strongswan.git
7 years agoAdd a return value to hasher_t.get_hash()
Martin Willi [Mon, 9 Jul 2012 13:33:41 +0000 (15:33 +0200)]
Add a return value to hasher_t.get_hash()

7 years agoAdd a return value to crypter_t.set_key()
Martin Willi [Fri, 6 Jul 2012 14:57:17 +0000 (16:57 +0200)]
Add a return value to crypter_t.set_key()

7 years agoAdd a return value to crypter_t.decrypt()
Martin Willi [Fri, 6 Jul 2012 14:11:15 +0000 (16:11 +0200)]
Add a return value to crypter_t.decrypt()

7 years agoAdd a return value to crypter_t.encrypt
Martin Willi [Fri, 6 Jul 2012 13:54:03 +0000 (15:54 +0200)]
Add a return value to crypter_t.encrypt

7 years agoIdentation fixes, warn about unused nonce_gen return values
Martin Willi [Fri, 6 Jul 2012 12:45:17 +0000 (14:45 +0200)]
Identation fixes, warn about unused nonce_gen return values

7 years agoAdd a return value to mac_t.set_key()
Martin Willi [Fri, 6 Jul 2012 12:40:04 +0000 (14:40 +0200)]
Add a return value to mac_t.set_key()

7 years agoAdd a return value to mac_t.get_bytes()
Martin Willi [Fri, 6 Jul 2012 12:34:11 +0000 (14:34 +0200)]
Add a return value to mac_t.get_bytes()

7 years agoCheck rng return value when generating libfast session COOKIEs
Martin Willi [Fri, 6 Jul 2012 12:17:01 +0000 (14:17 +0200)]
Check rng return value when generating libfast session COOKIEs

7 years agoInitialize conftest with the same plugins as charon
Martin Willi [Fri, 6 Jul 2012 12:05:49 +0000 (14:05 +0200)]
Initialize conftest with the same plugins as charon

7 years agoRemove unused replay variable in conftests seq number reset hook
Martin Willi [Fri, 6 Jul 2012 12:05:14 +0000 (14:05 +0200)]
Remove unused replay variable in conftests seq number reset hook

7 years agoUpdate conftest to use splitted listener/logger interfaces
Martin Willi [Fri, 6 Jul 2012 12:00:01 +0000 (14:00 +0200)]
Update conftest to use splitted listener/logger interfaces

7 years agoCheck rng return value when generating TLS session identifiers
Martin Willi [Fri, 6 Jul 2012 11:55:42 +0000 (13:55 +0200)]
Check rng return value when generating TLS session identifiers

7 years agoCheck rng return value when generating SIM/AKA message IVs
Martin Willi [Fri, 6 Jul 2012 11:52:57 +0000 (13:52 +0200)]
Check rng return value when generating SIM/AKA message IVs

7 years agoCheck rng return value when generating radius message authenticator
Martin Willi [Fri, 6 Jul 2012 11:52:30 +0000 (13:52 +0200)]
Check rng return value when generating radius message authenticator

7 years agoCheck rng return value when generating secrets and IVs in libtls
Tobias Brunner [Mon, 25 Jun 2012 14:04:40 +0000 (16:04 +0200)]
Check rng return value when generating secrets and IVs in libtls

7 years agoCheck rng return value when generating identity in eap-simaka-reauth plugin
Tobias Brunner [Fri, 6 Jul 2012 08:18:00 +0000 (10:18 +0200)]
Check rng return value when generating identity in eap-simaka-reauth plugin

7 years agoCheck rng return value when generating pseudonym in eap-simaka-pseudonym plugin
Tobias Brunner [Fri, 6 Jul 2012 08:11:21 +0000 (10:11 +0200)]
Check rng return value when generating pseudonym in eap-simaka-pseudonym plugin

7 years agoCheck rng return value when generating nonces in eap-aka plugin
Tobias Brunner [Fri, 6 Jul 2012 08:09:25 +0000 (10:09 +0200)]
Check rng return value when generating nonces in eap-aka plugin

7 years agoCheck rng return value when generating nonces in eap-sim plugin
Tobias Brunner [Fri, 6 Jul 2012 08:02:41 +0000 (10:02 +0200)]
Check rng return value when generating nonces in eap-sim plugin

7 years agoCheck rng return value when generating nonces in libpts
Tobias Brunner [Mon, 25 Jun 2012 14:08:11 +0000 (16:08 +0200)]
Check rng return value when generating nonces in libpts

