strongswan.git
13 years agoimplemented dynamic http-based CRL fetching
Andreas Steffen [Tue, 3 Apr 2007 21:11:23 +0000 (21:11 -0000)]
implemented dynamic http-based CRL fetching

13 years agosend VID_NATT_IETF_02_N for Windows 2003 server support
Andreas Steffen [Tue, 3 Apr 2007 21:10:08 +0000 (21:10 -0000)]
send VID_NATT_IETF_02_N for Windows 2003 server support

13 years agoimplemented dynamic http-based CRL fetching
Andreas Steffen [Tue, 3 Apr 2007 21:09:11 +0000 (21:09 -0000)]
implemented dynamic http-based CRL fetching

13 years agoimplemented http get method
Andreas Steffen [Tue, 3 Apr 2007 19:46:50 +0000 (19:46 -0000)]
implemented http get method

13 years agoIKEv1 changes
Andreas Steffen [Tue, 3 Apr 2007 12:41:37 +0000 (12:41 -0000)]
IKEv1 changes

13 years agoadded --enable-nat-transport and --disable-vendor-id configuration options
Andreas Steffen [Tue, 3 Apr 2007 07:58:34 +0000 (07:58 -0000)]
added --enable-nat-transport and --disable-vendor-id configuration options

13 years agoadded --enable-nat-transport and --disable-vendor-id configuration options
Andreas Steffen [Tue, 3 Apr 2007 07:58:21 +0000 (07:58 -0000)]
added --enable-nat-transport and --disable-vendor-id configuration options

13 years agobug fix: check existence of encryption key before sending encrypted notification
Andreas Steffen [Mon, 2 Apr 2007 19:04:51 +0000 (19:04 -0000)]
bug fix: check existence of encryption key before sending encrypted notification

13 years agoupdated NEWS, TODO
Martin Willi [Fri, 30 Mar 2007 12:49:19 +0000 (12:49 -0000)]
updated NEWS, TODO

13 years agoremoved unneded includes
Martin Willi [Fri, 30 Mar 2007 12:24:31 +0000 (12:24 -0000)]
removed unneded includes

13 years agousing IFA_LOCAL for interface enumeration to support ppp links
Martin Willi [Fri, 30 Mar 2007 09:21:48 +0000 (09:21 -0000)]
using IFA_LOCAL for interface enumeration to support ppp links

13 years agoadded IKE_SA_INIT retransmission detection
Martin Willi [Thu, 29 Mar 2007 14:20:10 +0000 (14:20 -0000)]
added IKE_SA_INIT retransmission detection
fixed thread exhaustion when IKE_SA is blocked for a longer time

13 years agoimplemented DoS protection with cookies and IP filter
Martin Willi [Thu, 29 Mar 2007 11:26:55 +0000 (11:26 -0000)]
implemented DoS protection with cookies and IP filter

13 years agofixed task manager message id bug for cookies
Martin Willi [Thu, 29 Mar 2007 11:08:30 +0000 (11:08 -0000)]
fixed task manager message id bug for cookies

13 years agoadded retry limit for IKE_SA_INIT (give up after 5 cookie failures)
Martin Willi [Thu, 29 Mar 2007 11:07:49 +0000 (11:07 -0000)]
added retry limit for IKE_SA_INIT (give up after 5 cookie failures)

13 years agoadded chunk_from_thing() macro
Martin Willi [Thu, 29 Mar 2007 11:06:59 +0000 (11:06 -0000)]
added chunk_from_thing() macro

13 years agoimplemented ipsec purgeocsp
Andreas Steffen [Wed, 28 Mar 2007 20:43:38 +0000 (20:43 -0000)]
implemented ipsec purgeocsp

13 years agocosmetics
Andreas Steffen [Wed, 28 Mar 2007 20:43:25 +0000 (20:43 -0000)]
cosmetics

