strongswan.git
11 years agosome bug fixes
Andreas Steffen [Fri, 23 May 2008 16:06:58 +0000 (16:06 -0000)]
some bug fixes

11 years agofixed some compiler warnings
Martin Willi [Fri, 23 May 2008 15:49:43 +0000 (15:49 -0000)]
fixed some compiler warnings

11 years agoadded --utc option to ipsec pool
Andreas Steffen [Fri, 23 May 2008 15:46:25 +0000 (15:46 -0000)]
added --utc option to ipsec pool

11 years agofiltering out non matching path probing pairs explicitly
Martin Willi [Fri, 23 May 2008 15:43:42 +0000 (15:43 -0000)]
filtering out non matching path probing pairs explicitly

11 years agoadded display of holderIssuer, holderSerial, and authorityKeyIdentifier
Andreas Steffen [Fri, 23 May 2008 14:24:24 +0000 (14:24 -0000)]
added display of holderIssuer, holderSerial, and authorityKeyIdentifier

11 years agofixed the strongswan.conf path
Andreas Steffen [Thu, 22 May 2008 21:59:54 +0000 (21:59 -0000)]
fixed the strongswan.conf path

11 years agofixed the strongswan.conf path
Andreas Steffen [Thu, 22 May 2008 21:59:30 +0000 (21:59 -0000)]
fixed the strongswan.conf path

11 years agoimplement basic listing of attribute certificates
Andreas Steffen [Thu, 22 May 2008 21:58:22 +0000 (21:58 -0000)]
implement basic listing of attribute certificates

11 years agolog received DH groups and PRFs if no common proposal is found
Andreas Steffen [Thu, 22 May 2008 14:18:44 +0000 (14:18 -0000)]
log received DH groups and PRFs if no common proposal is found

11 years agoId and typo
Tobias Brunner [Thu, 22 May 2008 12:13:10 +0000 (12:13 -0000)]
Id and typo

11 years agoadded the ECP groups from RFC 5114
Tobias Brunner [Thu, 22 May 2008 11:55:05 +0000 (11:55 -0000)]
added the ECP groups from RFC 5114

11 years agoadded ECDH with OpenSSL (see RFC 4753)
Tobias Brunner [Thu, 22 May 2008 11:39:17 +0000 (11:39 -0000)]
added ECDH with OpenSSL (see RFC 4753)

11 years agocorrectly initialize the mediation and connection manager
Tobias Brunner [Thu, 22 May 2008 11:33:35 +0000 (11:33 -0000)]
correctly initialize the mediation and connection manager

11 years agofixed segmentation fault caused by malformed attribute certificates
Andreas Steffen [Wed, 21 May 2008 22:53:45 +0000 (22:53 -0000)]
fixed segmentation fault caused by malformed attribute certificates

11 years agofixed parsing of UNKNOWN_PAYLOADs
Martin Willi [Wed, 21 May 2008 21:53:38 +0000 (21:53 -0000)]
fixed parsing of UNKNOWN_PAYLOADs

11 years agofixed typo
Andreas Steffen [Wed, 21 May 2008 21:52:59 +0000 (21:52 -0000)]
fixed typo

11 years agoversion bump to 4.2.3
Andreas Steffen [Wed, 21 May 2008 18:40:11 +0000 (18:40 -0000)]
version bump to 4.2.3

11 years agoreplying to COOKIE2 mobike notify properly 4.2.2
Martin Willi [Wed, 21 May 2008 17:56:21 +0000 (17:56 -0000)]
replying to COOKIE2 mobike notify properly
including COOKIE2 ourself after path probing

11 years agowriting guest pid to file (simplifies debugging)
Martin Willi [Wed, 21 May 2008 16:02:16 +0000 (16:02 -0000)]
writing guest pid to file (simplifies debugging)

11 years agousing fixed size keys in key derivation for AES-XCBC PRF
Martin Willi [Wed, 21 May 2008 14:58:03 +0000 (14:58 -0000)]
using fixed size keys in key derivation for AES-XCBC PRF

11 years agoadded more verbosity if signature hash OID is unknown
Martin Willi [Wed, 21 May 2008 13:01:58 +0000 (13:01 -0000)]
added more verbosity if signature hash OID is unknown

