strongswan.git
13 years agoremoved txt files from doxygen
Martin Willi [Wed, 18 Oct 2006 11:39:12 +0000 (11:39 -0000)]
removed txt files from doxygen

13 years agoremoved module tests, outdated. We need something more system-test like
Martin Willi [Wed, 18 Oct 2006 11:38:43 +0000 (11:38 -0000)]
removed module tests, outdated. We need something more system-test like

13 years agoadded missing -DDEBUG compile option
Andreas Steffen [Wed, 18 Oct 2006 08:07:01 +0000 (08:07 -0000)]
added missing -DDEBUG compile option

13 years agofixed auxillary message data parsing for IPV6 socket
Martin Willi [Mon, 9 Oct 2006 12:28:43 +0000 (12:28 -0000)]
fixed auxillary message data parsing for IPV6 socket
using SOL_* constants for socket level

13 years agofixed IPV6_PKTINFO setsockopt() to work with most kernel headers
Martin Willi [Mon, 9 Oct 2006 12:14:56 +0000 (12:14 -0000)]
fixed IPV6_PKTINFO setsockopt() to work with most kernel headers
replaced strerror(errno) with %m printf specifier

13 years agoadded stronger certs for moon, carol, and dave
Andreas Steffen [Mon, 9 Oct 2006 08:25:20 +0000 (08:25 -0000)]
added stronger certs for moon, carol, and dave

13 years agoadded IPv6 hw and multicast addresses
Andreas Steffen [Mon, 9 Oct 2006 08:24:49 +0000 (08:24 -0000)]
added IPv6 hw and multicast addresses

13 years agoadapted to new tcpdump ipv6 output
Andreas Steffen [Mon, 9 Oct 2006 08:23:38 +0000 (08:23 -0000)]
adapted to new tcpdump ipv6 output

13 years agomulti-level-ca scenarios use unencrypted private key
Andreas Steffen [Mon, 9 Oct 2006 08:23:11 +0000 (08:23 -0000)]
multi-level-ca scenarios use unencrypted private key

13 years agoadded scenario
Andreas Steffen [Mon, 9 Oct 2006 08:20:01 +0000 (08:20 -0000)]
added scenario

13 years agofixed timing
Andreas Steffen [Fri, 6 Oct 2006 07:57:25 +0000 (07:57 -0000)]
fixed timing

13 years agonew gentoo root file system
Andreas Steffen [Fri, 6 Oct 2006 07:54:07 +0000 (07:54 -0000)]
new gentoo root file system

13 years agofixed bug with openldap 2.3
Andreas Steffen [Fri, 6 Oct 2006 07:48:24 +0000 (07:48 -0000)]
fixed bug with openldap 2.3

13 years agoremoved ipsec.conf version information
Andreas Steffen [Fri, 6 Oct 2006 07:47:11 +0000 (07:47 -0000)]
removed ipsec.conf version information

13 years agocarolKey.pem is now protected by 3DES passphrase
Andreas Steffen [Fri, 6 Oct 2006 07:45:42 +0000 (07:45 -0000)]
carolKey.pem is now protected by 3DES passphrase

13 years agoupdated net runlevel scripts
Andreas Steffen [Fri, 6 Oct 2006 07:43:31 +0000 (07:43 -0000)]
updated net runlevel scripts

13 years agoupdated net init scripts
Andreas Steffen [Fri, 6 Oct 2006 07:42:17 +0000 (07:42 -0000)]
updated net init scripts

13 years agonew net configuration format
Andreas Steffen [Fri, 6 Oct 2006 07:40:39 +0000 (07:40 -0000)]
new net configuration format

13 years agoHW addresses must be predefined
Andreas Steffen [Fri, 6 Oct 2006 07:32:02 +0000 (07:32 -0000)]
HW addresses must be predefined

13 years agocosmetics
Andreas Steffen [Fri, 6 Oct 2006 07:24:41 +0000 (07:24 -0000)]
cosmetics

13 years agoadded USE_LIBCURL
Andreas Steffen [Fri, 6 Oct 2006 07:24:05 +0000 (07:24 -0000)]
added USE_LIBCURL

13 years agocosmetics
Andreas Steffen [Fri, 6 Oct 2006 07:23:39 +0000 (07:23 -0000)]
cosmetics

13 years agofound libraries are not appended to LIBS anymore
Andreas Steffen [Fri, 6 Oct 2006 07:22:38 +0000 (07:22 -0000)]
found libraries are not appended to LIBS anymore

13 years agoversion bump to 4.0.5
Andreas Steffen [Tue, 3 Oct 2006 06:52:31 +0000 (06:52 -0000)]
version bump to 4.0.5

13 years agofixed DPD to survive IKE_SA rekeying
Martin Willi [Thu, 28 Sep 2006 06:57:46 +0000 (06:57 -0000)]
fixed DPD to survive IKE_SA rekeying