13 years agoimplemented ipsec purgeocsp
Andreas Steffen [Wed, 28 Mar 2007 20:43:11 +0000 (20:43 -0000)]
implemented ipsec purgeocsp

13 years agoremoved send_queue, handled internally in sender_t know
Martin Willi [Wed, 28 Mar 2007 13:34:02 +0000 (13:34 -0000)]
removed send_queue, handled internally in sender_t know
do header parsing in receiver, ready for cookie integration

13 years agoimplemented a simple IP blocking filter in receiver thread
Martin Willi [Wed, 28 Mar 2007 09:23:03 +0000 (09:23 -0000)]
implemented a simple IP blocking filter in receiver thread

13 years agomerged changes from eap-aka trunk
Martin Willi [Wed, 28 Mar 2007 07:32:54 +0000 (07:32 -0000)]
merged changes from eap-aka trunk

13 years agois_trusted() adds cert_status to cert_to_be_trusted
Andreas Steffen [Wed, 28 Mar 2007 05:38:42 +0000 (05:38 -0000)]
is_trusted() adds cert_status to cert_to_be_trusted

13 years agofixed delta time format: 2 seconds, 1 second, 0 seconds
Andreas Steffen [Wed, 28 Mar 2007 05:37:20 +0000 (05:37 -0000)]
fixed delta time format: 2 seconds, 1 second, 0 seconds

13 years agoreplaced expired since %V by expired %V ago
Andreas Steffen [Wed, 28 Mar 2007 05:36:27 +0000 (05:36 -0000)]
replaced expired since %V by expired %V ago

13 years agofixed state and logging of IKE_SA when using EAP authentication
Martin Willi [Tue, 27 Mar 2007 16:11:29 +0000 (16:11 -0000)]
fixed state and logging of IKE_SA when using EAP authentication

13 years agofixed deferred CHILD_SA rekeying while IKE_SA rekeying in progress
Martin Willi [Tue, 27 Mar 2007 13:32:12 +0000 (13:32 -0000)]
fixed deferred CHILD_SA rekeying while IKE_SA rekeying in progress

13 years agogiving up EAP-SIM authentication after 3 failed challenges
Martin Willi [Tue, 27 Mar 2007 06:24:17 +0000 (06:24 -0000)]
giving up EAP-SIM authentication after 3 failed challenges

13 years agoimplemented ipsec listocsp function
Andreas Steffen [Tue, 27 Mar 2007 04:40:25 +0000 (04:40 -0000)]
implemented ipsec listocsp function

13 years agocmp_chunk returns int argument
Andreas Steffen [Tue, 27 Mar 2007 04:39:44 +0000 (04:39 -0000)]
cmp_chunk returns int argument

13 years agoregistered PRINT_CERTINFO function with symbol Y
Andreas Steffen [Tue, 27 Mar 2007 04:38:22 +0000 (04:38 -0000)]
registered PRINT_CERTINFO function with symbol Y

13 years agoadded chunk_compare() which compares orders chunks
Andreas Steffen [Tue, 27 Mar 2007 04:37:15 +0000 (04:37 -0000)]
added chunk_compare() which compares orders chunks

13 years agoadded OCSP signing certificates for the research and sales CAs
Andreas Steffen [Mon, 26 Mar 2007 07:08:39 +0000 (07:08 -0000)]
added OCSP signing certificates for the research and sales CAs

13 years agoadded ocsp-multi-level scenario
Andreas Steffen [Mon, 26 Mar 2007 07:05:02 +0000 (07:05 -0000)]
added ocsp-multi-level scenario

13 years agoadded CERT_ROOF
Andreas Steffen [Fri, 23 Mar 2007 22:01:59 +0000 (22:01 -0000)]
added CERT_ROOF

13 years agoadded CERT_ROOF
Andreas Steffen [Fri, 23 Mar 2007 22:01:40 +0000 (22:01 -0000)]
added CERT_ROOF

13 years agoadded certificate encoding OCSP content
Andreas Steffen [Fri, 23 Mar 2007 21:53:12 +0000 (21:53 -0000)]
added certificate encoding OCSP content