11 years agolist proposed ESP ENCRYPTION and INTEGRITY algorithms if no proposal is chosen
Andreas Steffen [Tue, 20 May 2008 21:54:33 +0000 (21:54 -0000)]
list proposed ESP ENCRYPTION and INTEGRITY algorithms if no proposal is chosen

11 years agoadded support of AES-CCM and AES-GCM
Andreas Steffen [Tue, 20 May 2008 19:38:28 +0000 (19:38 -0000)]
added support of AES-CCM and AES-GCM

11 years agocorrected evaltest.dat of ip-pool-db scenarios
Andreas Steffen [Tue, 20 May 2008 18:33:23 +0000 (18:33 -0000)]
corrected evaltest.dat of ip-pool-db scenarios

11 years agoadded the sql/ip-pool-db-restart and sql/ip-pool-db-expired scenarios
Andreas Steffen [Tue, 20 May 2008 18:30:39 +0000 (18:30 -0000)]
added the sql/ip-pool-db-restart and sql/ip-pool-db-expired scenarios

11 years agoremoved debug statement
Andreas Steffen [Tue, 20 May 2008 16:23:58 +0000 (16:23 -0000)]
removed debug statement

11 years agofixed whitespace eating in plugin loader
Andreas Steffen [Tue, 20 May 2008 15:03:15 +0000 (15:03 -0000)]
fixed whitespace eating in plugin loader

11 years agoadded missing break in case statement
Andreas Steffen [Mon, 19 May 2008 20:10:26 +0000 (20:10 -0000)]
added missing break in case statement

11 years agofixed loading of smp plugin
Martin Willi [Mon, 19 May 2008 14:20:07 +0000 (14:20 -0000)]
fixed loading of smp plugin

11 years agoadded an error message when strongswan.conf cannot be read
Tobias Brunner [Mon, 19 May 2008 13:20:33 +0000 (13:20 -0000)]
added an error message when strongswan.conf cannot be read

11 years agoadded a fixup for addresses from shared libraries in segmentation fault handler
Tobias Brunner [Mon, 19 May 2008 12:49:35 +0000 (12:49 -0000)]
added a fixup for addresses from shared libraries in segmentation fault handler

11 years agofixed the cleanup code when the credential factory fails to create a builder
Tobias Brunner [Mon, 19 May 2008 12:43:01 +0000 (12:43 -0000)]
fixed the cleanup code when the credential factory fails to create a builder

11 years agofixed a bug introduced in [3973]
Tobias Brunner [Mon, 19 May 2008 08:48:44 +0000 (08:48 -0000)]
fixed a bug introduced in [3973]

11 years agoadded ikev2/esp-alg-aes-ccm and ikev2/esp-alg-aes-gcm scenarios
Andreas Steffen [Sat, 17 May 2008 21:57:08 +0000 (21:57 -0000)]
added ikev2/esp-alg-aes-ccm and ikev2/esp-alg-aes-gcm scenarios

11 years agosuppress listing of integrity algorithm if it is undefined
Andreas Steffen [Sat, 17 May 2008 21:52:58 +0000 (21:52 -0000)]
suppress listing of integrity algorithm if it is undefined

11 years agoccm and gcm icv_sizes are accepted both in bits and octets
Andreas Steffen [Sat, 17 May 2008 21:51:47 +0000 (21:51 -0000)]
ccm and gcm icv_sizes are accepted both in bits and octets

11 years agofixed warning if plugin list has trailing whitespaces
Martin Willi [Fri, 16 May 2008 13:48:58 +0000 (13:48 -0000)]
fixed warning if plugin list has trailing whitespaces

11 years agoAdded support for AES-CCM and AES-GCM (authenticated encryption algorithms) in charon.
Tobias Brunner [Fri, 16 May 2008 13:27:21 +0000 (13:27 -0000)]
Added support for AES-CCM and AES-GCM (authenticated encryption algorithms) in charon.

