strongswan.git
8 years agoUse certificate CRLIssuer information to look up cacched CRLs or CDPs
Martin Willi [Thu, 2 Dec 2010 14:38:44 +0000 (15:38 +0100)]
Use certificate CRLIssuer information to look up cacched CRLs or CDPs

8 years agoAdded --crlissuer option to pki --issue
Martin Willi [Thu, 2 Dec 2010 14:37:28 +0000 (15:37 +0100)]
Added --crlissuer option to pki --issue

8 years agoAdded support for CRL Issuers to x509 and OpenSSL plugins
Martin Willi [Fri, 3 Dec 2010 09:28:46 +0000 (09:28 +0000)]
Added support for CRL Issuers to x509 and OpenSSL plugins

8 years agoGenerate payload to rebuild_auth, works with injected unknown payloads
Martin Willi [Wed, 1 Dec 2010 13:56:26 +0000 (14:56 +0100)]
Generate payload to rebuild_auth, works with injected unknown payloads

8 years agoMove rebuild_auth functionality to a standalone hook
Martin Willi [Wed, 1 Dec 2010 13:33:57 +0000 (14:33 +0100)]
Move rebuild_auth functionality to a standalone hook

This reverts commit 3c12b239fd55aa36c59eb60224d27af8b8d915d1.

8 years agoAdded key strength constraints support to conftest
Martin Willi [Thu, 25 Nov 2010 14:27:31 +0000 (15:27 +0100)]
Added key strength constraints support to conftest

8 years agoAdded key strength constraints for RSA or ECDSA trustchains
Martin Willi [Thu, 25 Nov 2010 14:26:51 +0000 (15:26 +0100)]
Added key strength constraints for RSA or ECDSA trustchains

8 years agoImplemented hook to log traffic selectors
Martin Willi [Thu, 25 Nov 2010 12:54:31 +0000 (13:54 +0100)]
Implemented hook to log traffic selectors

8 years agoThe set_reserved() hook rebuilds AUTH if it mangles ID payload fields
Martin Willi [Thu, 25 Nov 2010 11:32:41 +0000 (12:32 +0100)]
The set_reserved() hook rebuilds AUTH if it mangles ID payload fields

8 years agoInclude the used reserved bytes from ID payloads in AUTH calculation
Martin Willi [Thu, 25 Nov 2010 10:35:43 +0000 (11:35 +0100)]
Include the used reserved bytes from ID payloads in AUTH calculation

8 years agoMigrated psk/pubkey_authenticators to INIT/METHOD macros
Martin Willi [Thu, 25 Nov 2010 10:13:04 +0000 (11:13 +0100)]
Migrated psk/pubkey_authenticators to INIT/METHOD macros

8 years agoExtended set_reserved hook to mangle sa_payload substructures
Martin Willi [Thu, 25 Nov 2010 09:55:29 +0000 (10:55 +0100)]
Extended set_reserved hook to mangle sa_payload substructures

8 years agoAdded substructure enumerators to sa_payload, proposal_substructure
Martin Willi [Thu, 25 Nov 2010 09:55:08 +0000 (10:55 +0100)]
Added substructure enumerators to sa_payload, proposal_substructure

8 years agoMoved check if packet already encoded to ike_sa, avoids message() hook invocation...
Martin Willi [Wed, 24 Nov 2010 17:09:06 +0000 (18:09 +0100)]
Moved check if packet already encoded to ike_sa, avoids message() hook invocation twice

8 years agoThe set_ike_version hook supports version flag mangling
Martin Willi [Wed, 24 Nov 2010 16:45:39 +0000 (17:45 +0100)]
The set_ike_version hook supports version flag mangling

8 years agoAdded a message method to set the "higher version supported" flag
Martin Willi [Wed, 24 Nov 2010 16:45:12 +0000 (17:45 +0100)]
Added a message method to set the "higher version supported" flag

8 years agoImplemented hook to toggle initiator flag in IKE header
Martin Willi [Wed, 24 Nov 2010 16:22:16 +0000 (17:22 +0100)]
Implemented hook to toggle initiator flag in IKE header

8 years agoImplemented a hook to set reserved bits
Martin Willi [Wed, 24 Nov 2010 14:42:08 +0000 (14:42 +0000)]
Implemented a hook to set reserved bits

8 years agoAdded reserved bit mangling wrapper functions to message
Martin Willi [Wed, 24 Nov 2010 15:56:46 +0000 (16:56 +0100)]
Added reserved bit mangling wrapper functions to message

