strongswan.git
9 years agoMigrated integrity_checker_t to INIT/METHOD macros
Andreas Steffen [Thu, 2 Dec 2010 05:10:50 +0000 (06:10 +0100)]
Migrated integrity_checker_t to INIT/METHOD macros

9 years agoadded SQL database extensions to NEWS
Andreas Steffen [Wed, 1 Dec 2010 09:09:21 +0000 (10:09 +0100)]
added SQL database extensions to NEWS

9 years agoversion bump to 4.5.1dr2
Andreas Steffen [Wed, 1 Dec 2010 09:08:49 +0000 (10:08 +0100)]
version bump to 4.5.1dr2

9 years agouse a composite test proposal
Andreas Steffen [Wed, 1 Dec 2010 09:05:28 +0000 (10:05 +0100)]
use a composite test proposal

9 years agocheck for malformed IKE and ESP proposals
Andreas Steffen [Wed, 1 Dec 2010 08:50:30 +0000 (09:50 +0100)]
check for malformed IKE and ESP proposals

9 years agoMigrated sql_plugin_t to INIT/METHOD macros
Andreas Steffen [Tue, 30 Nov 2010 22:31:24 +0000 (23:31 +0100)]
Migrated sql_plugin_t to INIT/METHOD macros

9 years agoMigrated sql_config_t to INIT/METHOD macros
Andreas Steffen [Tue, 30 Nov 2010 22:27:51 +0000 (23:27 +0100)]
Migrated sql_config_t to INIT/METHOD macros

9 years agorenamed algorithm to proposal
Andreas Steffen [Tue, 30 Nov 2010 16:38:49 +0000 (17:38 +0100)]
renamed algorithm to proposal

9 years agostore IKE and ESP proposals in SQL database
Andreas Steffen [Tue, 30 Nov 2010 16:03:21 +0000 (17:03 +0100)]
store IKE and ESP proposals in SQL database

9 years agoconfigured various DPD modes in sql scenarios
Andreas Steffen [Sun, 28 Nov 2010 16:41:27 +0000 (17:41 +0100)]
configured various DPD modes in sql scenarios

9 years agoadded sql/net2net-route-pem scenario
Andreas Steffen [Sun, 28 Nov 2010 11:00:44 +0000 (12:00 +0100)]
added sql/net2net-route-pem scenario

9 years agoadded sql/net2net-start-pem scenario
Andreas Steffen [Sun, 28 Nov 2010 11:00:19 +0000 (12:00 +0100)]
added sql/net2net-start-pem scenario

9 years agostart and route connections defined in an SQL database via start_action field and...
Andreas Steffen [Sun, 28 Nov 2010 10:57:49 +0000 (11:57 +0100)]
start and route connections defined in an SQL database via start_action field and ipsec up %startall command

9 years agoversion bump to 4.5.1dr1
Andreas Steffen [Sun, 28 Nov 2010 10:55:40 +0000 (11:55 +0100)]
version bump to 4.5.1dr1

9 years agoMigrated stroke_config_t to INIT/METHOD macros
Andreas Steffen [Sat, 27 Nov 2010 00:12:58 +0000 (01:12 +0100)]
Migrated stroke_config_t to INIT/METHOD macros

9 years agoMigrated stroke_cat_t to INIT/METHOD macros
Andreas Steffen [Fri, 26 Nov 2010 23:49:15 +0000 (00:49 +0100)]
Migrated stroke_cat_t to INIT/METHOD macros

9 years agoMigrated child_cfg_t to INIT/METHOD macros
Andreas Steffen [Fri, 26 Nov 2010 15:32:15 +0000 (16:32 +0100)]
Migrated child_cfg_t to INIT/METHOD macros

9 years agoMerge branch 'master' of git.strongswan.org:strongswan
Andreas Steffen [Fri, 26 Nov 2010 13:07:18 +0000 (14:07 +0100)]
Merge branch 'master' of git.strongswan.org:strongswan

9 years agosupport PEM-encoded certificates stored in SQL databases
Andreas Steffen [Fri, 26 Nov 2010 12:46:16 +0000 (13:46 +0100)]
support PEM-encoded certificates stored in SQL databases

9 years agocommas, commas, ..
Andreas Steffen [Thu, 25 Nov 2010 22:25:01 +0000 (23:25 +0100)]
commas, commas, ..