11 years agoupdated xfrm.h to the version from the 2.6.25.4 kernel sources
Tobias Brunner [Fri, 16 May 2008 13:24:18 +0000 (13:24 -0000)]
updated xfrm.h to the version from the 2.6.25.4 kernel sources

11 years agofixed plugin names of EAP modules
Martin Willi [Fri, 16 May 2008 12:14:48 +0000 (12:14 -0000)]
fixed plugin names of EAP modules

11 years agomoved manager to its own subdirectory in ipsecdir
Martin Willi [Fri, 16 May 2008 09:13:23 +0000 (09:13 -0000)]
moved manager to its own subdirectory in ipsecdir

11 years agoloading default modules depending on configure options
Martin Willi [Fri, 16 May 2008 08:52:32 +0000 (08:52 -0000)]
loading default modules depending on configure options

11 years agoadded missing semicolon
Andreas Steffen [Thu, 15 May 2008 19:40:38 +0000 (19:40 -0000)]
added missing semicolon

11 years agosome NEWS for 4.2.2
Martin Willi [Thu, 15 May 2008 14:15:27 +0000 (14:15 -0000)]
some NEWS for 4.2.2

11 years agoplugin load configuration in strongswan.conf
Martin Willi [Thu, 15 May 2008 14:01:26 +0000 (14:01 -0000)]
plugin load configuration in strongswan.conf
  some components accept a "component.load" option with a space separated list of plugins to load
  libcharon- plugins are now handled the same way as libstrongswan- plugins

11 years agoRSA with OpenSSL
Tobias Brunner [Thu, 15 May 2008 12:41:06 +0000 (12:41 -0000)]
RSA with OpenSSL

11 years agocorrected deinitialisation of public key factory
Tobias Brunner [Thu, 15 May 2008 12:39:35 +0000 (12:39 -0000)]
corrected deinitialisation of public key factory

11 years agogeneric public key factory moved
Tobias Brunner [Thu, 15 May 2008 12:33:00 +0000 (12:33 -0000)]
generic public key factory moved

11 years agostatic leases use 0, not NULL timeout
Martin Willi [Thu, 15 May 2008 09:26:47 +0000 (09:26 -0000)]
static leases use 0, not NULL timeout
fixed static leases

11 years agoproperly removing bootup poll interface eth0
Martin Willi [Thu, 15 May 2008 08:41:00 +0000 (08:41 -0000)]
properly removing bootup poll interface eth0

11 years agoadded ikev2/compress scenario
Andreas Steffen [Wed, 14 May 2008 20:07:16 +0000 (20:07 -0000)]
added ikev2/compress scenario

11 years agoimplemented classical UML network scenario in dumm (ipsec testing)
Martin Willi [Wed, 14 May 2008 13:11:13 +0000 (13:11 -0000)]
implemented classical UML network scenario in dumm (ipsec testing)

11 years agopoll UML guests after startup using eth9=mcast, as networking is loaded after console
Martin Willi [Wed, 14 May 2008 11:48:00 +0000 (11:48 -0000)]
poll UML guests after startup using eth9=mcast, as networking is loaded after console

11 years agotypo
Tobias Brunner [Wed, 14 May 2008 11:10:37 +0000 (11:10 -0000)]
typo

11 years agoprototype of mediation client database plugin
Martin Willi [Wed, 14 May 2008 07:26:19 +0000 (07:26 -0000)]
prototype of mediation client database plugin

11 years agohandle ID_KEY_ID as a ID_PUBKEY_SHA1 for authentication
Martin Willi [Wed, 14 May 2008 06:49:31 +0000 (06:49 -0000)]
handle ID_KEY_ID as a ID_PUBKEY_SHA1 for authentication

11 years agofixed printing of %#H hosts
Martin Willi [Wed, 14 May 2008 06:34:54 +0000 (06:34 -0000)]
fixed printing of %#H hosts

11 years agoip pool now suppresses plugin loading debug output
Andreas Steffen [Tue, 13 May 2008 19:38:50 +0000 (19:38 -0000)]
ip pool now suppresses plugin loading debug output

11 years agoapplied aes-xcbc-96 to ike as well
Andreas Steffen [Tue, 13 May 2008 19:37:01 +0000 (19:37 -0000)]
applied aes-xcbc-96 to ike as well