13 years agoversion bump to 4.1.1
Andreas Steffen [Fri, 23 Mar 2007 17:22:12 +0000 (17:22 -0000)]
version bump to 4.1.1

13 years agocarol's cert and private key does not have to be deleted
Andreas Steffen [Fri, 23 Mar 2007 17:20:44 +0000 (17:20 -0000)]
carol's cert and private key does not have to be deleted

13 years agostrongSwan version bumps and Windows Vista VIDs
Andreas Steffen [Fri, 23 Mar 2007 17:19:57 +0000 (17:19 -0000)]
strongSwan version bumps and Windows Vista VIDs

13 years agoupdated Changelog/TODO 4.1.0
Martin Willi [Thu, 22 Mar 2007 08:07:14 +0000 (08:07 -0000)]
updated Changelog/TODO

13 years agoadded CHILD_SA compare check for rekeying collisions
Martin Willi [Thu, 22 Mar 2007 07:34:42 +0000 (07:34 -0000)]
added CHILD_SA compare check for rekeying collisions

13 years agodeleted
Andreas Steffen [Wed, 21 Mar 2007 22:19:17 +0000 (22:19 -0000)]
deleted

13 years agoadded
Andreas Steffen [Wed, 21 Mar 2007 22:19:00 +0000 (22:19 -0000)]
added

13 years agorenamed ocsp-timeouts to ocsp-timeouts-good
Andreas Steffen [Wed, 21 Mar 2007 22:18:17 +0000 (22:18 -0000)]
renamed ocsp-timeouts to ocsp-timeouts-good

13 years agoadjusted rekey-retry delay and jitter
Martin Willi [Wed, 21 Mar 2007 16:12:16 +0000 (16:12 -0000)]
adjusted rekey-retry delay and jitter

13 years agofixed some rekey collision issues
Martin Willi [Wed, 21 Mar 2007 16:11:14 +0000 (16:11 -0000)]
fixed some rekey collision issues
added retry with jitter when rekeying fails

13 years agofixed SPI byte order
Martin Willi [Wed, 21 Mar 2007 16:09:27 +0000 (16:09 -0000)]
fixed SPI byte order

13 years agofixed child rekey collision
Martin Willi [Wed, 21 Mar 2007 14:42:49 +0000 (14:42 -0000)]
fixed child rekey collision
implemented ike rekey collision

13 years agohandling of CHILD_SA rekeying collisions
Martin Willi [Wed, 21 Mar 2007 09:25:36 +0000 (09:25 -0000)]
handling of CHILD_SA rekeying collisions

13 years agofixed inproper delete of CHILD_SA
Martin Willi [Wed, 21 Mar 2007 07:01:14 +0000 (07:01 -0000)]
fixed inproper delete of CHILD_SA

13 years agoprevent from initiating to %any
Martin Willi [Wed, 21 Mar 2007 07:00:04 +0000 (07:00 -0000)]
prevent from initiating to %any

13 years agofixed some exchange collisions (except IKE/CHILD rekeying)
Martin Willi [Tue, 20 Mar 2007 16:13:21 +0000 (16:13 -0000)]
fixed some exchange collisions (except IKE/CHILD rekeying)

13 years agofixed statusall rekey time jitter bug (again)
Martin Willi [Tue, 20 Mar 2007 14:56:41 +0000 (14:56 -0000)]
fixed statusall rekey time jitter bug (again)

13 years agofixed CHILD_SA rekeying time in statusall
Martin Willi [Tue, 20 Mar 2007 12:29:42 +0000 (12:29 -0000)]
fixed CHILD_SA rekeying time in statusall

13 years agofixed nat detection bug
Martin Willi [Tue, 20 Mar 2007 12:25:08 +0000 (12:25 -0000)]
fixed nat detection bug

13 years agoOCSP support
Andreas Steffen [Tue, 20 Mar 2007 10:47:00 +0000 (10:47 -0000)]
OCSP support