9 years agoMigrated resolve_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:19:33 +0000 (23:19 +0100)]
Migrated resolve_plugin_t to INIT/METHOD macros

9 years agoMigrated kernel_pfroute_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:17:18 +0000 (23:17 +0100)]
Migrated kernel_pfroute_plugin_t to INIT/METHOD macros

9 years agoMigrated kernel_pfkey_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:14:29 +0000 (23:14 +0100)]
Migrated kernel_pfkey_plugin_t to INIT/METHOD macros

9 years agoMigrated kernel_netlink_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:12:12 +0000 (23:12 +0100)]
Migrated kernel_netlink_plugin_t to INIT/METHOD macros

9 years agoINIT allocates memory
Andreas Steffen [Thu, 25 Nov 2010 22:09:12 +0000 (23:09 +0100)]
INIT allocates memory

9 years agoINIT allocates memory
Andreas Steffen [Thu, 25 Nov 2010 22:08:00 +0000 (23:08 +0100)]
INIT allocates memory

9 years agoMigrated kernel_klips_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 22:06:20 +0000 (23:06 +0100)]
Migrated kernel_klips_plugin_t to INIT/METHOD macros

9 years agoMigrated attr_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 21:52:32 +0000 (22:52 +0100)]
Migrated attr_plugin_t to INIT/METHOD macros

9 years agoMigrated attr_sql_plugin_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 21:49:44 +0000 (22:49 +0100)]
Migrated attr_sql_plugin_t to INIT/METHOD macros

9 years agoMigrated backend_manager_t to INIT/METHOD macros
Andreas Steffen [Thu, 25 Nov 2010 21:43:19 +0000 (22:43 +0100)]
Migrated backend_manager_t to INIT/METHOD macros

9 years agofixed a couple of bugs in the prototype
Andreas Steffen [Tue, 23 Nov 2010 15:33:23 +0000 (16:33 +0100)]
fixed a couple of bugs in the prototype

9 years agoset PB_MSG_PA message type
Andreas Steffen [Tue, 23 Nov 2010 15:32:09 +0000 (16:32 +0100)]
set PB_MSG_PA message type

9 years agoprototype implementation using the pb_tnc_message_t class
Andreas Steffen [Tue, 23 Nov 2010 13:44:16 +0000 (14:44 +0100)]
prototype implementation using the pb_tnc_message_t class

9 years agodefined a pb_tnc_message_t interface
Andreas Steffen [Tue, 23 Nov 2010 13:27:57 +0000 (14:27 +0100)]
defined a pb_tnc_message_t interface

9 years agoenabled ha plugin in UML scenarios
Andreas Steffen [Sat, 20 Nov 2010 20:52:40 +0000 (21:52 +0100)]
enabled ha plugin in UML scenarios

9 years agofixed iptables script of gateway alice
Andreas Steffen [Sat, 20 Nov 2010 20:01:54 +0000 (21:01 +0100)]
fixed iptables script of gateway alice

9 years agoremoved copy of strongswancCert.pem
Andreas Steffen [Sat, 20 Nov 2010 19:34:21 +0000 (20:34 +0100)]
removed copy of strongswancCert.pem

9 years agoadded ha/both-active scenario
Andreas Steffen [Sat, 20 Nov 2010 19:16:26 +0000 (20:16 +0100)]
added ha/both-active scenario

9 years agocreated certificate and /etc/hosts entry for virtual gateway mars
Andreas Steffen [Sat, 20 Nov 2010 17:20:23 +0000 (18:20 +0100)]
created certificate and /etc/hosts entry for virtual gateway mars

9 years agoimplemented create_reason_enumerator() function
Andreas Steffen [Fri, 19 Nov 2010 16:23:06 +0000 (17:23 +0100)]
implemented create_reason_enumerator() function

9 years agoimplemented request_handshake_retry() function
Andreas Steffen [Fri, 19 Nov 2010 07:51:56 +0000 (08:51 +0100)]
implemented request_handshake_retry() function

