strongswan.git
9 years agoInsert certificates and secrets at the front of the lists.
Tobias Brunner [Mon, 22 Nov 2010 12:31:07 +0000 (13:31 +0100)]
Insert certificates and secrets at the front of the lists.

As the lookup is also from front to back, certificates added later are
now found first, which is useful in case of e.g. "reread cacerts".

9 years agoRefactored stroke_cred_t to use mem_cred_t.
Tobias Brunner [Fri, 19 Nov 2010 16:37:11 +0000 (17:37 +0100)]
Refactored stroke_cred_t to use mem_cred_t.

9 years agoFunction add_crl added to mem_cred_t.
Tobias Brunner [Fri, 19 Nov 2010 16:28:46 +0000 (17:28 +0100)]
Function add_crl added to mem_cred_t.

9 years agoFunction added to clear secrets (but not certs) from mem_cred_t.
Tobias Brunner [Fri, 19 Nov 2010 16:28:12 +0000 (17:28 +0100)]
Function added to clear secrets (but not certs) from mem_cred_t.

9 years agoAlternative to mem_cred_t.add_cert added, which returns the certificate.
Tobias Brunner [Fri, 19 Nov 2010 16:26:33 +0000 (17:26 +0100)]
Alternative to mem_cred_t.add_cert added, which returns the certificate.

If the certificate is already cached, the cached version is returned.

9 years agoFunction added to mem_cred_t to add shared secret with a linked list of owners.
Tobias Brunner [Fri, 19 Nov 2010 16:21:00 +0000 (17:21 +0100)]
Function added to mem_cred_t to add shared secret with a linked list of owners.

9 years agoAdded functions to modify/create settings in settings_t.
Tobias Brunner [Thu, 18 Nov 2010 12:59:29 +0000 (13:59 +0100)]
Added functions to modify/create settings in settings_t.

9 years agoAdded an option to create non-existing key/value pairs during search.
Tobias Brunner [Thu, 18 Nov 2010 12:55:44 +0000 (13:55 +0100)]
Added an option to create non-existing key/value pairs during search.

9 years agoCompare shorter "boolean" values first.
Tobias Brunner [Thu, 18 Nov 2010 12:47:43 +0000 (13:47 +0100)]
Compare shorter "boolean" values first.

9 years agoHelper functions added to easily convert enumerated values.
Tobias Brunner [Mon, 15 Nov 2010 12:07:10 +0000 (13:07 +0100)]
Helper functions added to easily convert enumerated values.

9 years agoEnsure that sections exist when using load_files_section.
Tobias Brunner [Fri, 12 Nov 2010 16:35:04 +0000 (17:35 +0100)]
Ensure that sections exist when using load_files_section.

9 years agoSkip values and sections without key.
Tobias Brunner [Fri, 12 Nov 2010 14:34:33 +0000 (15:34 +0100)]
Skip values and sections without key.

9 years agoSome refactorings in lookup code in settings_t.
Tobias Brunner [Fri, 12 Nov 2010 13:29:09 +0000 (14:29 +0100)]
Some refactorings in lookup code in settings_t.

9 years agoAdded documentation about new features of settings_t.
Tobias Brunner [Fri, 12 Nov 2010 12:51:28 +0000 (13:51 +0100)]
Added documentation about new features of settings_t.

9 years agoMade settings_t thread-safe.
Tobias Brunner [Fri, 12 Nov 2010 10:55:21 +0000 (11:55 +0100)]
Made settings_t thread-safe.

9 years agoAdded functions to settings_t to load files dynamically at runtime.
Tobias Brunner [Fri, 12 Nov 2010 10:20:29 +0000 (11:20 +0100)]
Added functions to settings_t to load files dynamically at runtime.

9 years agoAllow inclusion of other files in strongswan.conf.
Tobias Brunner [Thu, 11 Nov 2010 15:43:09 +0000 (16:43 +0100)]
Allow inclusion of other files in strongswan.conf.

9 years agoLoading of strongswan.conf refactored to a separate function.
Tobias Brunner [Thu, 11 Nov 2010 15:15:38 +0000 (16:15 +0100)]
Loading of strongswan.conf refactored to a separate function.