7 years agoCheck rng return value when generating RAND in eap-aka-3gpp2 plugin
Tobias Brunner [Mon, 25 Jun 2012 13:58:50 +0000 (15:58 +0200)]
Check rng return value when generating RAND in eap-aka-3gpp2 plugin

7 years agoCheck rng return value when generating challenges in eap-md5 and mschapv2 plugins
Tobias Brunner [Mon, 25 Jun 2012 13:57:13 +0000 (15:57 +0200)]
Check rng return value when generating challenges in eap-md5 and mschapv2 plugins

7 years agoCheck rng return value when generating Transaction IDs in DHCP plugin
Tobias Brunner [Mon, 25 Jun 2012 13:56:31 +0000 (15:56 +0200)]
Check rng return value when generating Transaction IDs in DHCP plugin

7 years agoCheck rng return value when generating SPIs in kernel-klips plugin
Tobias Brunner [Mon, 25 Jun 2012 14:02:13 +0000 (16:02 +0200)]
Check rng return value when generating SPIs in kernel-klips plugin

7 years agoCheck rng return value when seeding OpenSSL RNG
Tobias Brunner [Mon, 25 Jun 2012 14:07:12 +0000 (16:07 +0200)]
Check rng return value when seeding OpenSSL RNG

7 years agoCheck rng return value when generating DH secret in gcrypt plugin
Tobias Brunner [Mon, 25 Jun 2012 14:10:46 +0000 (16:10 +0200)]
Check rng return value when generating DH secret in gcrypt plugin

7 years agoCheck rng return value when generating DH secrets and primes in gmp plugin
Tobias Brunner [Mon, 25 Jun 2012 14:09:00 +0000 (16:09 +0200)]
Check rng return value when generating DH secrets and primes in gmp plugin

7 years agoCheck rng return value when generating serial numbers in pki utility
Tobias Brunner [Mon, 25 Jun 2012 14:03:53 +0000 (16:03 +0200)]
Check rng return value when generating serial numbers in pki utility

7 years agoWrapper functions added to generate non-zero random bytes
Tobias Brunner [Mon, 25 Jun 2012 12:34:14 +0000 (14:34 +0200)]
Wrapper functions added to generate non-zero random bytes

7 years agoCheck rng return value when generating SCEP sender nonce
Tobias Brunner [Fri, 6 Jul 2012 08:49:46 +0000 (10:49 +0200)]
Check rng return value when generating SCEP sender nonce

7 years agoCheck rng return value when generating OCSP nonces
Tobias Brunner [Mon, 25 Jun 2012 14:06:59 +0000 (16:06 +0200)]
Check rng return value when generating OCSP nonces

7 years agoCheck rng return value when generating key and IV in PKCS#7 wrapper
Tobias Brunner [Mon, 25 Jun 2012 14:13:49 +0000 (16:13 +0200)]
Check rng return value when generating key and IV in PKCS#7 wrapper

7 years agoCheck rng return value when generating ME CONNECT_ID and KEY
Tobias Brunner [Mon, 25 Jun 2012 14:01:51 +0000 (16:01 +0200)]
Check rng return value when generating ME CONNECT_ID and KEY

7 years agoCheck rng return value when generating IKEv1 message IDs
Tobias Brunner [Mon, 25 Jun 2012 13:59:48 +0000 (15:59 +0200)]
Check rng return value when generating IKEv1 message IDs

7 years agoCheck rng return value when generating COOKIE2 during MOBIKE
Tobias Brunner [Fri, 6 Jul 2012 08:54:06 +0000 (10:54 +0200)]
Check rng return value when generating COOKIE2 during MOBIKE

7 years agoCheck rng return value when generating COOKIE secret in receiver
Tobias Brunner [Mon, 25 Jun 2012 13:55:44 +0000 (15:55 +0200)]
Check rng return value when generating COOKIE secret in receiver

7 years agoCheck rng return value when generating fake NAT detection payloads
Tobias Brunner [Mon, 25 Jun 2012 14:00:48 +0000 (16:00 +0200)]
Check rng return value when generating fake NAT detection payloads

7 years agoCheck rng return value when encrypting encryption payload
Tobias Brunner [Mon, 25 Jun 2012 13:54:57 +0000 (15:54 +0200)]
Check rng return value when encrypting encryption payload

7 years agoCheck rng return value when generating SPIs in ike_sa_manager_t
Tobias Brunner [Fri, 6 Jul 2012 08:46:34 +0000 (10:46 +0200)]
Check rng return value when generating SPIs in ike_sa_manager_t

7 years agoCheck rng return value in crypto tester
Tobias Brunner [Mon, 25 Jun 2012 14:14:30 +0000 (16:14 +0200)]
Check rng return value in crypto tester