9 years agoDo not query for CKA_ALWAYS_AUTHENTICATE if PKCS#11 Cryptoki version < 2.20
Martin Willi [Thu, 18 Nov 2010 07:56:12 +0000 (08:56 +0100)]
Do not query for CKA_ALWAYS_AUTHENTICATE if PKCS#11 Cryptoki version < 2.20

9 years agoUse static args for C_Initialize(), OpenSC does not get a copy of the pointers
Martin Willi [Thu, 18 Nov 2010 07:43:26 +0000 (08:43 +0100)]
Use static args for C_Initialize(), OpenSC does not get a copy of the pointers

9 years agoadded ITA and strongSwan OIDs
Andreas Steffen [Wed, 17 Nov 2010 21:46:28 +0000 (22:46 +0100)]
added ITA and strongSwan OIDs

9 years agocorrected TCGID OID
Andreas Steffen [Wed, 17 Nov 2010 21:13:55 +0000 (22:13 +0100)]
corrected TCGID OID

9 years agoAdded getter for arbitrary environment variables
Martin Willi [Wed, 17 Nov 2010 15:46:23 +0000 (16:46 +0100)]
Added getter for arbitrary environment variables

9 years agoadded IMC and IMV IDs as arguments to send_message()
Andreas Steffen [Tue, 16 Nov 2010 23:04:10 +0000 (00:04 +0100)]
added IMC and IMV IDs as arguments to send_message()

9 years agoget_attribute() and set_attribute() are not allowed to use TNC_CONNECTIONID_ANY
Andreas Steffen [Tue, 16 Nov 2010 21:43:48 +0000 (22:43 +0100)]
get_attribute() and set_attribute() are not allowed to use TNC_CONNECTIONID_ANY

9 years agoinitialize chunks and add debug output
Andreas Steffen [Tue, 16 Nov 2010 21:28:10 +0000 (22:28 +0100)]
initialize chunks and add debug output

9 years agoload IMCs and IMVs with RTLD_LAZY
Andreas Steffen [Tue, 16 Nov 2010 21:14:20 +0000 (22:14 +0100)]
load IMCs and IMVs with RTLD_LAZY

9 years agofixed memory leak
Andreas Steffen [Tue, 16 Nov 2010 20:37:38 +0000 (21:37 +0100)]
fixed memory leak

9 years agoimplement set_attribute() callback function
Andreas Steffen [Tue, 16 Nov 2010 20:07:02 +0000 (21:07 +0100)]
implement set_attribute() callback function

9 years agoimplement GetAttribute() callback function
Andreas Steffen [Tue, 16 Nov 2010 19:14:48 +0000 (20:14 +0100)]
implement GetAttribute() callback function

9 years agocall is_complete() if tls protocol returns with SUCCESS
Andreas Steffen [Tue, 16 Nov 2010 10:52:06 +0000 (11:52 +0100)]
call is_complete() if tls protocol returns with SUCCESS

9 years agoreformulated recommendation policies
Andreas Steffen [Tue, 16 Nov 2010 09:59:53 +0000 (10:59 +0100)]
reformulated recommendation policies

9 years agoDo not checkin a previously destroyed SA
Thomas Egerer [Mon, 15 Nov 2010 17:00:40 +0000 (18:00 +0100)]
Do not checkin a previously destroyed SA

9 years agoRemove obsolete pool_size argument in processor_create()
Martin Willi [Tue, 16 Nov 2010 08:38:39 +0000 (09:38 +0100)]
Remove obsolete pool_size argument in processor_create()

9 years agomutex.h is not needed any more
Andreas Steffen [Tue, 16 Nov 2010 08:15:17 +0000 (09:15 +0100)]
mutex.h is not needed any more

9 years agoimv_list consists of linked imv_t instances
Andreas Steffen [Tue, 16 Nov 2010 08:09:39 +0000 (09:09 +0100)]
imv_list consists of linked imv_t instances

9 years agoimplemented have_recommendation() based on a choice of 3 policies
Andreas Steffen [Mon, 15 Nov 2010 16:38:31 +0000 (17:38 +0100)]
implemented have_recommendation() based on a choice of 3 policies