9 years agoAllow to replace/extend previously defined values/sections in strongswan.conf.
Tobias Brunner [Thu, 11 Nov 2010 15:02:30 +0000 (16:02 +0100)]
Allow to replace/extend previously defined values/sections in strongswan.conf.

9 years agoDon't create a section in parse_section.
Tobias Brunner [Thu, 11 Nov 2010 14:21:25 +0000 (15:21 +0100)]
Don't create a section in parse_section.

Just add subsections and values to the passed section.

9 years agoRemoved unused static variable "lev".
Tobias Brunner [Thu, 11 Nov 2010 12:04:25 +0000 (13:04 +0100)]
Removed unused static variable "lev".

9 years agoAvoid calling globfree twice on failure.
Tobias Brunner [Thu, 11 Nov 2010 11:52:48 +0000 (12:52 +0100)]
Avoid calling globfree twice on failure.

9 years agoremoved superfluous whitespace
Andreas Steffen [Fri, 3 Dec 2010 10:26:13 +0000 (11:26 +0100)]
removed superfluous whitespace

9 years agoPB-TNC messages implemented
Sansar Choinyambuu [Fri, 3 Dec 2010 09:22:51 +0000 (10:22 +0100)]
PB-TNC messages implemented

9 years agoMigrated asn1_parser_t to INIT/METHOD macros
Andreas Steffen [Thu, 2 Dec 2010 21:12:02 +0000 (22:12 +0100)]
Migrated asn1_parser_t to INIT/METHOD macros

9 years agoMigrated settings_t to INIT/METHOD macros
Andreas Steffen [Thu, 2 Dec 2010 05:25:59 +0000 (06:25 +0100)]
Migrated settings_t to INIT/METHOD macros

9 years agoMigrated printf_hook_t to INIT/METHOD macros
Andreas Steffen [Thu, 2 Dec 2010 05:17:24 +0000 (06:17 +0100)]
Migrated printf_hook_t to INIT/METHOD macros

9 years agoMigrated integrity_checker_t to INIT/METHOD macros
Andreas Steffen [Thu, 2 Dec 2010 05:10:50 +0000 (06:10 +0100)]
Migrated integrity_checker_t to INIT/METHOD macros

9 years agoadded SQL database extensions to NEWS
Andreas Steffen [Wed, 1 Dec 2010 09:09:21 +0000 (10:09 +0100)]
added SQL database extensions to NEWS

9 years agoversion bump to 4.5.1dr2
Andreas Steffen [Wed, 1 Dec 2010 09:08:49 +0000 (10:08 +0100)]
version bump to 4.5.1dr2

9 years agouse a composite test proposal
Andreas Steffen [Wed, 1 Dec 2010 09:05:28 +0000 (10:05 +0100)]
use a composite test proposal

9 years agocheck for malformed IKE and ESP proposals
Andreas Steffen [Wed, 1 Dec 2010 08:50:30 +0000 (09:50 +0100)]
check for malformed IKE and ESP proposals

9 years agoMigrated sql_plugin_t to INIT/METHOD macros
Andreas Steffen [Tue, 30 Nov 2010 22:31:24 +0000 (23:31 +0100)]
Migrated sql_plugin_t to INIT/METHOD macros

9 years agoMigrated sql_config_t to INIT/METHOD macros
Andreas Steffen [Tue, 30 Nov 2010 22:27:51 +0000 (23:27 +0100)]
Migrated sql_config_t to INIT/METHOD macros

9 years agorenamed algorithm to proposal
Andreas Steffen [Tue, 30 Nov 2010 16:38:49 +0000 (17:38 +0100)]
renamed algorithm to proposal

9 years agostore IKE and ESP proposals in SQL database
Andreas Steffen [Tue, 30 Nov 2010 16:03:21 +0000 (17:03 +0100)]
store IKE and ESP proposals in SQL database

9 years agoconfigured various DPD modes in sql scenarios
Andreas Steffen [Sun, 28 Nov 2010 16:41:27 +0000 (17:41 +0100)]
configured various DPD modes in sql scenarios

9 years agoadded sql/net2net-route-pem scenario
Andreas Steffen [Sun, 28 Nov 2010 11:00:44 +0000 (12:00 +0100)]
added sql/net2net-route-pem scenario