7 years agoRelay rng return value in nonce plugin
Tobias Brunner [Mon, 25 Jun 2012 14:07:40 +0000 (16:07 +0200)]
Relay rng return value in nonce plugin

7 years agoRNGs' get_bytes and allocate_bytes return boolean
Tobias Brunner [Mon, 25 Jun 2012 11:22:54 +0000 (13:22 +0200)]
RNGs' get_bytes and allocate_bytes return boolean

7 years agoNonce: Let get_nonce, allocate_nonce return boolean
Reto Buerki [Tue, 12 Jun 2012 08:54:02 +0000 (10:54 +0200)]
Nonce: Let get_nonce, allocate_nonce return boolean

7 years agoAdd a return value to prf_t.set_key()
Martin Willi [Fri, 6 Jul 2012 09:57:01 +0000 (11:57 +0200)]
Add a return value to prf_t.set_key()

7 years agoAdd a return value to prf_t.allocate_bytes()
Martin Willi [Fri, 6 Jul 2012 09:28:27 +0000 (11:28 +0200)]
Add a return value to prf_t.allocate_bytes()

7 years agoUse a bool return value in keymat_v1_t.get_hash_phase2()
Martin Willi [Fri, 6 Jul 2012 09:16:49 +0000 (11:16 +0200)]
Use a bool return value in keymat_v1_t.get_hash_phase2()

7 years agoAdd a return value to keymat_v1_t.get_hash()
Martin Willi [Fri, 6 Jul 2012 09:07:39 +0000 (11:07 +0200)]
Add a return value to keymat_v1_t.get_hash()

7 years agoAdd a return value to keymat_v2_t.get_auth_octets()
Martin Willi [Fri, 6 Jul 2012 08:58:19 +0000 (10:58 +0200)]
Add a return value to keymat_v2_t.get_auth_octets()

7 years agoAdd a return value to keymat_v2_t.get_psk_sig()
Martin Willi [Fri, 6 Jul 2012 08:47:20 +0000 (10:47 +0200)]
Add a return value to keymat_v2_t.get_psk_sig()

7 years agoAdd a return value to prf_t.get_bytes()
Martin Willi [Fri, 6 Jul 2012 08:14:29 +0000 (10:14 +0200)]
Add a return value to prf_t.get_bytes()

7 years agoAdd a return value to tls_prf_t.set_key()
Martin Willi [Fri, 6 Jul 2012 07:49:25 +0000 (09:49 +0200)]
Add a return value to tls_prf_t.set_key()

7 years agoAdd a return value to tls_prf_t.get_bytes()
Martin Willi [Fri, 6 Jul 2012 07:49:16 +0000 (09:49 +0200)]
Add a return value to tls_prf_t.get_bytes()

7 years agoprf_plus_create() can return NULL on failure
Martin Willi [Fri, 6 Jul 2012 06:43:58 +0000 (08:43 +0200)]
prf_plus_create() can return NULL on failure

7 years agoAdd a return value to prf_plus_t.get_bytes()
Martin Willi [Fri, 6 Jul 2012 06:39:15 +0000 (08:39 +0200)]
Add a return value to prf_plus_t.get_bytes()

7 years agoAdd a return value to prf_plus_t.allocate_bytes()
Martin Willi [Fri, 6 Jul 2012 06:24:24 +0000 (08:24 +0200)]
Add a return value to prf_plus_t.allocate_bytes()

7 years agoAdd a return value to signer_t.set_key()
Martin Willi [Fri, 6 Jul 2012 07:33:10 +0000 (09:33 +0200)]
Add a return value to signer_t.set_key()

7 years agoAdd a return value to tls_crypto_t.derive_secrets()
Martin Willi [Fri, 6 Jul 2012 07:28:25 +0000 (09:28 +0200)]
Add a return value to tls_crypto_t.derive_secrets()

7 years agoAdd a return value to simaka_crypto_t.derive_keys_*()
Martin Willi [Fri, 6 Jul 2012 06:57:18 +0000 (08:57 +0200)]
Add a return value to simaka_crypto_t.derive_keys_*()

7 years agoAdd a return value to signer_t.get_signature()
Martin Willi [Thu, 5 Jul 2012 16:21:58 +0000 (18:21 +0200)]
Add a return value to signer_t.get_signature()

7 years agoAdd a return value to radius_message_t.sign()
Martin Willi [Thu, 5 Jul 2012 16:11:26 +0000 (18:11 +0200)]
Add a return value to radius_message_t.sign()

