocheck ip xfrm state in IKEv1 and IKEv2 transport mode scenarios
Andreas Steffen [Wed, 19 Dec 2007 00:47:21 +0000 (00:47 -0000)]
check ip xfrm state in IKEv1 and IKEv2 transport mode scenarios

12 years agoadded ipv6 transport mode scenarios for IKEv1 and IKEv2
Andreas Steffen [Wed, 19 Dec 2007 00:45:26 +0000 (00:45 -0000)]
added ipv6 transport mode scenarios for IKEv1 and IKEv2

12 years agoupdated rw-eap-aka-rsa scenario
Andreas Steffen [Wed, 19 Dec 2007 00:11:20 +0000 (00:11 -0000)]
updated rw-eap-aka-rsa scenario

12 years agomake config view in strongSwan manager look similar to ikesa view
Andreas Steffen [Tue, 18 Dec 2007 15:41:37 +0000 (15:41 -0000)]
make config view in strongSwan manager look similar to ikesa view

12 years agofixed EAP-MD5 to accept Name attribute in challenge
Martin Willi [Tue, 18 Dec 2007 10:44:44 +0000 (10:44 -0000)]
fixed EAP-MD5 to accept Name attribute in challenge

12 years agoupdated NEWS
Martin Willi [Thu, 13 Dec 2007 17:52:49 +0000 (17:52 -0000)]
updated NEWS

12 years agoimplemented Expanded EAP types to support vendor specific methods
Martin Willi [Thu, 13 Dec 2007 17:31:21 +0000 (17:31 -0000)]
implemented Expanded EAP types to support vendor specific methods

12 years agofixed actual ID length when AT_IDENTITY gets padded
Martin Willi [Thu, 13 Dec 2007 14:39:38 +0000 (14:39 -0000)]
fixed actual ID length when AT_IDENTITY gets padded

12 years agoported EAP-AKA branch into trunk
Martin Willi [Thu, 13 Dec 2007 10:54:29 +0000 (10:54 -0000)]
ported EAP-AKA branch into trunk

12 years agosbindir is required in the PATH of ipsec
Andreas Steffen [Wed, 12 Dec 2007 22:27:40 +0000 (22:27 -0000)]
sbindir is required in the PATH of ipsec

12 years agosbindir is required in the PATH of _updown
Andreas Steffen [Wed, 12 Dec 2007 22:12:10 +0000 (22:12 -0000)]
sbindir is required in the PATH of _updown

12 years agoadded ocsp cache bug fix to NEWS
Andreas Steffen [Wed, 12 Dec 2007 21:03:17 +0000 (21:03 -0000)]
added ocsp cache bug fix to NEWS

12 years agofixed error in the ordering of the certinfo_t records in the ocsp cache that caused...
Andreas Steffen [Wed, 12 Dec 2007 20:25:50 +0000 (20:25 -0000)]
fixed error in the ordering of the certinfo_t records in the ocsp cache that caused multiple entries of the same serial number to be created. This was caused by the iterator_t method insert_after() that inserts a record in the first instead of the last position of a linked list if the end of the list is reached. Fix: use linked_list_t method insert_last() instead.

12 years agodefine a minimum PATH environment
Andreas Steffen [Wed, 12 Dec 2007 14:56:35 +0000 (14:56 -0000)]
define a minimum PATH environment

12 years agoaligned error messages
Andreas Steffen [Wed, 12 Dec 2007 14:54:28 +0000 (14:54 -0000)]
aligned error messages

12 years agomerged EAP-MD5 into trunk
Martin Willi [Wed, 12 Dec 2007 14:29:10 +0000 (14:29 -0000)]
merged EAP-MD5 into trunk

12 years agoaccept unknown attributes in config payloads
Martin Willi [Sun, 9 Dec 2007 19:43:41 +0000 (19:43 -0000)]
accept unknown attributes in config payloads

12 years agofixed build when using --disable-pluto
Martin Willi [Fri, 7 Dec 2007 10:25:01 +0000 (10:25 -0000)]
fixed build when using --disable-pluto

12 years agoversion bump to 4.1.10
Andreas Steffen [Tue, 4 Dec 2007 23:54:32 +0000 (23:54 -0000)]
version bump to 4.1.10