9 years agoadded sql/net2net-start-pem scenario
Andreas Steffen [Sun, 28 Nov 2010 11:00:19 +0000 (12:00 +0100)]
added sql/net2net-start-pem scenario

9 years agostart and route connections defined in an SQL database via start_action field and...
Andreas Steffen [Sun, 28 Nov 2010 10:57:49 +0000 (11:57 +0100)]
start and route connections defined in an SQL database via start_action field and ipsec up %startall command

9 years agoversion bump to 4.5.1dr1
Andreas Steffen [Sun, 28 Nov 2010 10:55:40 +0000 (11:55 +0100)]
version bump to 4.5.1dr1

9 years agoMigrated stroke_config_t to INIT/METHOD macros
Andreas Steffen [Sat, 27 Nov 2010 00:12:58 +0000 (01:12 +0100)]
Migrated stroke_config_t to INIT/METHOD macros

9 years agoMigrated stroke_cat_t to INIT/METHOD macros
Andreas Steffen [Fri, 26 Nov 2010 23:49:15 +0000 (00:49 +0100)]
Migrated stroke_cat_t to INIT/METHOD macros

9 years agoMigrated child_cfg_t to INIT/METHOD macros
Andreas Steffen [Fri, 26 Nov 2010 15:32:15 +0000 (16:32 +0100)]
Migrated child_cfg_t to INIT/METHOD macros

9 years agoMerge branch 'master' of git.strongswan.org:strongswan
Andreas Steffen [Fri, 26 Nov 2010 13:07:18 +0000 (14:07 +0100)]
Merge branch 'master' of git.strongswan.org:strongswan

9 years agosupport PEM-encoded certificates stored in SQL databases
Andreas Steffen [Fri, 26 Nov 2010 12:46:16 +0000 (13:46 +0100)]
support PEM-encoded certificates stored in SQL databases

9 years agocommas, commas, ..
Andreas Steffen [Thu, 25 Nov 2010 22:25:01 +0000 (23:25 +0100)]
commas, commas, ..

9 years agoMigrated resolve_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:19:33 +0000 (23:19 +0100)]
Migrated resolve_plugin_t to INIT/METHOD macros

9 years agoMigrated kernel_pfroute_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:17:18 +0000 (23:17 +0100)]
Migrated kernel_pfroute_plugin_t to INIT/METHOD macros

9 years agoMigrated kernel_pfkey_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:14:29 +0000 (23:14 +0100)]
Migrated kernel_pfkey_plugin_t to INIT/METHOD macros

9 years agoMigrated kernel_netlink_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:12:12 +0000 (23:12 +0100)]
Migrated kernel_netlink_plugin_t to INIT/METHOD macros

9 years agoINIT allocates memory
Andreas Steffen [Thu, 25 Nov 2010 22:09:12 +0000 (23:09 +0100)]
INIT allocates memory

9 years agoINIT allocates memory
Andreas Steffen [Thu, 25 Nov 2010 22:08:00 +0000 (23:08 +0100)]
INIT allocates memory

9 years agoMigrated kernel_klips_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:06:20 +0000 (23:06 +0100)]
Migrated kernel_klips_plugin_t to INIT/METHOD macros

9 years agoMigrated attr_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 21:52:32 +0000 (22:52 +0100)]
Migrated attr_plugin_t to INIT/METHOD macros

9 years agoMigrated attr_sql_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 21:49:44 +0000 (22:49 +0100)]
Migrated attr_sql_plugin_t to INIT/METHOD macros

9 years agoMigrated backend_manager_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 21:43:19 +0000 (22:43 +0100)]
Migrated backend_manager_t to INIT/METHOD macros

9 years agofixed a couple of bugs in the prototype
Andreas Steffen [Tue, 23 Nov 2010 15:33:23 +0000 (16:33 +0100)]
fixed a couple of bugs in the prototype

9 years agoset PB_MSG_PA message type
Andreas Steffen [Tue, 23 Nov 2010 15:32:09 +0000 (16:32 +0100)]
set PB_MSG_PA message type

9 years agoprototype implementation using the pb_tnc_message_t class
Andreas Steffen [Tue, 23 Nov 2010 13:44:16 +0000 (14:44 +0100)]
prototype implementation using the pb_tnc_message_t class

