strongswan.git
13 years agoadded
Andreas Steffen [Wed, 7 Mar 2007 14:12:36 +0000 (14:12 -0000)]
added

13 years agocorrected @ingroup to utils
Andreas Steffen [Wed, 7 Mar 2007 14:11:47 +0000 (14:11 -0000)]
corrected @ingroup to utils

13 years agocorrected comment
Andreas Steffen [Wed, 7 Mar 2007 14:11:02 +0000 (14:11 -0000)]
corrected comment

13 years agostart ocsp checking only if there are any ocspuris present
Andreas Steffen [Wed, 7 Mar 2007 13:22:07 +0000 (13:22 -0000)]
start ocsp checking only if there are any ocspuris present

13 years agoconntrack -F is used to flush the NAT states
Andreas Steffen [Wed, 7 Mar 2007 04:45:12 +0000 (04:45 -0000)]
conntrack -F is used to flush the NAT states

13 years agothe hostaccess=yes parameters are not needed anymore
Andreas Steffen [Wed, 7 Mar 2007 04:44:25 +0000 (04:44 -0000)]
the hostaccess=yes parameters are not needed anymore

13 years agouse conntrack -F to flush NAT states
Andreas Steffen [Wed, 7 Mar 2007 04:29:13 +0000 (04:29 -0000)]
use conntrack -F to flush NAT states

13 years agoreplaced actual virtual IP addresses by symbolic ones
Andreas Steffen [Wed, 7 Mar 2007 04:28:34 +0000 (04:28 -0000)]
replaced actual virtual IP addresses by symbolic ones

13 years agoremoved unnecessary double quotes
Andreas Steffen [Wed, 7 Mar 2007 04:27:32 +0000 (04:27 -0000)]
removed unnecessary double quotes

13 years agononce in ocsp_t was not properly initialized
Andreas Steffen [Wed, 7 Mar 2007 04:22:21 +0000 (04:22 -0000)]
nonce in ocsp_t was not properly initialized

13 years agoocsp request is now fully built but without requestor signature
Andreas Steffen [Wed, 7 Mar 2007 03:39:40 +0000 (03:39 -0000)]
ocsp request is now fully built but without requestor signature

13 years agostarting to build ocsp request
Andreas Steffen [Tue, 6 Mar 2007 23:05:44 +0000 (23:05 -0000)]
starting to build ocsp request

13 years agoprevent from initiating multiple exchanges the same time
Martin Willi [Tue, 6 Mar 2007 22:17:53 +0000 (22:17 -0000)]
prevent from initiating  multiple exchanges the same time

13 years agoupdated apidoc documentation
Martin Willi [Tue, 6 Mar 2007 22:17:21 +0000 (22:17 -0000)]
updated apidoc documentation

13 years agofixed notify handling in IKE_AUTH
Martin Willi [Tue, 6 Mar 2007 20:58:39 +0000 (20:58 -0000)]
fixed notify handling in IKE_AUTH
moved nonce payload before TS in CHILD_SA setup

13 years agomoved REKEY_SA notify to the beginning of the message
Martin Willi [Tue, 6 Mar 2007 20:56:58 +0000 (20:56 -0000)]
moved REKEY_SA notify to the beginning of the message

13 years agofixed traffic selector redundancy removal code (not completely tested)
Martin Willi [Tue, 6 Mar 2007 20:55:19 +0000 (20:55 -0000)]
fixed traffic selector redundancy removal code (not completely tested)

13 years agoadd crl and ocsp uris to linked list after partial verification
Andreas Steffen [Tue, 6 Mar 2007 18:51:56 +0000 (18:51 -0000)]
add crl and ocsp uris to linked list after partial verification

13 years agoadded print hook for certinfo_t printing
Andreas Steffen [Tue, 6 Mar 2007 14:27:34 +0000 (14:27 -0000)]
added print hook for certinfo_t printing