9 years agolog configured recommendation policy
Andreas Steffen [Sun, 14 Nov 2010 10:29:27 +0000 (11:29 +0100)]
log configured recommendation policy

9 years agoconfigure recommendation policy via strongswan.conf
Andreas Steffen [Sun, 14 Nov 2010 10:23:47 +0000 (11:23 +0100)]
configure recommendation policy via strongswan.conf

9 years agore-establish null pointer if IMC/IMV manager plugin could not be installed
Andreas Steffen [Sun, 14 Nov 2010 08:50:01 +0000 (09:50 +0100)]
re-establish null pointer if IMC/IMV manager plugin could not be installed

9 years agomoved recommendation handling to the tnc_imv plugin
Andreas Steffen [Sat, 13 Nov 2010 09:01:46 +0000 (10:01 +0100)]
moved recommendation handling to the tnc_imv plugin

9 years agoExtend connected peers by peer family
Thomas Egerer [Fri, 12 Nov 2010 10:37:06 +0000 (11:37 +0100)]
Extend connected peers by peer family

This allows for simultanious IPv4 and IPv6 tunnel for same peers with
matching identities.

9 years agoAdded a PKCS#11 module option to enforce OS Locking functions
Martin Willi [Fri, 12 Nov 2010 13:45:09 +0000 (14:45 +0100)]
Added a PKCS#11 module option to enforce OS Locking functions

9 years agoPrint full source route on DBG2 that gets installed
Martin Willi [Thu, 11 Nov 2010 08:59:02 +0000 (09:59 +0100)]
Print full source route on DBG2 that gets installed

9 years agoremoved debug output in IMC bind functions
Andreas Steffen [Thu, 11 Nov 2010 06:51:56 +0000 (07:51 +0100)]
removed debug output in IMC bind functions

9 years agoadded get_preferred_language() to tnc_imc
Andreas Steffen [Thu, 11 Nov 2010 06:30:13 +0000 (07:30 +0100)]
added get_preferred_language() to tnc_imc

9 years agocreated dummy have_recommendation() function
Andreas Steffen [Wed, 10 Nov 2010 21:42:36 +0000 (22:42 +0100)]
created dummy have_recommendation() function

9 years agoimplemented mutex locking the batch in construction
Andreas Steffen [Wed, 10 Nov 2010 21:22:27 +0000 (22:22 +0100)]
implemented mutex locking the batch in construction

9 years agofixed received test message
Andreas Steffen [Wed, 10 Nov 2010 21:02:20 +0000 (22:02 +0100)]
fixed received test message

9 years agoimplemented mutex locking the recommendations list
Andreas Steffen [Wed, 10 Nov 2010 20:53:17 +0000 (21:53 +0100)]
implemented mutex locking the recommendations list

9 years agodisplay ID of registered IMCs/IMVs
Andreas Steffen [Wed, 10 Nov 2010 20:30:50 +0000 (21:30 +0100)]
display ID of registered IMCs/IMVs

9 years agoimplemented recommendation storage
Andreas Steffen [Wed, 10 Nov 2010 20:23:10 +0000 (21:23 +0100)]
implemented recommendation storage

9 years agocreated enum names for action recommendations and evaluation results
Andreas Steffen [Wed, 10 Nov 2010 20:22:27 +0000 (21:22 +0100)]
created enum names for action recommendations and evaluation results

9 years agoremoved debug output of tnc_imv_bind_functions
Andreas Steffen [Wed, 10 Nov 2010 20:20:53 +0000 (21:20 +0100)]
removed debug output of tnc_imv_bind_functions

9 years agoDo not use CKA_TRUSTED attribute for Cryptoki version < 2.20, handling all certs...
Martin Willi [Wed, 10 Nov 2010 17:34:59 +0000 (18:34 +0100)]
Do not use CKA_TRUSTED attribute for Cryptoki version < 2.20, handling all certs as trusted

9 years agoAdd flags for PKCS#11 libraries with reduced feature set
Martin Willi [Wed, 10 Nov 2010 17:16:17 +0000 (18:16 +0100)]
Add flags for PKCS#11 libraries with reduced feature set