8 years agoUse payload_get_field() to look up payload fields
Martin Willi [Wed, 24 Nov 2010 16:07:45 +0000 (17:07 +0100)]
Use payload_get_field() to look up payload fields

8 years agoImplemented a generic payload field lookup function
Martin Willi [Wed, 24 Nov 2010 15:52:49 +0000 (16:52 +0100)]
Implemented a generic payload field lookup function

8 years agoReserved field get parsed/generated like any other bit/byte field
Martin Willi [Wed, 24 Nov 2010 15:44:48 +0000 (16:44 +0100)]
Reserved field get parsed/generated like any other bit/byte field

8 years agoAdded member fields for reserved bits and bytes in all payloads
Martin Willi [Wed, 24 Nov 2010 15:34:16 +0000 (16:34 +0100)]
Added member fields for reserved bits and bytes in all payloads

8 years agoMigrated vendor_id_payload to INIT/METHOD macros
Martin Willi [Wed, 24 Nov 2010 13:42:22 +0000 (14:42 +0100)]
Migrated vendor_id_payload to INIT/METHOD macros

8 years agoMigrated ts_payload to INIT/METHOD macros
Martin Willi [Wed, 24 Nov 2010 13:36:47 +0000 (14:36 +0100)]
Migrated ts_payload to INIT/METHOD macros

8 years agoUse enumerator instead of deprecated iterator
Martin Willi [Wed, 24 Nov 2010 13:21:01 +0000 (14:21 +0100)]
Use enumerator instead of deprecated iterator

8 years agoMigrated transform_substructure to INIT/METHOD macros
Martin Willi [Wed, 24 Nov 2010 13:17:44 +0000 (14:17 +0100)]
Migrated transform_substructure to INIT/METHOD macros

8 years agoRemoved obsolete clone mehtod from proposal_substructure
Martin Willi [Wed, 24 Nov 2010 12:58:33 +0000 (13:58 +0100)]
Removed obsolete clone mehtod from proposal_substructure

8 years agoMigrated transform_attribute to INIT/METHOD macros
Martin Willi [Wed, 24 Nov 2010 11:14:31 +0000 (12:14 +0100)]
Migrated transform_attribute to INIT/METHOD macros

8 years agoMigrated traffic_selector_substructre to INIT/METHOD macros
Martin Willi [Wed, 24 Nov 2010 11:00:53 +0000 (12:00 +0100)]
Migrated traffic_selector_substructre to INIT/METHOD macros

8 years agoMigrated notify_payload to INIT/METHOD macros
Martin Willi [Wed, 24 Nov 2010 10:54:12 +0000 (11:54 +0100)]
Migrated notify_payload to INIT/METHOD macros

8 years agoMigrated nonce_payload to INIT/METHOD macros
Martin Willi [Wed, 24 Nov 2010 10:42:29 +0000 (11:42 +0100)]
Migrated nonce_payload to INIT/METHOD macros

8 years agoMigrated ke_payload to INIT/METHOD macros
Martin Willi [Wed, 24 Nov 2010 10:37:34 +0000 (11:37 +0100)]
Migrated ke_payload to INIT/METHOD macros

8 years agoMigrated id_payload to INIT/METHOD macros
Martin Willi [Wed, 24 Nov 2010 10:29:18 +0000 (11:29 +0100)]
Migrated id_payload to INIT/METHOD macros

8 years agoUse standard ID getter in log_id hook
Martin Willi [Wed, 24 Nov 2010 10:28:58 +0000 (11:28 +0100)]
Use standard ID getter in log_id hook

8 years agoMigrated cp_payload to INIT/METHOD macros
Martin Willi [Wed, 24 Nov 2010 10:16:37 +0000 (11:16 +0100)]
Migrated cp_payload to INIT/METHOD macros

8 years agoMigrated configuration_attribute to INIT/METHOD macros
Martin Willi [Wed, 24 Nov 2010 10:07:28 +0000 (11:07 +0100)]
Migrated configuration_attribute to INIT/METHOD macros

8 years agoMigrated certreq_payload to INIT/METHOD macros
Martin Willi [Wed, 24 Nov 2010 10:01:27 +0000 (11:01 +0100)]
Migrated certreq_payload to INIT/METHOD macros

8 years agoMigrated cert_payload to INIT/METHOD macros
Martin Willi [Wed, 24 Nov 2010 09:53:38 +0000 (10:53 +0100)]
Migrated cert_payload to INIT/METHOD macros