9 years agodefined a pb_tnc_message_t interface
Andreas Steffen [Tue, 23 Nov 2010 13:27:57 +0000 (14:27 +0100)]
defined a pb_tnc_message_t interface

9 years agoenabled ha plugin in UML scenarios
Andreas Steffen [Sat, 20 Nov 2010 20:52:40 +0000 (21:52 +0100)]
enabled ha plugin in UML scenarios

9 years agofixed iptables script of gateway alice
Andreas Steffen [Sat, 20 Nov 2010 20:01:54 +0000 (21:01 +0100)]
fixed iptables script of gateway alice

9 years agoremoved copy of strongswancCert.pem
Andreas Steffen [Sat, 20 Nov 2010 19:34:21 +0000 (20:34 +0100)]
removed copy of strongswancCert.pem

9 years agoadded ha/both-active scenario
Andreas Steffen [Sat, 20 Nov 2010 19:16:26 +0000 (20:16 +0100)]
added ha/both-active scenario

9 years agocreated certificate and /etc/hosts entry for virtual gateway mars
Andreas Steffen [Sat, 20 Nov 2010 17:20:23 +0000 (18:20 +0100)]
created certificate and /etc/hosts entry for virtual gateway mars

9 years agoimplemented create_reason_enumerator() function
Andreas Steffen [Fri, 19 Nov 2010 16:23:06 +0000 (17:23 +0100)]
implemented create_reason_enumerator() function

9 years agoimplemented request_handshake_retry() function
Andreas Steffen [Fri, 19 Nov 2010 07:51:56 +0000 (08:51 +0100)]
implemented request_handshake_retry() function

9 years agoDo not query for CKA_ALWAYS_AUTHENTICATE if PKCS#11 Cryptoki version < 2.20
Martin Willi [Thu, 18 Nov 2010 07:56:12 +0000 (08:56 +0100)]
Do not query for CKA_ALWAYS_AUTHENTICATE if PKCS#11 Cryptoki version < 2.20

9 years agoUse static args for C_Initialize(), OpenSC does not get a copy of the pointers
Martin Willi [Thu, 18 Nov 2010 07:43:26 +0000 (08:43 +0100)]
Use static args for C_Initialize(), OpenSC does not get a copy of the pointers

9 years agoadded ITA and strongSwan OIDs
Andreas Steffen [Wed, 17 Nov 2010 21:46:28 +0000 (22:46 +0100)]
added ITA and strongSwan OIDs

9 years agocorrected TCGID OID
Andreas Steffen [Wed, 17 Nov 2010 21:13:55 +0000 (22:13 +0100)]
corrected TCGID OID

9 years agoAdded getter for arbitrary environment variables
Martin Willi [Wed, 17 Nov 2010 15:46:23 +0000 (16:46 +0100)]
Added getter for arbitrary environment variables

9 years agoadded IMC and IMV IDs as arguments to send_message()
Andreas Steffen [Tue, 16 Nov 2010 23:04:10 +0000 (00:04 +0100)]
added IMC and IMV IDs as arguments to send_message()

9 years agoget_attribute() and set_attribute() are not allowed to use TNC_CONNECTIONID_ANY
Andreas Steffen [Tue, 16 Nov 2010 21:43:48 +0000 (22:43 +0100)]
get_attribute() and set_attribute() are not allowed to use TNC_CONNECTIONID_ANY

9 years agoinitialize chunks and add debug output
Andreas Steffen [Tue, 16 Nov 2010 21:28:10 +0000 (22:28 +0100)]
initialize chunks and add debug output

9 years agoload IMCs and IMVs with RTLD_LAZY
Andreas Steffen [Tue, 16 Nov 2010 21:14:20 +0000 (22:14 +0100)]
load IMCs and IMVs with RTLD_LAZY

9 years agofixed memory leak
Andreas Steffen [Tue, 16 Nov 2010 20:37:38 +0000 (21:37 +0100)]
fixed memory leak

9 years agoimplement set_attribute() callback function
Andreas Steffen [Tue, 16 Nov 2010 20:07:02 +0000 (21:07 +0100)]
implement set_attribute() callback function

9 years agoimplement GetAttribute() callback function
Andreas Steffen [Tue, 16 Nov 2010 19:14:48 +0000 (20:14 +0100)]
implement GetAttribute() callback function