13 years ago(no commit message)
Martin Willi [Wed, 27 Sep 2006 14:15:49 +0000 (14:15 -0000)]

13 years agointroduced printf() specifiers for:
Martin Willi [Wed, 27 Sep 2006 14:14:44 +0000 (14:14 -0000)]
introduced printf() specifiers for:
  host_t (%H)
  identification_t (%D)
  chunk pointers (%B)
  memory pointer/length (%b)
added a signaling bus:
  receives event and debug messages, sends them to its listeners
  stream_logger, sys_logger, file_logger added, listen to bus
some other tweaks here and there

13 years agoadded often used RFCs and drafts
Martin Willi [Wed, 27 Sep 2006 14:10:32 +0000 (14:10 -0000)]
added often used RFCs and drafts

13 years agoDES for private key encryption is not supported
Andreas Steffen [Mon, 25 Sep 2006 07:31:02 +0000 (07:31 -0000)]
DES for private key encryption is not supported

13 years agoupdated NEWS and ChangeLog for 4.0.4 release
Martin Willi [Mon, 25 Sep 2006 07:26:16 +0000 (07:26 -0000)]
updated NEWS and ChangeLog for 4.0.4 release

13 years agofixed retransmission policy for responder
Martin Willi [Mon, 25 Sep 2006 07:24:08 +0000 (07:24 -0000)]
fixed retransmission policy for responder

13 years agofixed dpd for responder
Martin Willi [Mon, 25 Sep 2006 06:38:58 +0000 (06:38 -0000)]
fixed dpd for responder

13 years agoadded ID_ANY check to matches_binary()
Andreas Steffen [Mon, 25 Sep 2006 06:19:40 +0000 (06:19 -0000)]
added ID_ANY check to matches_binary()

13 years agoreplaced 'missing value' warning by zero length chunk_t value
Andreas Steffen [Mon, 25 Sep 2006 06:18:45 +0000 (06:18 -0000)]
replaced 'missing value' warning by zero length chunk_t value

13 years agodefined maximum hash size
Andreas Steffen [Mon, 25 Sep 2006 06:15:57 +0000 (06:15 -0000)]
defined maximum hash size

13 years agosupport of AES-192-CBC private key encryption
Andreas Steffen [Mon, 25 Sep 2006 06:13:21 +0000 (06:13 -0000)]
support of AES-192-CBC private key encryption

13 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 06:12:22 +0000 (06:12 -0000)]
added hostaccess support

13 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 06:11:36 +0000 (06:11 -0000)]
added hostaccess support

13 years agomoved auth_method to policy
Andreas Steffen [Mon, 25 Sep 2006 06:11:09 +0000 (06:11 -0000)]
moved auth_method to policy

13 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 06:10:28 +0000 (06:10 -0000)]
added hostaccess support

13 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 06:10:02 +0000 (06:10 -0000)]
added hostaccess support

13 years agomore consistent authentication logging
Andreas Steffen [Mon, 25 Sep 2006 05:59:38 +0000 (05:59 -0000)]
more consistent authentication logging

13 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 05:58:45 +0000 (05:58 -0000)]
added hostaccess support

13 years agomoved auth_method to policy
Andreas Steffen [Mon, 25 Sep 2006 05:52:50 +0000 (05:52 -0000)]
moved auth_method to policy

13 years agomoved auth_method to policy
Andreas Steffen [Mon, 25 Sep 2006 05:52:13 +0000 (05:52 -0000)]
moved auth_method to policy

13 years agoadded hostaccess support; moved auth_method to policy
Andreas Steffen [Mon, 25 Sep 2006 05:51:16 +0000 (05:51 -0000)]
added hostaccess support; moved auth_method to policy

13 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 05:49:36 +0000 (05:49 -0000)]
added hostaccess support

13 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 05:46:56 +0000 (05:46 -0000)]
added hostaccess support

13 years agoadded new test scenarios
Andreas Steffen [Mon, 25 Sep 2006 05:42:13 +0000 (05:42 -0000)]
added new test scenarios

13 years agofixed some compiler warnings 4.0.4
Martin Willi [Thu, 21 Sep 2006 09:17:13 +0000 (09:17 -0000)]
fixed some compiler warnings

13 years agoextended statusall output
Martin Willi [Thu, 21 Sep 2006 07:03:21 +0000 (07:03 -0000)]
extended statusall output
  added job/event-queue statistics
  added allocation statistics when using LEAK_DETECTIVE

13 years agofixed include typo
Martin Willi [Thu, 21 Sep 2006 05:55:07 +0000 (05:55 -0000)]
fixed include typo

13 years agopublic declaration of all HASH_SIZEs in hasher.h
Martin Willi [Wed, 20 Sep 2006 06:45:19 +0000 (06:45 -0000)]
public declaration of all HASH_SIZEs in hasher.h