8 years agoMigrated auth_payload to INIT/METHOD macros
Martin Willi [Wed, 24 Nov 2010 09:38:58 +0000 (10:38 +0100)]
Migrated auth_payload to INIT/METHOD macros

8 years agoImplemented a hook to toggle the IKE message request flag
Martin Willi [Tue, 23 Nov 2010 12:55:32 +0000 (13:55 +0100)]
Implemented a hook to toggle the IKE message request flag

8 years agoImplemented hook to modify IKE header SPIs
Martin Willi [Tue, 23 Nov 2010 12:53:00 +0000 (13:53 +0100)]
Implemented hook to modify IKE header SPIs

8 years agoFixed transport mode configuration option
Martin Willi [Tue, 23 Nov 2010 12:34:08 +0000 (13:34 +0100)]
Fixed transport mode configuration option

8 years agoDisable MOBIKE in conftesting, as it changes port floating behavior
Martin Willi [Tue, 23 Nov 2010 10:43:23 +0000 (11:43 +0100)]
Disable MOBIKE in conftesting, as it changes port floating behavior

8 years agoLoad plugins only once, even if listed twice
Martin Willi [Tue, 23 Nov 2010 10:06:46 +0000 (11:06 +0100)]
Load plugins only once, even if listed twice

8 years agoPreload plugins configured in tests
Martin Willi [Tue, 23 Nov 2010 09:58:39 +0000 (10:58 +0100)]
Preload plugins configured in tests

8 years agoMoved generic infrastructure initialization to libcharon_init(), allows us to preload...
Martin Willi [Tue, 23 Nov 2010 09:50:36 +0000 (10:50 +0100)]
Moved generic infrastructure initialization to libcharon_init(), allows us to preload plugins

8 years agoAdded IKE options to configure source/destination ports
Martin Willi [Tue, 23 Nov 2010 09:45:45 +0000 (10:45 +0100)]
Added IKE options to configure source/destination ports

8 years agoAdded IKE config option to fake NAT situations
Martin Willi [Tue, 23 Nov 2010 09:43:48 +0000 (10:43 +0100)]
Added IKE config option to fake NAT situations

8 years agoShow SPI in proposal logging hook
Martin Willi [Tue, 23 Nov 2010 09:12:32 +0000 (10:12 +0100)]
Show SPI in proposal logging hook

8 years agoImplemented a hook to inject custom proposals
Martin Willi [Tue, 23 Nov 2010 09:01:42 +0000 (10:01 +0100)]
Implemented a hook to inject custom proposals

8 years agoFixed error reporting
Martin Willi [Tue, 23 Nov 2010 09:01:23 +0000 (10:01 +0100)]
Fixed error reporting

8 years agoRemove unused variable
Martin Willi [Tue, 23 Nov 2010 07:42:57 +0000 (08:42 +0100)]
Remove unused variable

8 years agoAdded hook to log ID payload type and data
Martin Willi [Mon, 15 Nov 2010 13:56:34 +0000 (14:56 +0100)]
Added hook to log ID payload type and data

8 years agoAdded hook to log received KE group
Martin Willi [Mon, 15 Nov 2010 13:47:06 +0000 (14:47 +0100)]
Added hook to log received KE group

8 years agoAdded a hook to modify proposal numbers
Martin Willi [Mon, 15 Nov 2010 13:37:02 +0000 (14:37 +0100)]
Added a hook to modify proposal numbers

8 years agoAdded a hook to print received proposals, including number
Martin Willi [Mon, 15 Nov 2010 13:07:17 +0000 (14:07 +0100)]
Added a hook to print received proposals, including number

8 years agoAdded a hook to alter the payload length field of arbitrary payloads
Martin Willi [Mon, 15 Nov 2010 10:54:35 +0000 (11:54 +0100)]
Added a hook to alter the payload length field of arbitrary payloads

8 years agoDo not update payload length during generation, allows hooks override payload length
Martin Willi [Mon, 15 Nov 2010 10:53:20 +0000 (11:53 +0100)]
Do not update payload length during generation, allows hooks override payload length

8 years agoDo not recalculate payload header length after generation, payloads do length calculation
Martin Willi [Mon, 15 Nov 2010 10:52:30 +0000 (11:52 +0100)]
Do not recalculate payload header length after generation, payloads do length calculation

8 years agoSupport loading of certificate revocation lists
Martin Willi [Fri, 12 Nov 2010 15:10:00 +0000 (16:10 +0100)]
Support loading of certificate revocation lists