7 years agoAdd a return value to simaka_message_t.generate()
Martin Willi [Thu, 5 Jul 2012 16:04:41 +0000 (18:04 +0200)]
Add a return value to simaka_message_t.generate()

7 years agoAdd a return value to signer_t.allocate_signature()
Martin Willi [Thu, 5 Jul 2012 15:26:12 +0000 (17:26 +0200)]
Add a return value to signer_t.allocate_signature()

7 years agoAdd a return value to aead_t.set_key()
Martin Willi [Thu, 5 Jul 2012 15:19:23 +0000 (17:19 +0200)]
Add a return value to aead_t.set_key()

7 years agoAdd a return value to aead_t.encrypt()
Martin Willi [Thu, 5 Jul 2012 15:10:17 +0000 (17:10 +0200)]
Add a return value to aead_t.encrypt()

7 years agoipsec attest now can measure all files in a directory
Andreas Steffen [Mon, 16 Jul 2012 07:53:32 +0000 (09:53 +0200)]
ipsec attest now can measure all files in a directory

7 years agomoved listing of file measurements to pts_file_meas
Andreas Steffen [Fri, 13 Jul 2012 20:15:13 +0000 (22:15 +0200)]
moved listing of file measurements to pts_file_meas

7 years agomoved to debug level 3
Andreas Steffen [Fri, 13 Jul 2012 19:25:43 +0000 (21:25 +0200)]
moved to  debug level 3

7 years agoCompilation error fixed if dladdr is not available
Tobias Brunner [Sat, 14 Jul 2012 09:43:40 +0000 (11:43 +0200)]
Compilation error fixed if dladdr is not available

7 years agoDon't modify the message string passed to logger, as it gets reused
Martin Willi [Fri, 13 Jul 2012 13:42:14 +0000 (15:42 +0200)]
Don't modify the message string passed to logger, as it gets reused

7 years agotransfer IMA file measurements via PA-TNC
Andreas Steffen [Fri, 13 Jul 2012 12:46:36 +0000 (14:46 +0200)]
transfer IMA file measurements via PA-TNC

7 years agosome more copyright updates
Andreas Steffen [Fri, 13 Jul 2012 10:13:48 +0000 (12:13 +0200)]
some more copyright updates

7 years agoInvoke autoheader after libtool/aclocal to work on up-to-date data
Martin Willi [Fri, 13 Jul 2012 11:43:38 +0000 (13:43 +0200)]
Invoke autoheader after libtool/aclocal to work on up-to-date data

7 years agoSilence cast warning on 32-bit platforms
Martin Willi [Fri, 13 Jul 2012 11:43:16 +0000 (13:43 +0200)]
Silence cast warning on 32-bit platforms

7 years agoDon't set BFD_DECOMPRESS when building against older binutils
Martin Willi [Fri, 13 Jul 2012 11:42:31 +0000 (13:42 +0200)]
Don't set BFD_DECOMPRESS when building against older binutils

7 years agoLog to a malloc()ed buffer if the on-stack buffer is not large enough
Martin Willi [Fri, 13 Jul 2012 11:21:07 +0000 (13:21 +0200)]
Log to a malloc()ed buffer if the on-stack buffer is not large enough

7 years agoAppend directly to base string in vstr printf hooks
Martin Willi [Fri, 13 Jul 2012 10:12:24 +0000 (12:12 +0200)]
Append directly to base string in vstr printf hooks

7 years agoWrite directly to FILE stream in glibc printf hooks
Martin Willi [Fri, 13 Jul 2012 09:46:39 +0000 (11:46 +0200)]
Write directly to FILE stream in glibc printf hooks

7 years agoPass opaque data to printf hooks and print_in_hook()
Martin Willi [Fri, 13 Jul 2012 09:38:29 +0000 (11:38 +0200)]
Pass opaque data to printf hooks and print_in_hook()

7 years agoIncrease leak detective backtrace depth by a frame
Martin Willi [Thu, 12 Jul 2012 07:27:20 +0000 (09:27 +0200)]
Increase leak detective backtrace depth by a frame

7 years agoDon't access tail magic when reallocating invalid memory, as it would crash
Martin Willi [Thu, 12 Jul 2012 07:26:33 +0000 (09:26 +0200)]
Don't access tail magic when reallocating invalid memory, as it would crash

7 years agoWith --enable-bfd-backtraces, use binutils libbfd to resolve backtraces
Martin Willi [Wed, 11 Jul 2012 15:37:09 +0000 (17:37 +0200)]
With --enable-bfd-backtraces, use binutils libbfd to resolve backtraces

The invocation of addr2line to resolve backtrace source locations
is slow and cumbersome. When using libbfd directly, we can eliminate
the overhead of the process invocation. Even better, we can cache
library symbol names, bringing wicked fast lookups. As a neat bonus,
we can resolve static function names.