11 years agoadded sql/ip-pool-db scenario
Andreas Steffen [Tue, 13 May 2008 19:35:10 +0000 (19:35 -0000)]
added sql/ip-pool-db scenario

11 years agoreverted [3945], proper fix for zero value ASN1 integer
Martin Willi [Tue, 13 May 2008 14:15:12 +0000 (14:15 -0000)]
reverted [3945], proper fix for zero value ASN1 integer

11 years agoupdated Makefile
Martin Willi [Tue, 13 May 2008 13:58:04 +0000 (13:58 -0000)]
updated Makefile

11 years agotool to calculate KEYIDs from keys
Martin Willi [Tue, 13 May 2008 13:57:42 +0000 (13:57 -0000)]
tool to calculate KEYIDs from keys

11 years agofixed unsave calculation of mpz_export length
Martin Willi [Tue, 13 May 2008 13:52:45 +0000 (13:52 -0000)]
fixed unsave calculation of mpz_export length

11 years agodecreased plugin load verbosity
Martin Willi [Tue, 13 May 2008 09:14:36 +0000 (09:14 -0000)]
decreased plugin load verbosity

11 years agofixed "pool --purge" on mysql
Martin Willi [Tue, 13 May 2008 07:39:24 +0000 (07:39 -0000)]
fixed "pool --purge" on mysql

11 years agofixed compiler warning (missing include)
Martin Willi [Tue, 13 May 2008 07:37:08 +0000 (07:37 -0000)]
fixed compiler warning (missing include)

11 years agofixed lookup for expired leases
Martin Willi [Tue, 13 May 2008 07:24:53 +0000 (07:24 -0000)]
fixed lookup for expired leases
initializing database if in inconsistent state

11 years agoadded caption to ipsec.sql file
Andreas Steffen [Tue, 13 May 2008 05:53:21 +0000 (05:53 -0000)]
added caption to ipsec.sql file

11 years agodo-test always downloads ipsec.sql
Andreas Steffen [Tue, 13 May 2008 05:51:12 +0000 (05:51 -0000)]
do-test always downloads ipsec.sql

11 years agoadded empty ipsec.sql file
Andreas Steffen [Tue, 13 May 2008 05:50:23 +0000 (05:50 -0000)]
added empty ipsec.sql file

11 years agodelete both ipsec.db and ipsec.sql in posttest.dat
Andreas Steffen [Mon, 12 May 2008 20:41:12 +0000 (20:41 -0000)]
delete both ipsec.db and ipsec.sql in posttest.dat

11 years agoadded ikev2/ip-pool-db scenario
Andreas Steffen [Mon, 12 May 2008 20:34:38 +0000 (20:34 -0000)]
added ikev2/ip-pool-db scenario

11 years agodo not preserve ownership of copied files
Andreas Steffen [Mon, 12 May 2008 20:06:58 +0000 (20:06 -0000)]
do not preserve ownership of copied files

11 years agoforgot about alphabetical order
Andreas Steffen [Mon, 12 May 2008 12:46:30 +0000 (12:46 -0000)]
forgot about alphabetical order

11 years agoadded description of plutostderrlog parameter to ipsec.conf.5 man page
Andreas Steffen [Mon, 12 May 2008 11:36:59 +0000 (11:36 -0000)]
added description of plutostderrlog parameter to ipsec.conf.5 man page

11 years agoplutostderrlog parameter now declares a stderr redirection file
Andreas Steffen [Mon, 12 May 2008 10:05:49 +0000 (10:05 -0000)]
plutostderrlog parameter now declares a stderr redirection file

11 years agofixed typos
Andreas Steffen [Sun, 11 May 2008 20:36:14 +0000 (20:36 -0000)]
fixed typos

11 years agoincluded pools and leases tables to ipsec.sql database
Andreas Steffen [Sun, 11 May 2008 19:34:33 +0000 (19:34 -0000)]
included pools and leases tables to ipsec.sql database

11 years agoadded missing ipcomp DB type definition
Andreas Steffen [Sun, 11 May 2008 16:41:51 +0000 (16:41 -0000)]
added missing ipcomp DB type definition