8 years agoImplemented a hook that recreates a valid incoming IKE_AUTH response, even if AUTH_FAILED
Martin Willi [Fri, 12 Nov 2010 14:40:29 +0000 (15:40 +0100)]
Implemented a hook that recreates a valid incoming IKE_AUTH response, even if AUTH_FAILED

8 years agoApply IKE major/minor version set on message to IKE header
Martin Willi [Thu, 11 Nov 2010 15:37:26 +0000 (16:37 +0100)]
Apply IKE major/minor version set on message to IKE header

8 years agoAdded setters for IKE major/minor version to ike_header
Martin Willi [Thu, 11 Nov 2010 15:35:35 +0000 (16:35 +0100)]
Added setters for IKE major/minor version to ike_header

8 years agoMigrated ike_header_t to INIT/METHOD macros
Martin Willi [Thu, 11 Nov 2010 15:32:57 +0000 (16:32 +0100)]
Migrated ike_header_t to INIT/METHOD macros

8 years agoAdded hook to set arbitrary IKE major/minor versions in message headers
Martin Willi [Thu, 11 Nov 2010 15:12:58 +0000 (16:12 +0100)]
Added hook to set arbitrary IKE major/minor versions in message headers

8 years agoPrefer test specific over suite specific configuration
Martin Willi [Thu, 11 Nov 2010 14:52:32 +0000 (15:52 +0100)]
Prefer test specific over suite specific configuration

8 years agoAdded a force_hookie hook that requests a COOKIE independent of our COOKIE mechanism
Martin Willi [Thu, 11 Nov 2010 14:38:52 +0000 (15:38 +0100)]
Added a force_hookie hook that requests a COOKIE independent of our COOKIE mechanism

8 years agoThe add_payload hook supports replacing existing payloads of the same type
Martin Willi [Wed, 10 Nov 2010 16:41:51 +0000 (17:41 +0100)]
The add_payload hook supports replacing existing payloads of the same type

8 years agoFix insertion of non hex encoded payload data
Martin Willi [Wed, 10 Nov 2010 16:41:23 +0000 (17:41 +0100)]
Fix insertion of non hex encoded payload data

8 years agoFixed length calculation of unknown payload
Martin Willi [Wed, 10 Nov 2010 16:40:43 +0000 (17:40 +0100)]
Fixed length calculation of unknown payload

8 years agoAdded a hook to set the critical bit on arbitrary payloads
Martin Willi [Wed, 10 Nov 2010 16:23:57 +0000 (17:23 +0100)]
Added a hook to set the critical bit on arbitrary payloads

8 years agoMove critical bit checking to ike_sa, notify payload includes unsupported payload...
Martin Willi [Wed, 10 Nov 2010 15:47:56 +0000 (16:47 +0100)]
Move critical bit checking to ike_sa, notify payload includes unsupported payload type

8 years agoHandle all error notifies in CREATE_CHILD_SA exchanges
Martin Willi [Wed, 10 Nov 2010 15:30:25 +0000 (16:30 +0100)]
Handle all error notifies in CREATE_CHILD_SA exchanges

8 years agoSupport encoding of UKNOWN_DATA
Martin Willi [Wed, 10 Nov 2010 15:29:59 +0000 (16:29 +0100)]
Support encoding of UKNOWN_DATA

8 years agoMoved our substructure identifiers above 255, ignore private payloads properly
Martin Willi [Wed, 10 Nov 2010 14:41:46 +0000 (15:41 +0100)]
Moved our substructure identifiers above 255, ignore private payloads properly

8 years agoCheck for exceeded payload count even if we have a found one flagged as sufficient
Martin Willi [Wed, 10 Nov 2010 14:34:38 +0000 (15:34 +0100)]
Check for exceeded payload count even if we have a found one flagged as sufficient

8 years agoAdded a hook to inject custom payloads with critical bit
Martin Willi [Wed, 10 Nov 2010 13:26:03 +0000 (14:26 +0100)]
Added a hook to inject custom payloads with critical bit

8 years agoAdded a constructor for custom uknown payloads
Martin Willi [Wed, 10 Nov 2010 13:21:23 +0000 (14:21 +0100)]
Added a constructor for custom uknown payloads

8 years agoUse the payloads actual type in unknown_payload_t
Martin Willi [Wed, 10 Nov 2010 13:17:03 +0000 (14:17 +0100)]
Use the payloads actual type in unknown_payload_t

