strongswan.git
8 years agopkcs11: Method added to library to extract a single attribute from an object.
Tobias Brunner [Fri, 28 Oct 2011 16:36:44 +0000 (18:36 +0200)]
pkcs11: Method added to library to extract a single attribute from an object.

8 years agopkcs11: Added names for CKA_* constants.
Tobias Brunner [Fri, 28 Oct 2011 16:07:02 +0000 (18:07 +0200)]
pkcs11: Added names for CKA_* constants.

8 years agopkcs11: Added support for ECDH.
Tobias Brunner [Wed, 26 Oct 2011 14:11:24 +0000 (16:11 +0200)]
pkcs11: Added support for ECDH.

8 years agopkcs11: Added definitions needed for ECDH to pkcs11.h.
Tobias Brunner [Wed, 26 Oct 2011 14:07:25 +0000 (16:07 +0200)]
pkcs11: Added definitions needed for ECDH to pkcs11.h.

8 years agopkcs11: Specify object class and key type when deriving DH secrets.
Tobias Brunner [Tue, 25 Oct 2011 16:23:59 +0000 (18:23 +0200)]
pkcs11: Specify object class and key type when deriving DH secrets.

pkcs11_softtoken on OpenSolaris requires this (probably others too).

8 years agopkcs11: Add features support.
Tobias Brunner [Tue, 25 Oct 2011 13:51:41 +0000 (15:51 +0200)]
pkcs11: Add features support.

8 years agopkcs11: Added support for DH.
Tobias Brunner [Tue, 25 Oct 2011 08:29:07 +0000 (10:29 +0200)]
pkcs11: Added support for DH.

8 years agopkcs11: Error message fixed.
Tobias Brunner [Tue, 25 Oct 2011 07:54:17 +0000 (09:54 +0200)]
pkcs11: Error message fixed.

8 years agopkcs11: Added support to generate random numbers on a token.
Tobias Brunner [Mon, 24 Oct 2011 14:39:59 +0000 (16:39 +0200)]
pkcs11: Added support to generate random numbers on a token.

8 years agopkcs11: Properly destroy mutex in pkcs11_hasher if no token found.
Tobias Brunner [Mon, 24 Oct 2011 14:36:55 +0000 (16:36 +0200)]
pkcs11: Properly destroy mutex in pkcs11_hasher if no token found.

8 years agoAdded features support to agent plugin
Andreas Steffen [Sun, 30 Oct 2011 16:59:23 +0000 (17:59 +0100)]
Added features support to agent plugin

8 years agoAdded features support to dnskey plugin
Andreas Steffen [Sun, 30 Oct 2011 16:57:16 +0000 (17:57 +0100)]
Added features support to dnskey plugin

8 years agoAdded features support to pgp plugin
Andreas Steffen [Sun, 30 Oct 2011 16:52:13 +0000 (17:52 +0100)]
Added features support to pgp plugin

8 years agoAdded features support to pkcs1 plugin
Andreas Steffen [Sun, 30 Oct 2011 16:44:35 +0000 (17:44 +0100)]
Added features support to pkcs1 plugin

8 years agoadded newline
Andreas Steffen [Sun, 30 Oct 2011 16:43:55 +0000 (17:43 +0100)]
added newline

8 years agoremove pem_encoder_encode
Andreas Steffen [Sun, 30 Oct 2011 16:21:57 +0000 (17:21 +0100)]
remove pem_encoder_encode

8 years agoAdd features support to pem plugin
Andreas Steffen [Sun, 30 Oct 2011 16:15:53 +0000 (17:15 +0100)]
Add features support to pem plugin

8 years agoSome Doxygen fixes.
Tobias Brunner [Fri, 28 Oct 2011 19:24:52 +0000 (21:24 +0200)]
Some Doxygen fixes.

8 years agoCopyright fixed.
Tobias Brunner [Fri, 28 Oct 2011 19:07:35 +0000 (21:07 +0200)]
Copyright fixed.

8 years agopluto: Compile warning fixed.
Tobias Brunner [Thu, 27 Oct 2011 13:42:44 +0000 (15:42 +0200)]
pluto: Compile warning fixed.

8 years agopluto: plugin_list.* added to Android.mk.
Tobias Brunner [Thu, 27 Oct 2011 13:42:10 +0000 (15:42 +0200)]
pluto: plugin_list.* added to Android.mk.