13 years agofixed typo
Andreas Steffen [Tue, 6 Mar 2007 14:26:03 +0000 (14:26 -0000)]
fixed typo

13 years agosending an SPI of 0 as responder when IKE_SA_INIT fails
Martin Willi [Tue, 6 Mar 2007 13:06:47 +0000 (13:06 -0000)]
sending an SPI of 0 as responder when IKE_SA_INIT fails

13 years agoiterate certinfos linked list for matching serialNumber
Andreas Steffen [Mon, 5 Mar 2007 22:08:48 +0000 (22:08 -0000)]
iterate certinfos linked list for matching serialNumber

13 years agosome cleanups
Martin Willi [Mon, 5 Mar 2007 22:07:36 +0000 (22:07 -0000)]
some cleanups
not assigning %any virtual IPs to peer anymore

13 years agofixed double free bug
Martin Willi [Mon, 5 Mar 2007 22:02:14 +0000 (22:02 -0000)]
fixed double free bug

13 years agoadded
Andreas Steffen [Mon, 5 Mar 2007 19:15:33 +0000 (19:15 -0000)]
added

13 years agofixed ID selection bug when peer doesn't include IDr payload
Martin Willi [Mon, 5 Mar 2007 15:22:50 +0000 (15:22 -0000)]
fixed ID selection bug when peer doesn't include IDr payload
allowing vendor ID in any messag

13 years agomoved listing of crls to local_credential_store and ca
Andreas Steffen [Sat, 3 Mar 2007 21:10:22 +0000 (21:10 -0000)]
moved listing of crls to local_credential_store and ca

13 years agorefactored ca_info_t
Andreas Steffen [Sat, 3 Mar 2007 21:08:07 +0000 (21:08 -0000)]
refactored ca_info_t

13 years agorefactored ca_info_t
Andreas Steffen [Sat, 3 Mar 2007 21:07:23 +0000 (21:07 -0000)]
refactored ca_info_t

13 years agofixed netlink socket receiver code
Martin Willi [Sat, 3 Mar 2007 14:56:24 +0000 (14:56 -0000)]
fixed netlink socket receiver code
implemented interface enumeration code with netlink: no getifaddrs reqired anymore

13 years agorefactored kernel interface, works reliable again
Martin Willi [Sat, 3 Mar 2007 13:04:07 +0000 (13:04 -0000)]
refactored kernel interface, works reliable again

13 years agoimplemented get_iface() using RTM_GETADDR
Martin Willi [Fri, 2 Mar 2007 17:08:38 +0000 (17:08 -0000)]
implemented get_iface() using RTM_GETADDR
added support for multi-header netlink messages
really ugly now, need a lot of refactoring

13 years agoadded debuggin for interface lookup
Martin Willi [Thu, 1 Mar 2007 12:53:20 +0000 (12:53 -0000)]
added debuggin for interface lookup

13 years agofixed address lookup when !using getifaddrs()
Martin Willi [Thu, 1 Mar 2007 12:35:21 +0000 (12:35 -0000)]
fixed address lookup when !using getifaddrs()

13 years agoadded firewalling support when using virtual IPs
Martin Willi [Thu, 1 Mar 2007 12:31:58 +0000 (12:31 -0000)]
added firewalling support when using virtual IPs

13 years agoadded support for 0.0.0.0/0 traffic selectors
Martin Willi [Thu, 1 Mar 2007 11:42:08 +0000 (11:42 -0000)]
added support for 0.0.0.0/0 traffic selectors
fixed routing to make correct 0.0.0.0/0 routes

13 years agoconfig-payload scenario fixes
Andreas Steffen [Thu, 1 Mar 2007 08:20:50 +0000 (08:20 -0000)]
config-payload scenario fixes

13 years agopreparations for PLUTO_MY_SOURCEIP
Andreas Steffen [Thu, 1 Mar 2007 07:45:43 +0000 (07:45 -0000)]
preparations for PLUTO_MY_SOURCEIP