8 years agoMigrated unknown payload to INIT/METHOD macros
Martin Willi [Wed, 10 Nov 2010 12:56:18 +0000 (13:56 +0100)]
Migrated unknown payload to INIT/METHOD macros

8 years agoAdded a short README about the conftest utility
Martin Willi [Tue, 9 Nov 2010 14:37:41 +0000 (15:37 +0100)]
Added a short README about the conftest utility

8 years agoSpecify the type of the certificate to load, currently X509 only
Martin Willi [Tue, 9 Nov 2010 13:19:59 +0000 (14:19 +0100)]
Specify the type of the certificate to load, currently X509 only

8 years agoBe a little more verbose about cert payload injection
Martin Willi [Tue, 9 Nov 2010 11:05:30 +0000 (12:05 +0100)]
Be a little more verbose about cert payload injection

8 years agoSupport hook suffixes to use the same hook multiple times
Martin Willi [Tue, 9 Nov 2010 10:17:20 +0000 (11:17 +0100)]
Support hook suffixes to use the same hook multiple times

8 years agoSupport arbitrary suffixes for actions, same action multiple times
Martin Willi [Tue, 9 Nov 2010 10:07:37 +0000 (11:07 +0100)]
Support arbitrary suffixes for actions, same action multiple times

8 years agoAdded a hook to ignore specific messages
Martin Willi [Tue, 9 Nov 2010 09:19:56 +0000 (10:19 +0100)]
Added a hook to ignore specific messages

8 years agoIngore messages with exchange type altered to UNDEFINED in message() hook
Martin Willi [Tue, 9 Nov 2010 09:19:09 +0000 (10:19 +0100)]
Ingore messages with exchange type altered to UNDEFINED in message() hook

8 years agoAdded a hook to send unencrypted notifies in established IKE_SAs
Martin Willi [Tue, 9 Nov 2010 08:59:56 +0000 (09:59 +0100)]
Added a hook to send unencrypted notifies in established IKE_SAs

8 years agoFail silently without INVALID_SYNTAX if message not verified
Martin Willi [Tue, 9 Nov 2010 08:55:20 +0000 (09:55 +0100)]
Fail silently without INVALID_SYNTAX if message not verified

8 years agoInclude suiteb test suite config in distribution
Martin Willi [Mon, 8 Nov 2010 15:45:48 +0000 (16:45 +0100)]
Include suiteb test suite config in distribution

8 years agoFixed loading of credentials using a relative path
Martin Willi [Tue, 2 Nov 2010 15:12:29 +0000 (16:12 +0100)]
Fixed loading of credentials using a relative path

8 years agoImplemented a add_notify hook to inject arbitrary Notify payloads
Martin Willi [Tue, 2 Nov 2010 14:51:56 +0000 (15:51 +0100)]
Implemented a add_notify hook to inject arbitrary Notify payloads

8 years agoMoved message()-hook invocation to generate_message(), catch pre-generated IKE_SA_INI...
Martin Willi [Tue, 2 Nov 2010 14:49:09 +0000 (15:49 +0100)]
Moved message()-hook invocation to generate_message(), catch pre-generated IKE_SA_INITs, too

8 years agoImplemented a hook to unsort payloads in messages
Martin Willi [Tue, 2 Nov 2010 13:55:18 +0000 (14:55 +0100)]
Implemented a hook to unsort payloads in messages

8 years agoSupport removal of payloads from messages
Martin Willi [Tue, 2 Nov 2010 13:30:45 +0000 (14:30 +0100)]
Support removal of payloads from messages

8 years agoAdded a message_t option to disable automatic payload sorting
Martin Willi [Tue, 2 Nov 2010 13:21:38 +0000 (14:21 +0100)]
Added a message_t option to disable automatic payload sorting

8 years agoAdded a fist hook to fill up IKE_AUTH messages with dummy certificates (1.1.1/1.2.1)
Martin Willi [Tue, 2 Nov 2010 11:14:03 +0000 (12:14 +0100)]
Added a fist hook to fill up IKE_AUTH messages with dummy certificates (1.1.1/1.2.1)

8 years agoImplemented cert payload constructor for custom encoding types
Martin Willi [Tue, 2 Nov 2010 11:13:03 +0000 (12:13 +0100)]
Implemented cert payload constructor for custom encoding types

8 years agoFix segfault if config not found
Martin Willi [Tue, 2 Nov 2010 11:12:42 +0000 (12:12 +0100)]
Fix segfault if config not found