8 years agoAdded missing backslash.
Tobias Brunner [Thu, 27 Oct 2011 13:41:30 +0000 (15:41 +0200)]
Added missing backslash.

8 years agoForgot to add Android.mk in ba5b559b41fa70261c4f181f516acee272379a71.
Tobias Brunner [Wed, 26 Oct 2011 16:31:34 +0000 (18:31 +0200)]
Forgot to add Android.mk in ba5b559b41fa70261c4f181f516acee272379a71.

8 years agoDestroy objects hashtable after plugin_manager.
Tobias Brunner [Wed, 26 Oct 2011 15:35:18 +0000 (17:35 +0200)]
Destroy objects hashtable after plugin_manager.

If plugins are not explicitly unloaded before library_deinit is called
there could have been a segfault because some plugins might unregister
objects during unloading/destruction.

8 years agoAdd features support to pubkey plugin
Andreas Steffen [Wed, 26 Oct 2011 10:16:54 +0000 (12:16 +0200)]
Add features support to pubkey plugin

8 years agoAdd features support to x509 plugin
Andreas Steffen [Wed, 26 Oct 2011 10:09:03 +0000 (12:09 +0200)]
Add features support to x509 plugin

8 years agoCosmetics
Andreas Steffen [Wed, 26 Oct 2011 08:32:54 +0000 (10:32 +0200)]
Cosmetics

8 years agoadded listplugins support to pluto and whack
Andreas Steffen [Wed, 26 Oct 2011 08:31:48 +0000 (10:31 +0200)]
added listplugins support to pluto and whack

8 years agoadd listplugins to ipsec shell command
Andreas Steffen [Wed, 26 Oct 2011 07:30:58 +0000 (09:30 +0200)]
add listplugins to ipsec shell command

8 years agoversion bump to 4.6.0rc3
Andreas Steffen [Wed, 26 Oct 2011 07:17:57 +0000 (09:17 +0200)]
version bump to 4.6.0rc3

8 years agoadded tnc-tnccs plugin and removed xcbc plugin
Andreas Steffen [Tue, 25 Oct 2011 13:20:03 +0000 (15:20 +0200)]
added tnc-tnccs plugin and removed xcbc plugin

8 years agoDon't link to tnc libraries on Android as no tnc plugins are currently enabled.
Tobias Brunner [Tue, 25 Oct 2011 09:56:35 +0000 (11:56 +0200)]
Don't link to tnc libraries on Android as no tnc plugins are currently enabled.

8 years agoBuild libtnccs on Android.
Tobias Brunner [Tue, 25 Oct 2011 09:56:26 +0000 (11:56 +0200)]
Build libtnccs on Android.

8 years agoshare some code between IMC and IMV managers
Andreas Steffen [Tue, 25 Oct 2011 07:45:21 +0000 (09:45 +0200)]
share some code between IMC and IMV managers

8 years agoremoved unneeded includes
Andreas Steffen [Tue, 25 Oct 2011 05:36:24 +0000 (07:36 +0200)]
removed unneeded includes

8 years agoFix DNS error handling for keyexchange=ike.
Mirko Parthey [Mon, 24 Oct 2011 23:25:15 +0000 (01:25 +0200)]
Fix DNS error handling for keyexchange=ike.

starter fails to load a connection when a peer's DNS name is temporarily
unresolvable and keyexchange=ike was specified, which defaults to IKEv2.
The connection loads just fine in case of keyexchange=ikev2.

8 years agorefactored TNC framework
Andreas Steffen [Mon, 24 Oct 2011 23:10:02 +0000 (01:10 +0200)]
refactored TNC framework

8 years agomoved imv_manager to libtnccs
Andreas Steffen [Thu, 20 Oct 2011 20:06:10 +0000 (22:06 +0200)]
moved imv_manager to libtnccs

8 years agomoved imc_manager to libtnccs
Andreas Steffen [Thu, 20 Oct 2011 19:12:29 +0000 (21:12 +0200)]
moved imc_manager to libtnccs

8 years agofixed type
Andreas Steffen [Sat, 22 Oct 2011 10:31:09 +0000 (12:31 +0200)]
fixed type

8 years agoversion bump to 4.6.0rc2
Andreas Steffen [Sat, 22 Oct 2011 10:29:37 +0000 (12:29 +0200)]
version bump to 4.6.0rc2

8 years agoLog if charon failed to establish a CHILD_SA but keeps the IKE_SA up.
Tobias Brunner [Fri, 21 Oct 2011 16:09:02 +0000 (18:09 +0200)]
Log if charon failed to establish a CHILD_SA but keeps the IKE_SA up.