13 years agocorrected typo
Andreas Steffen [Thu, 1 Mar 2007 00:00:35 +0000 (00:00 -0000)]
corrected typo

13 years agoadded cert with OCSP access info
Andreas Steffen [Wed, 28 Feb 2007 23:25:13 +0000 (23:25 -0000)]
added cert with OCSP access info

13 years agodpd now takes 180 s and 5 retransmits
Andreas Steffen [Wed, 28 Feb 2007 23:19:20 +0000 (23:19 -0000)]
dpd now takes 180 s and 5 retransmits

13 years agochanged grep to creating aquire job for CHILD SA
Andreas Steffen [Wed, 28 Feb 2007 23:02:40 +0000 (23:02 -0000)]
changed grep to creating aquire job for CHILD SA

13 years agoreplaced actual virtual IPs by place holders 4.0.7
Andreas Steffen [Wed, 28 Feb 2007 22:38:49 +0000 (22:38 -0000)]
replaced actual virtual IPs by place holders

13 years agovirtual-ip scenario has been replaces by config-payload scenario
Andreas Steffen [Wed, 28 Feb 2007 22:21:58 +0000 (22:21 -0000)]
virtual-ip scenario has been replaces by config-payload scenario

13 years agoadded
Andreas Steffen [Wed, 28 Feb 2007 22:16:23 +0000 (22:16 -0000)]
added

13 years agoadded
Andreas Steffen [Wed, 28 Feb 2007 22:16:16 +0000 (22:16 -0000)]
added

13 years agoadded ocsp.h and ocsp.c
Andreas Steffen [Wed, 28 Feb 2007 20:31:07 +0000 (20:31 -0000)]
added ocsp.h and ocsp.c

13 years agoadded
Andreas Steffen [Wed, 28 Feb 2007 20:30:44 +0000 (20:30 -0000)]
added

13 years agovirtual ip uml test
Tobias Brunner [Wed, 28 Feb 2007 15:20:10 +0000 (15:20 -0000)]
virtual ip uml test

13 years agofixed reauthentication when connections other is %any
Martin Willi [Wed, 28 Feb 2007 14:17:31 +0000 (14:17 -0000)]
fixed reauthentication when connections other is %any

13 years agomerged tasking branch into trunk
Martin Willi [Wed, 28 Feb 2007 14:04:36 +0000 (14:04 -0000)]
merged tasking branch into trunk

13 years agofixed big endian bug in md5 hasher
Martin Willi [Wed, 28 Feb 2007 07:20:16 +0000 (07:20 -0000)]
fixed big endian bug in md5 hasher

13 years agocosmetics
Andreas Steffen [Tue, 27 Feb 2007 22:05:49 +0000 (22:05 -0000)]
cosmetics

13 years agoadded once flag to certinfo_t
Andreas Steffen [Tue, 27 Feb 2007 21:23:51 +0000 (21:23 -0000)]
added once flag to certinfo_t

13 years agocosmetics
Andreas Steffen [Tue, 27 Feb 2007 21:22:57 +0000 (21:22 -0000)]
cosmetics

13 years agoadded certinfos linked list
Andreas Steffen [Tue, 27 Feb 2007 21:21:54 +0000 (21:21 -0000)]
added certinfos linked list

13 years agochanged ca info to ca
Andreas Steffen [Sun, 25 Feb 2007 18:47:09 +0000 (18:47 -0000)]
changed ca info to ca

13 years agosupport of ca info sections
Andreas Steffen [Sun, 25 Feb 2007 08:18:11 +0000 (08:18 -0000)]
support of ca info sections

13 years agoadded support of OCSP accessLocations
Andreas Steffen [Sun, 25 Feb 2007 08:15:46 +0000 (08:15 -0000)]
added support of OCSP accessLocations

13 years agocorrect interface definition
Andreas Steffen [Sun, 25 Feb 2007 08:15:38 +0000 (08:15 -0000)]
correct interface definition