13 years agoupdated NEWS, TODO and man page
Martin Willi [Tue, 20 Mar 2007 08:59:03 +0000 (08:59 -0000)]
updated NEWS, TODO and man page

13 years agorespecting "keyingtries" parameter on IKE_SA setup
Martin Willi [Tue, 20 Mar 2007 08:16:16 +0000 (08:16 -0000)]
respecting "keyingtries" parameter on IKE_SA setup

13 years agocleanups
Martin Willi [Tue, 20 Mar 2007 08:15:53 +0000 (08:15 -0000)]
cleanups
fixed reset()

13 years agonot installing a route when policy gets updated
Martin Willi [Tue, 20 Mar 2007 08:15:18 +0000 (08:15 -0000)]
not installing a route when policy gets updated

13 years agorenamed keyingtries attribute
Martin Willi [Tue, 20 Mar 2007 08:14:18 +0000 (08:14 -0000)]
renamed keyingtries attribute

13 years agoadjusted loglevels
Martin Willi [Tue, 20 Mar 2007 08:13:54 +0000 (08:13 -0000)]
adjusted loglevels

13 years agodelay OCSP response by 5 seconds
Andreas Steffen [Tue, 20 Mar 2007 04:35:16 +0000 (04:35 -0000)]
delay OCSP response by 5 seconds

13 years agoalways update reqid on policy install, fixes dpdaction=hold issue
Martin Willi [Mon, 19 Mar 2007 10:00:56 +0000 (10:00 -0000)]
always update reqid on policy install, fixes dpdaction=hold issue

13 years agoEAP-SIM cleanups
Martin Willi [Mon, 19 Mar 2007 09:59:17 +0000 (09:59 -0000)]
EAP-SIM cleanups

13 years agofixed CHILD_SA rekeying/delete bug on 64bit machines
Martin Willi [Mon, 19 Mar 2007 08:04:37 +0000 (08:04 -0000)]
fixed CHILD_SA rekeying/delete bug on 64bit machines
removed obsolete methods in delete_payload

13 years agoShortened distribution string
Andreas Steffen [Fri, 16 Mar 2007 11:48:29 +0000 (11:48 -0000)]
Shortened distribution string

13 years agoShortened distribution string
Andreas Steffen [Fri, 16 Mar 2007 11:47:48 +0000 (11:47 -0000)]
Shortened distribution string

13 years agoshortened distribution string
Andreas Steffen [Fri, 16 Mar 2007 11:41:54 +0000 (11:41 -0000)]
shortened distribution string

13 years agoadd daemon.log to web page
Andreas Steffen [Thu, 15 Mar 2007 15:01:36 +0000 (15:01 -0000)]
add daemon.log to web page

13 years agoremove /etc/resolv.conf
Andreas Steffen [Thu, 15 Mar 2007 15:00:51 +0000 (15:00 -0000)]
remove /etc/resolv.conf

13 years agoversion bump to 4.1.0
Andreas Steffen [Thu, 15 Mar 2007 14:28:47 +0000 (14:28 -0000)]
version bump to 4.1.0

13 years agoadded apache2/ocsp log directory to winnetou
Andreas Steffen [Thu, 15 Mar 2007 14:18:26 +0000 (14:18 -0000)]
added apache2/ocsp log directory to winnetou

13 years agoremoved killall openssl
Andreas Steffen [Thu, 15 Mar 2007 13:56:35 +0000 (13:56 -0000)]
removed killall openssl

13 years agoremoved killall openssl
Andreas Steffen [Thu, 15 Mar 2007 13:56:09 +0000 (13:56 -0000)]
removed killall openssl

13 years agodeleted
Andreas Steffen [Thu, 15 Mar 2007 13:54:22 +0000 (13:54 -0000)]
deleted

13 years agodeleted
Andreas Steffen [Thu, 15 Mar 2007 13:52:32 +0000 (13:52 -0000)]
deleted