9 years agocall is_complete() if tls protocol returns with SUCCESS
Andreas Steffen [Tue, 16 Nov 2010 10:52:06 +0000 (11:52 +0100)]
call is_complete() if tls protocol returns with SUCCESS

9 years agoreformulated recommendation policies
Andreas Steffen [Tue, 16 Nov 2010 09:59:53 +0000 (10:59 +0100)]
reformulated recommendation policies

9 years agoDo not checkin a previously destroyed SA
Thomas Egerer [Mon, 15 Nov 2010 17:00:40 +0000 (18:00 +0100)]
Do not checkin a previously destroyed SA

9 years agoRemove obsolete pool_size argument in processor_create()
Martin Willi [Tue, 16 Nov 2010 08:38:39 +0000 (09:38 +0100)]
Remove obsolete pool_size argument in processor_create()

9 years agomutex.h is not needed any more
Andreas Steffen [Tue, 16 Nov 2010 08:15:17 +0000 (09:15 +0100)]
mutex.h is not needed any more

9 years agoimv_list consists of linked imv_t instances
Andreas Steffen [Tue, 16 Nov 2010 08:09:39 +0000 (09:09 +0100)]
imv_list consists of linked imv_t instances

9 years agoimplemented have_recommendation() based on a choice of 3 policies
Andreas Steffen [Mon, 15 Nov 2010 16:38:31 +0000 (17:38 +0100)]
implemented have_recommendation() based on a choice of 3 policies

9 years agolog configured recommendation policy
Andreas Steffen [Sun, 14 Nov 2010 10:29:27 +0000 (11:29 +0100)]
log configured recommendation policy

9 years agoconfigure recommendation policy via strongswan.conf
Andreas Steffen [Sun, 14 Nov 2010 10:23:47 +0000 (11:23 +0100)]
configure recommendation policy via strongswan.conf

9 years agore-establish null pointer if IMC/IMV manager plugin could not be installed
Andreas Steffen [Sun, 14 Nov 2010 08:50:01 +0000 (09:50 +0100)]
re-establish null pointer if IMC/IMV manager plugin could not be installed

9 years agomoved recommendation handling to the tnc_imv plugin
Andreas Steffen [Sat, 13 Nov 2010 09:01:46 +0000 (10:01 +0100)]
moved recommendation handling to the tnc_imv plugin

9 years agoExtend connected peers by peer family
Thomas Egerer [Fri, 12 Nov 2010 10:37:06 +0000 (11:37 +0100)]
Extend connected peers by peer family

This allows for simultanious IPv4 and IPv6 tunnel for same peers with
matching identities.

9 years agoAdded a PKCS#11 module option to enforce OS Locking functions
Martin Willi [Fri, 12 Nov 2010 13:45:09 +0000 (14:45 +0100)]
Added a PKCS#11 module option to enforce OS Locking functions

9 years agoPrint full source route on DBG2 that gets installed
Martin Willi [Thu, 11 Nov 2010 08:59:02 +0000 (09:59 +0100)]
Print full source route on DBG2 that gets installed

9 years agoremoved debug output in IMC bind functions
Andreas Steffen [Thu, 11 Nov 2010 06:51:56 +0000 (07:51 +0100)]
removed debug output in IMC bind functions

9 years agoadded get_preferred_language() to tnc_imc
Andreas Steffen [Thu, 11 Nov 2010 06:30:13 +0000 (07:30 +0100)]
added get_preferred_language() to tnc_imc

9 years agocreated dummy have_recommendation() function
Andreas Steffen [Wed, 10 Nov 2010 21:42:36 +0000 (22:42 +0100)]
created dummy have_recommendation() function

9 years agoimplemented mutex locking the batch in construction
Andreas Steffen [Wed, 10 Nov 2010 21:22:27 +0000 (22:22 +0100)]
implemented mutex locking the batch in construction

9 years agofixed received test message
Andreas Steffen [Wed, 10 Nov 2010 21:02:20 +0000 (22:02 +0100)]
fixed received test message

9 years agoimplemented mutex locking the recommendations list
Andreas Steffen [Wed, 10 Nov 2010 20:53:17 +0000 (21:53 +0100)]
implemented mutex locking the recommendations list