13 years agoadded support of OCSP accessLocations
Andreas Steffen [Sun, 25 Feb 2007 08:14:50 +0000 (08:14 -0000)]
added support of OCSP accessLocations

13 years agofull support of ca info records
Andreas Steffen [Sat, 24 Feb 2007 23:21:57 +0000 (23:21 -0000)]
full support of ca info records

13 years agoadded the create_crluri_iterator method
Andreas Steffen [Sat, 24 Feb 2007 23:21:45 +0000 (23:21 -0000)]
added the create_crluri_iterator method

13 years agoreplace ca is realized as del_ca followed by add_ca
Andreas Steffen [Sat, 24 Feb 2007 23:20:27 +0000 (23:20 -0000)]
replace ca is realized as del_ca followed by add_ca

13 years agolast CA keyword is KW_OCSPURI2
Andreas Steffen [Sat, 24 Feb 2007 23:19:28 +0000 (23:19 -0000)]
last CA keyword is KW_OCSPURI2

13 years agofull support of ca info records
Andreas Steffen [Sat, 24 Feb 2007 23:18:31 +0000 (23:18 -0000)]
full support of ca info records

13 years agofull support of ca info records
Andreas Steffen [Sat, 24 Feb 2007 23:18:08 +0000 (23:18 -0000)]
full support of ca info records

13 years agoalphabetically sorting print commands
Andreas Steffen [Sat, 24 Feb 2007 00:35:23 +0000 (00:35 -0000)]
alphabetically sorting print commands

13 years agolisting ca_info items
Andreas Steffen [Sat, 24 Feb 2007 00:34:44 +0000 (00:34 -0000)]
listing ca_info items

13 years agoreplace printf.h by stdio.h
Andreas Steffen [Sat, 24 Feb 2007 00:34:17 +0000 (00:34 -0000)]
replace printf.h by stdio.h

13 years agoaddin get_keyid() method
Andreas Steffen [Sat, 24 Feb 2007 00:33:48 +0000 (00:33 -0000)]
addin get_keyid() method

13 years agosupport of ca info records
Andreas Steffen [Fri, 23 Feb 2007 15:15:31 +0000 (15:15 -0000)]
support of ca info records

13 years agosupport of ca info records
Andreas Steffen [Fri, 23 Feb 2007 15:14:59 +0000 (15:14 -0000)]
support of ca info records

13 years agoversion bump to 4.0.8
Andreas Steffen [Fri, 23 Feb 2007 15:14:21 +0000 (15:14 -0000)]
version bump to 4.0.8

13 years agosupport of ca info records
Andreas Steffen [Fri, 23 Feb 2007 15:13:33 +0000 (15:13 -0000)]
support of ca info records

13 years agosupport of ca info records
Andreas Steffen [Fri, 23 Feb 2007 15:13:21 +0000 (15:13 -0000)]
support of ca info records

13 years agotypo
Andreas Steffen [Wed, 21 Feb 2007 23:08:35 +0000 (23:08 -0000)]
typo

13 years agoSHA512-HMAC bug fix and hash function self-test support
Andreas Steffen [Wed, 21 Feb 2007 13:10:24 +0000 (13:10 -0000)]
SHA512-HMAC bug fix and hash function self-test support

13 years agoSHA512-HMAC bug fix and hash function self-test support
Andreas Steffen [Wed, 21 Feb 2007 13:10:08 +0000 (13:10 -0000)]
SHA512-HMAC bug fix and hash function self-test support

13 years agohandle strong SHA-2 signatures in X.509 certificates
Andreas Steffen [Wed, 21 Feb 2007 13:08:45 +0000 (13:08 -0000)]
handle strong SHA-2 signatures in X.509 certificates

13 years agoSHA-2 fixes and add-ons
Andreas Steffen [Wed, 21 Feb 2007 13:07:39 +0000 (13:07 -0000)]
SHA-2 fixes and add-ons