12 years agoremoved c++ style comments 4.1.9
Martin Willi [Tue, 4 Dec 2007 10:48:27 +0000 (10:48 -0000)]
removed c++ style comments
fixed compiler warnings

12 years agofixed mobike/auth_lifetime in conjunction with p2p-natt
Martin Willi [Tue, 4 Dec 2007 10:05:36 +0000 (10:05 -0000)]
fixed mobike/auth_lifetime in conjunction with p2p-natt

12 years agoremoved redundant server reflexive endpoint debug message
Andreas Steffen [Tue, 4 Dec 2007 00:45:00 +0000 (00:45 -0000)]
removed redundant server reflexive endpoint debug message

12 years agoadded brackets in PKG_CHECK_MODULES
Andreas Steffen [Mon, 3 Dec 2007 23:12:39 +0000 (23:12 -0000)]
added brackets in PKG_CHECK_MODULES

12 years agoimproved P2P_ENDPOINT debugging
Andreas Steffen [Mon, 3 Dec 2007 23:06:17 +0000 (23:06 -0000)]
improved P2P_ENDPOINT debugging

12 years agoupdated NEWS
Martin Willi [Mon, 3 Dec 2007 14:48:04 +0000 (14:48 -0000)]
updated NEWS

12 years agoadded more ./configure build options for
Martin Willi [Mon, 3 Dec 2007 14:47:15 +0000 (14:47 -0000)]
added more ./configure build options for
  EAP-Identity module
  ipsec tools (openac, scepclient)
  optional charon/pluto build
  charon stroke interface

12 years agomoved AUTH_LIFETIME handling in its own task (cleaner separation, proper payload...
Martin Willi [Mon, 3 Dec 2007 10:52:18 +0000 (10:52 -0000)]
moved AUTH_LIFETIME handling in its own task (cleaner separation, proper payload order)

12 years agoadded a "libcharon-" prefix to plugins to avoid conflicts
Martin Willi [Mon, 3 Dec 2007 09:03:22 +0000 (09:03 -0000)]
added a "libcharon-" prefix to plugins to avoid conflicts

12 years agosome return code changes proposed by Marius Tomaschewski
Andreas Steffen [Thu, 29 Nov 2007 18:27:04 +0000 (18:27 -0000)]
some return code changes proposed by Marius Tomaschewski

12 years agoipsec and starter exit with LSB-compliant return codes
Andreas Steffen [Wed, 28 Nov 2007 17:02:12 +0000 (17:02 -0000)]
ipsec and starter exit with LSB-compliant return codes

12 years agobob is passive responder in p2pnat scenario
Andreas Steffen [Mon, 26 Nov 2007 22:24:08 +0000 (22:24 -0000)]
bob is passive responder in p2pnat scenario

12 years agosocket_t implementation withouth raw sockets
Martin Willi [Mon, 26 Nov 2007 11:20:00 +0000 (11:20 -0000)]
socket_t implementation withouth raw sockets
  --disable-raw-socket configure option
  prevents charon/pluto to run in parallel

12 years agoadded USE_P2P UML compile option
Andreas Steffen [Mon, 26 Nov 2007 00:29:52 +0000 (00:29 -0000)]
added USE_P2P UML compile option

12 years agoadded a-m-c-w-s-b-med.png topology graph
Andreas Steffen [Mon, 26 Nov 2007 00:28:29 +0000 (00:28 -0000)]
added a-m-c-w-s-b-med.png topology graph

12 years agoadded p2pnat/medsrv-psk scenario
Andreas Steffen [Mon, 26 Nov 2007 00:25:22 +0000 (00:25 -0000)]
added p2pnat/medsrv-psk scenario

12 years agoadded two scenarios testing repeated authentication (RFC 4478)
Andreas Steffen [Sun, 25 Nov 2007 15:47:58 +0000 (15:47 -0000)]
added two scenarios testing repeated authentication (RFC 4478)

12 years agoimproving [3361]: moved one of the added return values
Tobias Brunner [Thu, 22 Nov 2007 11:22:33 +0000 (11:22 -0000)]
improving [3361]: moved one of the added return values

12 years agoadded two return statements comitted by Marius Tomaschewski
Andreas Steffen [Wed, 21 Nov 2007 23:42:27 +0000 (23:42 -0000)]
added two return statements comitted by Marius Tomaschewski