11 years agosupport of plutostderrlog keyword
Andreas Steffen [Sun, 11 May 2008 07:59:00 +0000 (07:59 -0000)]
support of plutostderrlog keyword

11 years agoported IP pool to mysql
Martin Willi [Fri, 9 May 2008 15:01:22 +0000 (15:01 -0000)]
ported IP pool to mysql

11 years agousable prototype of "ipsec pool" tool
Martin Willi [Fri, 9 May 2008 12:55:41 +0000 (12:55 -0000)]
usable prototype of "ipsec pool" tool

11 years agosupport for left bounded padding in %H and %D
Martin Willi [Fri, 9 May 2008 12:25:39 +0000 (12:25 -0000)]
support for left bounded padding in %H and %D

11 years agowhitelisted gmtime_r
Martin Willi [Fri, 9 May 2008 12:24:11 +0000 (12:24 -0000)]
whitelisted gmtime_r

11 years agocorrectly reassigning valid leases
Martin Willi [Fri, 9 May 2008 12:22:20 +0000 (12:22 -0000)]
correctly reassigning valid leases

11 years agosupporting width modifier in identification_t printf hook (e.g. %30D)
Martin Willi [Fri, 9 May 2008 11:34:58 +0000 (11:34 -0000)]
supporting width modifier in identification_t printf hook (e.g. %30D)
cleanups in host_t %H printf hook

11 years agofixed interface disconnection
Martin Willi [Fri, 9 May 2008 10:38:18 +0000 (10:38 -0000)]
fixed interface disconnection

11 years agoIPComp for IKEv2
Tobias Brunner [Thu, 8 May 2008 16:19:11 +0000 (16:19 -0000)]
IPComp for IKEv2

11 years agoimplemented append mode for xcbc, testcase
Martin Willi [Thu, 8 May 2008 14:51:37 +0000 (14:51 -0000)]
implemented append mode for xcbc, testcase

11 years agomoved RAW public key support to a separate plugin (pubkey)
Martin Willi [Thu, 8 May 2008 13:16:42 +0000 (13:16 -0000)]
moved RAW public key support to a separate plugin (pubkey)

11 years agofixed compiler warning
Martin Willi [Thu, 8 May 2008 13:12:43 +0000 (13:12 -0000)]
fixed compiler warning

11 years agorenamed PRF_AES128_CBC to PRF_AES128_XCBC
Martin Willi [Thu, 8 May 2008 12:43:27 +0000 (12:43 -0000)]
renamed PRF_AES128_CBC to PRF_AES128_XCBC

11 years agorenamed med_db plugin to medsrv, as we will introduce an additional medcli client...
Martin Willi [Thu, 8 May 2008 12:11:30 +0000 (12:11 -0000)]
renamed med_db plugin to medsrv, as we will introduce an additional medcli client plugin

11 years agoreplaced --with-gid/uid by --with-group/user
Martin Willi [Thu, 8 May 2008 10:58:04 +0000 (10:58 -0000)]
replaced --with-gid/uid by --with-group/user
using named users, groups
fixed capability dropping in pluto

11 years agoadded ip-pool and ip-pool-wish scenarios
Andreas Steffen [Thu, 8 May 2008 09:08:02 +0000 (09:08 -0000)]
added ip-pool and ip-pool-wish scenarios

11 years agocorrected gnome-terminal's --show-menubar option
Andreas Steffen [Thu, 8 May 2008 08:22:07 +0000 (08:22 -0000)]
corrected gnome-terminal's --show-menubar option

11 years agoadded configure check and support for sqlite3 libraries without sqlite3_prepare_v2
Martin Willi [Wed, 7 May 2008 14:41:13 +0000 (14:41 -0000)]
added configure check and support for sqlite3 libraries without sqlite3_prepare_v2

11 years agofixed 3DES encryption
Martin Willi [Wed, 7 May 2008 11:54:30 +0000 (11:54 -0000)]
fixed 3DES encryption

11 years agoprototype of sql pool administration utility
Martin Willi [Wed, 7 May 2008 09:37:08 +0000 (09:37 -0000)]
prototype of sql pool administration utility