13 years agoversion bumps
Andreas Steffen [Wed, 21 Feb 2007 13:07:09 +0000 (13:07 -0000)]
version bumps

13 years agoremove strong certs and keys after test
Andreas Steffen [Wed, 21 Feb 2007 13:06:26 +0000 (13:06 -0000)]
remove strong certs and keys after test

13 years agoadded
Andreas Steffen [Wed, 21 Feb 2007 13:05:53 +0000 (13:05 -0000)]
added

13 years agousing "left" as my host per default, swapping to "right" when needed
Martin Willi [Thu, 15 Feb 2007 12:13:18 +0000 (12:13 -0000)]
using "left" as my host per default, swapping to "right" when needed

13 years agorespecting source address when sending packets
Martin Willi [Thu, 15 Feb 2007 11:35:10 +0000 (11:35 -0000)]
respecting source address when sending packets

13 years agoadded PRINT_CAINFO hook
Andreas Steffen [Wed, 14 Feb 2007 10:54:39 +0000 (10:54 -0000)]
added PRINT_CAINFO hook

13 years agostroke now recognizes the keywords listocspcerts|cainfos|ocsp, rereadocspcerts and...
Andreas Steffen [Wed, 14 Feb 2007 01:08:41 +0000 (01:08 -0000)]
stroke now recognizes the keywords listocspcerts|cainfos|ocsp, rereadocspcerts and purgeocsp

13 years agoenable IP forwarding
Andreas Steffen [Wed, 14 Feb 2007 01:05:58 +0000 (01:05 -0000)]
enable IP forwarding

13 years agoprepared support of ca information records and ocsp functionality
Andreas Steffen [Wed, 14 Feb 2007 01:04:46 +0000 (01:04 -0000)]
prepared support of ca information records and ocsp functionality

13 years agoadded support of ca information records and ocsp keywords
Andreas Steffen [Wed, 14 Feb 2007 01:03:08 +0000 (01:03 -0000)]
added support of ca information records and ocsp keywords

13 years agoenabled adding and deleting ca information records
Andreas Steffen [Wed, 14 Feb 2007 01:02:09 +0000 (01:02 -0000)]
enabled adding and deleting ca information records

13 years agofixed starter crash due to freeing default IPSEC_EAPDIR string
Andreas Steffen [Wed, 14 Feb 2007 00:56:58 +0000 (00:56 -0000)]
fixed starter crash due to freeing default IPSEC_EAPDIR string

13 years agoadd --eapdir option only if defined in ipsec.conf
Andreas Steffen [Wed, 14 Feb 2007 00:53:45 +0000 (00:53 -0000)]
add --eapdir option only if defined in ipsec.conf

13 years agoremoved eap aka module due nda
Martin Willi [Tue, 13 Feb 2007 15:19:30 +0000 (15:19 -0000)]
removed eap aka module due nda

13 years agomerged EAP framework from branch into trunk
Martin Willi [Mon, 12 Feb 2007 15:56:47 +0000 (15:56 -0000)]
merged EAP framework from branch into trunk
includes a lot of other modifications

13 years ago%T requires time_t ptr
Andreas Steffen [Thu, 8 Feb 2007 17:59:37 +0000 (17:59 -0000)]
%T requires time_t ptr

13 years agoremoved my time_t printf handler patch, applied the one of andreas (64bit save)
Martin Willi [Thu, 8 Feb 2007 15:22:21 +0000 (15:22 -0000)]
removed my time_t printf handler patch, applied the one of andreas (64bit save)

13 years agofixed printf() hooks for time
Martin Willi [Thu, 8 Feb 2007 14:31:59 +0000 (14:31 -0000)]
fixed printf() hooks for time

13 years agoadded support for NULL encryption in ESP
Martin Willi [Thu, 8 Feb 2007 13:54:42 +0000 (13:54 -0000)]
added support for NULL encryption in ESP