12 years agoversion bump to uml linux kernel 2.6.23.8
Andreas Steffen [Wed, 21 Nov 2007 23:30:28 +0000 (23:30 -0000)]
version bump to uml linux kernel 2.6.23.8

12 years agonew IPv6 scenarios were added
Andreas Steffen [Wed, 21 Nov 2007 00:53:14 +0000 (00:53 -0000)]
new IPv6 scenarios were added

12 years agoupdated TODO
Martin Willi [Tue, 20 Nov 2007 12:26:37 +0000 (12:26 -0000)]
updated TODO

12 years agoupdated NEWS
Martin Willi [Tue, 20 Nov 2007 12:23:39 +0000 (12:23 -0000)]
updated NEWS

12 years agoimplemented RFC4478 (repeated authentication)
Martin Willi [Tue, 20 Nov 2007 12:06:40 +0000 (12:06 -0000)]
implemented RFC4478 (repeated authentication)
changed %V printf handler to take a time delta, %#V now takes two arguments

12 years agofixed callback_job cancellation for threads waiting in the bus
Martin Willi [Mon, 19 Nov 2007 12:32:28 +0000 (12:32 -0000)]
fixed callback_job cancellation for threads waiting in the bus

12 years agofixed memrchr compiler warning
Martin Willi [Mon, 19 Nov 2007 12:27:08 +0000 (12:27 -0000)]
fixed memrchr compiler warning

12 years agofixed two leaks in stroke_interface
Martin Willi [Mon, 19 Nov 2007 11:28:11 +0000 (11:28 -0000)]
fixed two leaks in stroke_interface

12 years agoindentation of list.cs
Andreas Steffen [Sun, 18 Nov 2007 20:59:46 +0000 (20:59 -0000)]
indentation of list.cs

12 years agohandle right=%any case in strongSwan manager
Andreas Steffen [Sat, 17 Nov 2007 23:08:16 +0000 (23:08 -0000)]
handle right=%any case in strongSwan manager

12 years agofixed typo in iptables script
Andreas Steffen [Fri, 16 Nov 2007 22:45:47 +0000 (22:45 -0000)]
fixed typo in iptables script

12 years agoadded rw-psk-ikev2 scenario
Andreas Steffen [Fri, 16 Nov 2007 20:25:26 +0000 (20:25 -0000)]
added rw-psk-ikev2 scenario

12 years agoadded rw-psk-ikev1 scenario
Andreas Steffen [Fri, 16 Nov 2007 20:25:15 +0000 (20:25 -0000)]
added rw-psk-ikev1 scenario

12 years agosearch : delimiter in ipsec.secrets entries from the rear
Andreas Steffen [Fri, 16 Nov 2007 20:23:29 +0000 (20:23 -0000)]
search : delimiter in ipsec.secrets entries from the rear

12 years agorefactored bus and interface to resolve threading issues (WIP)
Martin Willi [Thu, 15 Nov 2007 18:35:54 +0000 (18:35 -0000)]
refactored bus and interface to resolve threading issues (WIP)

12 years agobe less agressive, but more verbose in killing charon
Martin Willi [Thu, 15 Nov 2007 18:34:05 +0000 (18:34 -0000)]
be less agressive, but more verbose in killing charon

12 years agoadded IKE IP addresses to config list for manager
Martin Willi [Thu, 15 Nov 2007 10:09:48 +0000 (10:09 -0000)]
added IKE IP addresses to config list for manager

12 years agofiltering out IKEv1 configurations for manager
Martin Willi [Thu, 15 Nov 2007 10:09:14 +0000 (10:09 -0000)]
filtering out IKEv1 configurations for manager

12 years agofixed daemon kill before threads are spawned
Martin Willi [Wed, 14 Nov 2007 10:12:34 +0000 (10:12 -0000)]
fixed daemon kill before threads are spawned

12 years agofixed NO_PROPOSAL_CHOSEN response on IKE_SA_INIT
Martin Willi [Wed, 14 Nov 2007 09:41:08 +0000 (09:41 -0000)]
fixed NO_PROPOSAL_CHOSEN response on IKE_SA_INIT

12 years agochanged session timeout to 15 minutes
Martin Willi [Tue, 13 Nov 2007 12:00:02 +0000 (12:00 -0000)]
changed session timeout to 15 minutes