13 years agocreate apach2/ocsp/ logging directory on winnetou
Andreas Steffen [Thu, 15 Mar 2007 13:49:59 +0000 (13:49 -0000)]
create apach2/ocsp/ logging directory on winnetou

13 years agodo not check for type of dpd action any more
Andreas Steffen [Thu, 15 Mar 2007 13:34:42 +0000 (13:34 -0000)]
do not check for type of dpd action any more

13 years agocreate /var/log/apache2/ocsp on winnetou
Andreas Steffen [Thu, 15 Mar 2007 13:33:42 +0000 (13:33 -0000)]
create /var/log/apache2/ocsp on winnetou

13 years agoadded
Andreas Steffen [Thu, 15 Mar 2007 13:30:55 +0000 (13:30 -0000)]
added

13 years agoadded
Andreas Steffen [Thu, 15 Mar 2007 13:29:56 +0000 (13:29 -0000)]
added

13 years agoadded
Andreas Steffen [Thu, 15 Mar 2007 13:29:02 +0000 (13:29 -0000)]
added

13 years agodelete virtual IP addresses after use
Andreas Steffen [Wed, 14 Mar 2007 23:02:44 +0000 (23:02 -0000)]
delete virtual IP addresses after use

13 years agodeleted
Andreas Steffen [Wed, 14 Mar 2007 22:08:55 +0000 (22:08 -0000)]
deleted

13 years agoadded
Andreas Steffen [Wed, 14 Mar 2007 22:07:18 +0000 (22:07 -0000)]
added

13 years agofixed case of missing subjectKeyID
Andreas Steffen [Wed, 14 Mar 2007 21:06:57 +0000 (21:06 -0000)]
fixed case of missing subjectKeyID

13 years agocorrected typo
Andreas Steffen [Wed, 14 Mar 2007 19:33:34 +0000 (19:33 -0000)]
corrected typo

13 years agoversion bump to 4.1.0
Andreas Steffen [Wed, 14 Mar 2007 18:31:47 +0000 (18:31 -0000)]
version bump to 4.1.0

13 years agoadded
Andreas Steffen [Wed, 14 Mar 2007 15:42:40 +0000 (15:42 -0000)]
added

13 years agouse CURLOPT_NOSIGNAL
Andreas Steffen [Wed, 14 Mar 2007 15:41:58 +0000 (15:41 -0000)]
use CURLOPT_NOSIGNAL

13 years agoadded --with-sim-reader option to configure script
Martin Willi [Wed, 14 Mar 2007 15:39:45 +0000 (15:39 -0000)]
added --with-sim-reader option to configure script
some cleanups in eap_sim

13 years agoremoved dublicated code in eap_authenticator
Martin Willi [Wed, 14 Mar 2007 15:25:00 +0000 (15:25 -0000)]
removed dublicated code in eap_authenticator

13 years agolog reception of trusted signer certificate
Andreas Steffen [Wed, 14 Mar 2007 15:11:58 +0000 (15:11 -0000)]
log reception of trusted signer certificate

13 years agoversion bump to 4.1.0
Andreas Steffen [Wed, 14 Mar 2007 15:11:00 +0000 (15:11 -0000)]
version bump to 4.1.0

13 years agodeleted
Andreas Steffen [Wed, 14 Mar 2007 15:10:12 +0000 (15:10 -0000)]
deleted

13 years agoadded
Andreas Steffen [Wed, 14 Mar 2007 15:09:00 +0000 (15:09 -0000)]
added

13 years agochanged OCSPSigner to OCSPSigning
Andreas Steffen [Wed, 14 Mar 2007 15:08:23 +0000 (15:08 -0000)]
changed OCSPSigner to OCSPSigning

13 years agofixed carry bug in FIPS prf
Martin Willi [Wed, 14 Mar 2007 14:54:23 +0000 (14:54 -0000)]
fixed carry bug in FIPS prf