9 years agoenforce_recommendation inserts TNC group membership rules for IKE_SA
Andreas Steffen [Wed, 10 Nov 2010 16:59:41 +0000 (17:59 +0100)]
enforce_recommendation inserts TNC group membership rules for IKE_SA

9 years agodefined PB-TNC types
Andreas Steffen [Wed, 10 Nov 2010 14:44:51 +0000 (15:44 +0100)]
defined PB-TNC types

9 years agoappend any previously collection messages to batch
Andreas Steffen [Wed, 10 Nov 2010 14:44:09 +0000 (15:44 +0100)]
append any previously collection messages to batch

9 years agoread IMC/IMV configurations from /etc/tnc_config
Andreas Steffen [Wed, 10 Nov 2010 09:57:01 +0000 (10:57 +0100)]
read IMC/IMV configurations from /etc/tnc_config

9 years agounload the IMCs and IMVs using dlclose()
Andreas Steffen [Tue, 9 Nov 2010 11:45:21 +0000 (12:45 +0100)]
unload the IMCs and IMVs using dlclose()

9 years agoimplemented separate protocol and connection rwlocks
Andreas Steffen [Tue, 9 Nov 2010 11:30:26 +0000 (12:30 +0100)]
implemented separate protocol and connection rwlocks

9 years agoassign provide_recommendation callback function
Andreas Steffen [Mon, 8 Nov 2010 22:56:20 +0000 (23:56 +0100)]
assign provide_recommendation callback function

9 years agoimplemented batch_ending() and solicit_recommendation() functions
Andreas Steffen [Mon, 8 Nov 2010 22:13:40 +0000 (23:13 +0100)]
implemented batch_ending() and solicit_recommendation() functions

9 years agoadded get_count() method to IMC/IMV managers
Andreas Steffen [Mon, 8 Nov 2010 21:33:01 +0000 (22:33 +0100)]
added get_count() method to IMC/IMV managers

9 years agoabort if one of the IMCs or IMVs fail to initialize
Andreas Steffen [Mon, 8 Nov 2010 21:21:53 +0000 (22:21 +0100)]
abort if one of the IMCs or IMVs fail to initialize

9 years agoremoved whitespace
Andreas Steffen [Mon, 8 Nov 2010 18:39:16 +0000 (19:39 +0100)]
removed whitespace

9 years agoimplemented provide_recommendation callback function
Andreas Steffen [Mon, 8 Nov 2010 18:25:25 +0000 (19:25 +0100)]
implemented provide_recommendation callback function

9 years agoadded imc/imv_manager remove method
Andreas Steffen [Mon, 8 Nov 2010 14:53:50 +0000 (15:53 +0100)]
added imc/imv_manager remove method

9 years agoremoved dependencies from libtnc
Andreas Steffen [Mon, 8 Nov 2010 10:41:14 +0000 (11:41 +0100)]
removed dependencies from libtnc

9 years agoinsert IMV/IMC before providing BindFunction
Andreas Steffen [Sun, 7 Nov 2010 23:29:44 +0000 (00:29 +0100)]
insert IMV/IMC before providing BindFunction

9 years agotnc_imc/tnc_imv cosmetics
Andreas Steffen [Sun, 7 Nov 2010 11:16:52 +0000 (12:16 +0100)]
tnc_imc/tnc_imv cosmetics

9 years agotnccs header cosmetics
Andreas Steffen [Sun, 7 Nov 2010 11:03:26 +0000 (12:03 +0100)]
tnccs header cosmetics

9 years agoimv/imc header cosmetics
Andreas Steffen [Sun, 7 Nov 2010 10:56:56 +0000 (11:56 +0100)]
imv/imc header cosmetics

9 years agoimplemented receive_message() function
Andreas Steffen [Sun, 7 Nov 2010 00:17:21 +0000 (01:17 +0100)]
implemented receive_message() function

9 years agosupport of reportMessageTypes() function
Andreas Steffen [Sat, 6 Nov 2010 22:01:59 +0000 (23:01 +0100)]
support of reportMessageTypes() function

9 years agomoved TNCCS callback functions into bind_function.c
Andreas Steffen [Sat, 6 Nov 2010 19:38:59 +0000 (20:38 +0100)]
moved TNCCS callback functions into bind_function.c