13 years agosupport of encrypted private key files
Andreas Steffen [Wed, 20 Sep 2006 05:48:54 +0000 (05:48 -0000)]
support of encrypted private key files

13 years agosupport of encrypted private key files
Andreas Steffen [Wed, 20 Sep 2006 05:48:27 +0000 (05:48 -0000)]
support of encrypted private key files

13 years agoadded copyright notice to sha2_hasher
Martin Willi [Tue, 19 Sep 2006 14:54:01 +0000 (14:54 -0000)]
added copyright notice to sha2_hasher
included SHA2 in build process

13 years agoimplemented sha2_hasher which supports SHA-256, SHA-384 and SHA-512
Martin Willi [Tue, 19 Sep 2006 14:49:47 +0000 (14:49 -0000)]
implemented sha2_hasher which supports SHA-256, SHA-384 and SHA-512

13 years agoadded support for 3DES encryption algorithm in IKE
Martin Willi [Tue, 19 Sep 2006 11:18:35 +0000 (11:18 -0000)]
added support for 3DES encryption algorithm in IKE

13 years agofixed the ids parsing bug
Andreas Steffen [Tue, 19 Sep 2006 06:17:06 +0000 (06:17 -0000)]
fixed the ids parsing bug

13 years agofixed the ids parsing bug
Andreas Steffen [Tue, 19 Sep 2006 06:16:48 +0000 (06:16 -0000)]
fixed the ids parsing bug

13 years agoupdated TODOs
Martin Willi [Mon, 18 Sep 2006 11:41:04 +0000 (11:41 -0000)]
updated TODOs

13 years agofixed memleak
Martin Willi [Mon, 18 Sep 2006 11:39:53 +0000 (11:39 -0000)]
fixed memleak
fixed proper handling of id parsing errors
proper return value when no PSK found

13 years agoadded HOST_ACCESS for firewall script as default
Martin Willi [Mon, 18 Sep 2006 11:38:37 +0000 (11:38 -0000)]
added HOST_ACCESS for firewall script as default

13 years agomore debugging output for PSK authentication
Martin Willi [Mon, 18 Sep 2006 11:38:11 +0000 (11:38 -0000)]
more debugging output for PSK authentication

13 years agosome cleanups here and there
Martin Willi [Mon, 18 Sep 2006 11:37:40 +0000 (11:37 -0000)]
some cleanups here and there

13 years agoadded auth_method field
Andreas Steffen [Mon, 18 Sep 2006 07:46:16 +0000 (07:46 -0000)]
added auth_method field

13 years agoadded auth_method field
Andreas Steffen [Mon, 18 Sep 2006 07:45:16 +0000 (07:45 -0000)]
added auth_method field

13 years agocosmetics
Andreas Steffen [Mon, 18 Sep 2006 07:44:41 +0000 (07:44 -0000)]
cosmetics

13 years agoverify_emsa_pkcs1_signature returns status_t
Andreas Steffen [Mon, 18 Sep 2006 07:44:16 +0000 (07:44 -0000)]
verify_emsa_pkcs1_signature returns status_t

13 years agocosmetics
Andreas Steffen [Mon, 18 Sep 2006 07:43:44 +0000 (07:43 -0000)]
cosmetics

13 years agoadded PSK support
Andreas Steffen [Mon, 18 Sep 2006 07:42:57 +0000 (07:42 -0000)]
added PSK support

13 years agoenabled firewall support
Andreas Steffen [Mon, 18 Sep 2006 07:41:54 +0000 (07:41 -0000)]
enabled firewall support

13 years agoadded
Andreas Steffen [Mon, 18 Sep 2006 07:41:22 +0000 (07:41 -0000)]
added

13 years agoadded
Andreas Steffen [Mon, 18 Sep 2006 07:41:09 +0000 (07:41 -0000)]
added

13 years agoadded
Andreas Steffen [Mon, 18 Sep 2006 07:40:37 +0000 (07:40 -0000)]
added

13 years agoproper error handling for socket creation
Martin Willi [Mon, 18 Sep 2006 06:44:38 +0000 (06:44 -0000)]
proper error handling for socket creation

13 years agohandle certificate parsing error more generous
Martin Willi [Thu, 14 Sep 2006 13:14:58 +0000 (13:14 -0000)]
handle certificate parsing error more generous

13 years agofixed certificate verification bug!
Martin Willi [Thu, 14 Sep 2006 12:22:08 +0000 (12:22 -0000)]
fixed certificate verification bug!