8 years agostarter.load documented in strongswan.conf(5) man page.
Tobias Brunner [Fri, 21 Oct 2011 15:30:39 +0000 (17:30 +0200)]
starter.load documented in strongswan.conf(5) man page.

8 years agostarter: Android.mk updated to use kernel-netlink via libhydra.
Tobias Brunner [Fri, 21 Oct 2011 12:16:42 +0000 (14:16 +0200)]
starter: Android.mk updated to use kernel-netlink via libhydra.

8 years agostarter: Use kernel interfaces to flush SAD and SPD.
Tobias Brunner [Fri, 21 Oct 2011 12:14:36 +0000 (14:14 +0200)]
starter: Use kernel interfaces to flush SAD and SPD.

This now supports platforms where neither 'ip xfrm' nor 'setkey' are
available (like Android).

8 years agostarter: Load plugins specific to starter.
Tobias Brunner [Fri, 21 Oct 2011 12:07:42 +0000 (14:07 +0200)]
starter: Load plugins specific to starter.

8 years agostarter: INFO_FILE is not used anymore.
Tobias Brunner [Fri, 21 Oct 2011 12:05:18 +0000 (14:05 +0200)]
starter: INFO_FILE is not used anymore.

8 years agoThe load-tester plugin does not support SAD/SPD flushing.
Tobias Brunner [Fri, 21 Oct 2011 12:23:31 +0000 (14:23 +0200)]
The load-tester plugin does not support SAD/SPD flushing.

8 years agoThe kernel-klips plugin does currently not support SAD/SPD flushing.
Tobias Brunner [Fri, 21 Oct 2011 11:44:17 +0000 (13:44 +0200)]
The kernel-klips plugin does currently not support SAD/SPD flushing.

8 years agoImplemented flushing of SAD and SPD entries via PF_KEY.
Tobias Brunner [Fri, 21 Oct 2011 12:03:39 +0000 (14:03 +0200)]
Implemented flushing of SAD and SPD entries via PF_KEY.

8 years agoImplemented flushing of states and policies via XFRM.
Tobias Brunner [Fri, 21 Oct 2011 11:38:26 +0000 (13:38 +0200)]
Implemented flushing of states and policies via XFRM.

8 years agoDefined functions in the kernel interface to flush SAD and SPD entries.
Tobias Brunner [Fri, 21 Oct 2011 11:37:16 +0000 (13:37 +0200)]
Defined functions in the kernel interface to flush SAD and SPD entries.

8 years agoFixed indention in load-tester kernel interface.
Tobias Brunner [Fri, 21 Oct 2011 09:19:45 +0000 (11:19 +0200)]
Fixed indention in load-tester kernel interface.

8 years agoAdd features support to tnccs plugins
Andreas Steffen [Thu, 20 Oct 2011 12:05:59 +0000 (14:05 +0200)]
Add features support to tnccs plugins

8 years agoLog messages with a loglevel > 1 to ANDROID_LOG_DEBUG.
Tobias Brunner [Tue, 18 Oct 2011 13:05:51 +0000 (15:05 +0200)]
Log messages with a loglevel > 1 to ANDROID_LOG_DEBUG.

8 years agopluto: Log to logcat on Android.
Tobias Brunner [Tue, 18 Oct 2011 13:03:19 +0000 (15:03 +0200)]
pluto: Log to logcat on Android.

8 years agopluto: CAP_NET_RAW seems to be required on Android even to open regular sockets.
Tobias Brunner [Tue, 18 Oct 2011 09:52:43 +0000 (11:52 +0200)]
pluto: CAP_NET_RAW seems to be required on Android even to open regular sockets.

8 years agopluto: Switch to user 'vpn' on Android.
Tobias Brunner [Tue, 18 Oct 2011 09:36:52 +0000 (11:36 +0200)]
pluto: Switch to user 'vpn' on Android.

8 years agopluto: Removed last usage of KERNEL26_SUPPORT (and some KLIPS stuff).
Tobias Brunner [Tue, 18 Oct 2011 08:30:26 +0000 (10:30 +0200)]
pluto: Removed last usage of KERNEL26_SUPPORT (and some KLIPS stuff).