7 years agoAdd an external method to disable leak detective temporarly
Martin Willi [Wed, 11 Jul 2012 15:08:30 +0000 (17:08 +0200)]
Add an external method to disable leak detective temporarly

7 years agoSimplify NAT-D payload creation if UDP encapsulation is forced
Tobias Brunner [Fri, 13 Jul 2012 09:13:43 +0000 (11:13 +0200)]
Simplify NAT-D payload creation if UDP encapsulation is forced

We don't need any address lookups in that case as the content of the
payload is generated randomly anyway.

7 years agoadded PA-TNC max_msg_len option to man page
Andreas Steffen [Fri, 13 Jul 2012 09:02:23 +0000 (11:02 +0200)]
added PA-TNC max_msg_len option to man page

7 years agoupdated Copyright info
Andreas Steffen [Fri, 13 Jul 2012 08:42:40 +0000 (10:42 +0200)]
updated Copyright info

7 years agowait for the finalization of the Functional Component measurements
Andreas Steffen [Fri, 13 Jul 2012 08:06:43 +0000 (10:06 +0200)]
wait for the finalization of the Functional Component measurements

7 years agorestrict PA-TNC message siz only if upper limit is defined
Andreas Steffen [Thu, 12 Jul 2012 20:18:24 +0000 (22:18 +0200)]
restrict PA-TNC message siz only if upper limit is defined

7 years agoa curly bracket got lost
Andreas Steffen [Thu, 12 Jul 2012 19:19:55 +0000 (21:19 +0200)]
a curly bracket got lost

7 years agodestroy oversized attributes
Andreas Steffen [Thu, 12 Jul 2012 19:17:28 +0000 (21:17 +0200)]
destroy oversized attributes

7 years agoprevent endless loop with oversize attributes
Andreas Steffen [Thu, 12 Jul 2012 19:14:21 +0000 (21:14 +0200)]
prevent endless loop with oversize attributes

7 years agorestrict PA-TNC messages to maximum size
Andreas Steffen [Thu, 12 Jul 2012 18:01:32 +0000 (20:01 +0200)]
restrict PA-TNC messages to maximum size

7 years agorefactored PA-TNC attribute error handling
Andreas Steffen [Thu, 12 Jul 2012 11:39:27 +0000 (13:39 +0200)]
refactored PA-TNC attribute error handling

7 years agofixed memory leak in the IETF standard error handling
Andreas Steffen [Thu, 12 Jul 2012 11:38:44 +0000 (13:38 +0200)]
fixed memory leak in the IETF standard error handling

7 years agostatic upper size limit for PA-TNC messages
Andreas Steffen [Thu, 12 Jul 2012 10:49:49 +0000 (12:49 +0200)]
static upper size limit for PA-TNC messages

7 years agoAvoid that any % characters (e.g. in %any) are evaluated when logging via stroke
Tobias Brunner [Thu, 12 Jul 2012 14:58:00 +0000 (16:58 +0200)]
Avoid that any % characters (e.g. in %any) are evaluated when logging via stroke

7 years agoAdded PLUGIN_NOOP to separate PLUGIN_PROVIDE from previous CALLBACK/REGISTER entries
Tobias Brunner [Thu, 12 Jul 2012 14:52:01 +0000 (16:52 +0200)]
Added PLUGIN_NOOP to separate PLUGIN_PROVIDE from previous CALLBACK/REGISTER entries

7 years agoAndroid.mk of libstrongswan adapted to config.h changes
Tobias Brunner [Thu, 12 Jul 2012 07:56:44 +0000 (09:56 +0200)]
Android.mk of libstrongswan adapted to config.h changes

7 years agoProperly cleanup thread-local values for the threads destroying thread_value_t objects
Tobias Brunner [Thu, 12 Jul 2012 07:34:56 +0000 (09:34 +0200)]
Properly cleanup thread-local values for the threads destroying thread_value_t objects

7 years agoSet a sane default if --with-dev-headers is given without path
Martin Willi [Thu, 12 Jul 2012 06:39:54 +0000 (08:39 +0200)]
Set a sane default if --with-dev-headers is given without path

7 years agofixed a memory leak in imc|imv_agent
Andreas Steffen [Wed, 11 Jul 2012 22:03:24 +0000 (00:03 +0200)]
fixed a memory leak in imc|imv_agent