13 years agofixed memleak when receiving invalid certificate
Martin Willi [Thu, 14 Sep 2006 12:15:41 +0000 (12:15 -0000)]
fixed memleak when receiving invalid certificate

13 years agoversion bump to 4.0.4
Andreas Steffen [Thu, 14 Sep 2006 06:47:21 +0000 (06:47 -0000)]
version bump to 4.0.4

13 years agoversion bump to 4.0.4
Andreas Steffen [Thu, 14 Sep 2006 06:45:16 +0000 (06:45 -0000)]
version bump to 4.0.4

13 years agotwo new test scenarios
Andreas Steffen [Thu, 14 Sep 2006 06:39:14 +0000 (06:39 -0000)]
two new test scenarios

13 years agofixed path to images directory
Andreas Steffen [Thu, 14 Sep 2006 06:38:50 +0000 (06:38 -0000)]
fixed path to images directory

13 years agoimplemented updown script to handle firewalling
Martin Willi [Tue, 12 Sep 2006 13:50:14 +0000 (13:50 -0000)]
implemented updown script to handle firewalling

13 years agoadd priority management for kernel policy
Martin Willi [Fri, 8 Sep 2006 13:10:52 +0000 (13:10 -0000)]
add priority management for kernel policy
let ROUTED policies installed, until manuall removed
introduced new naming scheme to allow proper shutdown of IKE/CHILD_SAs
ike_sa_manager cleanups

13 years agoimplemented handling of dpdaction and dpddelay ipsec.conf parameters
Martin Willi [Fri, 8 Sep 2006 06:12:02 +0000 (06:12 -0000)]
implemented handling of dpdaction and dpddelay ipsec.conf parameters

13 years agoreuse reqid when a ROUTED child_sa gets INSTALLED
Martin Willi [Tue, 5 Sep 2006 14:07:25 +0000 (14:07 -0000)]
reuse reqid when a ROUTED child_sa gets INSTALLED
fixed a bug in retransmission code
added support for the "keyingtries" ipsec.conf parameter
added support for the "dpddelay" ipsec.conf parameter
done some work for "dpdaction" behavior
some other cleanups and fixes

13 years agofixed a at-least-one-year-old bug which caused crashed in the scheduler
Martin Willi [Thu, 31 Aug 2006 06:48:10 +0000 (06:48 -0000)]
fixed a at-least-one-year-old bug which caused crashed in the scheduler

13 years agoadded raw socket filter for IPv6
Martin Willi [Thu, 31 Aug 2006 06:18:15 +0000 (06:18 -0000)]
added raw socket filter for IPv6

13 years agoimplemented NAT detection for IPv6
Martin Willi [Thu, 31 Aug 2006 06:17:41 +0000 (06:17 -0000)]
implemented NAT detection for IPv6

13 years agoremoved unneeded constructor
Martin Willi [Thu, 31 Aug 2006 06:16:52 +0000 (06:16 -0000)]
removed unneeded constructor

13 years agoinitial support for IPv6 (more testing needed)
Martin Willi [Wed, 30 Aug 2006 17:12:56 +0000 (17:12 -0000)]
initial support for IPv6 (more testing needed)
  socket works (without v6 filter)
  traffic selector handle IPv4/v4 cleanly
    improvements in traffic selector code
  kernel interface accepts v6 traffic selectors and hosts
  host_t class has full IPv6 support

13 years agoadded stddef.h include for compilers which do not support the offsetof() directive
Martin Willi [Mon, 28 Aug 2006 09:02:51 +0000 (09:02 -0000)]
added stddef.h include for compilers which do not support the offsetof() directive

13 years agomoved interface enumeration code to socket, where it belongs
Martin Willi [Mon, 28 Aug 2006 08:45:22 +0000 (08:45 -0000)]
moved interface enumeration code to socket, where it belongs
query interfaces every time we need it to respect changes in network config
added address listing on startup and "ipsec statusall"

13 years agoversion bump of UML kernel to 2.6.17.11
Andreas Steffen [Fri, 25 Aug 2006 09:25:12 +0000 (09:25 -0000)]
version bump of UML kernel to 2.6.17.11

13 years agofixed crash bug when doing "ipsec down" with an unknown connection
Martin Willi [Fri, 25 Aug 2006 09:19:42 +0000 (09:19 -0000)]
fixed crash bug when doing "ipsec down" with an unknown connection

13 years agoadded name property in CHILD_SA, allows proper status output
Martin Willi [Fri, 25 Aug 2006 09:07:37 +0000 (09:07 -0000)]
added name property in CHILD_SA, allows proper status output

13 years ago(no commit message)
Martin Willi [Fri, 25 Aug 2006 07:42:48 +0000 (07:42 -0000)]

13 years agofixed bug which prevented port float when nat is detected
Martin Willi [Fri, 25 Aug 2006 07:37:22 +0000 (07:37 -0000)]
fixed bug which prevented port float when nat is detected

13 years agoversion bumps
Andreas Steffen [Fri, 25 Aug 2006 07:30:29 +0000 (07:30 -0000)]
version bumps