Because linux is not defined on Android this caused trouble.

8 years agoupdated strong certificates
Andreas Steffen [Mon, 17 Oct 2011 16:04:12 +0000 (18:04 +0200)]
updated strong certificates

8 years agoRun scenarios without xcbc plugin
Andreas Steffen [Mon, 17 Oct 2011 12:08:42 +0000 (14:08 +0200)]
Run scenarios without xcbc plugin

8 years agofixed copy-and-paste error
Andreas Steffen [Mon, 17 Oct 2011 12:07:42 +0000 (14:07 +0200)]
fixed copy-and-paste error

8 years agoAvoid heaps of compiler warnings due to plugin features registration.
Tobias Brunner [Mon, 17 Oct 2011 11:46:53 +0000 (13:46 +0200)]
Avoid heaps of compiler warnings due to plugin features registration.

8 years agoAdd features support to gcrypt plugin.
Tobias Brunner [Mon, 17 Oct 2011 11:45:59 +0000 (13:45 +0200)]
Add features support to gcrypt plugin.

8 years agoAdd features support to md4 plugin
Andreas Steffen [Mon, 17 Oct 2011 04:05:08 +0000 (06:05 +0200)]
Add features support to md4 plugin

8 years agoRun scenarios without xcbc plugin
Andreas Steffen [Sun, 16 Oct 2011 15:18:32 +0000 (17:18 +0200)]
Run scenarios without xcbc plugin

8 years agoAdd features support to eap-radius plugin
Andreas Steffen [Sat, 15 Oct 2011 05:34:07 +0000 (07:34 +0200)]
Add features support to eap-radius plugin

8 years agoAdd features support to eap-peap plugin
Andreas Steffen [Fri, 14 Oct 2011 20:33:06 +0000 (22:33 +0200)]
Add features support to eap-peap plugin

8 years agoAdd features support to eap-tnc plugin
Andreas Steffen [Fri, 14 Oct 2011 19:14:37 +0000 (21:14 +0200)]
Add features support to eap-tnc plugin

8 years agopluto: Missing flushline call added when reading ipsec.secrets.
Tobias Brunner [Fri, 14 Oct 2011 16:38:18 +0000 (18:38 +0200)]
pluto: Missing flushline call added when reading ipsec.secrets.

8 years agowhack: Search pluto.ctl file in defined IPSEC_PIDDIR directory
Peter Warasin [Fri, 14 Oct 2011 16:28:31 +0000 (18:28 +0200)]
whack: Search pluto.ctl file in defined IPSEC_PIDDIR directory

8 years agorun scenarios without xcbc plugin
Andreas Steffen [Fri, 14 Oct 2011 15:41:01 +0000 (17:41 +0200)]
run scenarios without xcbc plugin

8 years agoAdd features support to eap-gtc plugin
Andreas Steffen [Fri, 14 Oct 2011 15:39:29 +0000 (17:39 +0200)]
Add features support to eap-gtc plugin

8 years agostarter: Only try to start pluto on Android if it is actually enabled.
Tobias Brunner [Fri, 14 Oct 2011 13:18:33 +0000 (15:18 +0200)]
starter: Only try to start pluto on Android if it is actually enabled.

8 years agopluto: Fixed usage of prctl.
Tobias Brunner [Fri, 14 Oct 2011 13:13:00 +0000 (15:13 +0200)]
pluto: Fixed usage of prctl.

8 years agopluto: Fixed include for control socket.
Tobias Brunner [Fri, 14 Oct 2011 13:10:35 +0000 (15:10 +0200)]
pluto: Fixed include for control socket.

8 years agopluto: Added fallback to ipsec.secrets parser if glob(3) is not available.
Tobias Brunner [Fri, 14 Oct 2011 13:09:56 +0000 (15:09 +0200)]
pluto: Added fallback to ipsec.secrets parser if glob(3) is not available.

8 years agopluto: Include fixed.
Tobias Brunner [Fri, 14 Oct 2011 12:54:55 +0000 (14:54 +0200)]
pluto: Include fixed.

8 years agopluto: Option added to disable adns.
Tobias Brunner [Fri, 14 Oct 2011 12:34:45 +0000 (14:34 +0200)]
pluto: Option added to disable adns.

This basically disables opportunistic encryption.

8 years agopluto: lwdnsq is not supported.
Tobias Brunner [Fri, 14 Oct 2011 11:51:56 +0000 (13:51 +0200)]
pluto: lwdnsq is not supported.

8 years agoSource files in Android.mk updated.
Tobias Brunner [Fri, 14 Oct 2011 10:04:30 +0000 (12:04 +0200)]
Source files in Android.mk updated.

8 years agoAdd features support to eap-md5 plugin
Andreas Steffen [Fri, 14 Oct 2011 15:31:16 +0000 (17:31 +0200)]
Add features support to eap-md5 plugin

8 years agoAdd features support to eap-ttls plugin
Andreas Steffen [Fri, 14 Oct 2011 15:20:33 +0000 (17:20 +0200)]
Add features support to eap-ttls plugin

8 years agoAdd features support to eap-identity plugin
Andreas Steffen [Fri, 14 Oct 2011 15:20:10 +0000 (17:20 +0200)]
Add features support to eap-identity plugin

8 years agoAdd features support to eap-tls plugin
Andreas Steffen [Fri, 14 Oct 2011 14:37:21 +0000 (16:37 +0200)]
Add features support to eap-tls plugin

8 years agomoved tn-ifmap plugin info in NEWS
Andreas Steffen [Fri, 14 Oct 2011 13:20:07 +0000 (15:20 +0200)]
moved tn-ifmap plugin info in NEWS

8 years agoAdded some NEWS for 4.6.0
Martin Willi [Fri, 14 Oct 2011 08:29:01 +0000 (10:29 +0200)]
Added some NEWS for 4.6.0

8 years agoDon't enforce features with soft dependencies before all plugins are loaded
Martin Willi [Fri, 14 Oct 2011 08:01:11 +0000 (10:01 +0200)]
Don't enforce features with soft dependencies before all plugins are loaded

8 years agoAdd features support tp eap-simaka-reauth plugin
Martin Willi [Thu, 13 Oct 2011 15:28:29 +0000 (17:28 +0200)]
Add features support tp eap-simaka-reauth plugin

8 years agoAdd features support to eap-simaka-pseudonym plugin
Martin Willi [Thu, 13 Oct 2011 15:28:11 +0000 (17:28 +0200)]
Add features support to eap-simaka-pseudonym plugin

8 years agoAdd features support to eap-simaka-sql plugin
Martin Willi [Thu, 13 Oct 2011 15:27:32 +0000 (17:27 +0200)]
Add features support to eap-simaka-sql plugin

8 years agoDon't try to load a feature again after failure
Martin Willi [Thu, 13 Oct 2011 15:27:02 +0000 (17:27 +0200)]
Don't try to load a feature again after failure

8 years agoDon't load eap-sim-file plugin if no valid triplet file found
Martin Willi [Thu, 13 Oct 2011 14:43:03 +0000 (16:43 +0200)]
Don't load eap-sim-file plugin if no valid triplet file found

8 years agoReset registration function for each plugin during feature loading
Martin Willi [Thu, 13 Oct 2011 14:09:38 +0000 (16:09 +0200)]
Reset registration function for each plugin during feature loading

8 years agoAdd features support to eap-sim-pcsc plugin
Martin Willi [Thu, 13 Oct 2011 11:47:40 +0000 (13:47 +0200)]
Add features support to eap-sim-pcsc plugin

8 years agoAdd features support to eap-sim-file plugin
Martin Willi [Thu, 13 Oct 2011 11:47:18 +0000 (13:47 +0200)]
Add features support to eap-sim-file plugin

8 years agoAdd features support to eap-sim plugin
Martin Willi [Thu, 13 Oct 2011 11:46:34 +0000 (13:46 +0200)]
Add features support to eap-sim plugin

8 years agoAdd features support to eap-aka-3gpp2 plugin
Martin Willi [Thu, 13 Oct 2011 11:03:48 +0000 (13:03 +0200)]
Add features support to eap-aka-3gpp2 plugin

8 years agoAdd a plugin feature registration callback for SIM/AKA backends
Martin Willi [Thu, 13 Oct 2011 11:03:10 +0000 (13:03 +0200)]
Add a plugin feature registration callback for SIM/AKA backends

8 years agoAdd features support to eap-aka plugin
Martin Willi [Thu, 13 Oct 2011 11:02:42 +0000 (13:02 +0200)]
Add features support to eap-aka plugin