strongswan.git
10 years agomanagement of any attribute by ipsec pool
Andreas Steffen [Wed, 19 May 2010 19:51:21 +0000 (21:51 +0200)]
management of any attribute by ipsec pool

10 years agoupdated ikev1/rw-cert scenario to support xauth integrity test
Andreas Steffen [Wed, 19 May 2010 06:31:39 +0000 (08:31 +0200)]
updated ikev1/rw-cert scenario to support xauth integrity test

10 years agochecksum_builder() needs the pluto symbol
Andreas Steffen [Wed, 19 May 2010 06:02:22 +0000 (08:02 +0200)]
checksum_builder() needs the pluto symbol

10 years agoupdated ikev1/xauth-rsa-mode-config scenario to support xauth plugin
Andreas Steffen [Tue, 18 May 2010 20:57:12 +0000 (22:57 +0200)]
updated ikev1/xauth-rsa-mode-config scenario to support xauth plugin

10 years agoupdated ikev1/xauth-psk-mode-config scenario to support xauth plugin
Andreas Steffen [Tue, 18 May 2010 20:56:42 +0000 (22:56 +0200)]
updated ikev1/xauth-psk-mode-config scenario to support xauth plugin

10 years agoupdated ikev1/xauth-psk-mode-config scenario to support xauth plugin
Andreas Steffen [Tue, 18 May 2010 20:48:37 +0000 (22:48 +0200)]
updated ikev1/xauth-psk-mode-config scenario to support xauth plugin

10 years agoregister virtual IPs under the XAUTH identity
Andreas Steffen [Tue, 18 May 2010 20:41:22 +0000 (22:41 +0200)]
register virtual IPs under the XAUTH identity

10 years agoupdated ikev1/xauth-rsa-nosecret scenario to support xauth plugin
Andreas Steffen [Tue, 18 May 2010 18:20:55 +0000 (20:20 +0200)]
updated ikev1/xauth-rsa-nosecret scenario to support xauth plugin

10 years agocreated ikev1/xauth-id-psk scenario
Andreas Steffen [Tue, 18 May 2010 18:04:52 +0000 (20:04 +0200)]
created ikev1/xauth-id-psk scenario

10 years agoupdated ikev1/xauth-psk scenario to support xauth plugin
Andreas Steffen [Tue, 18 May 2010 18:04:02 +0000 (20:04 +0200)]
updated ikev1/xauth-psk scenario to support xauth plugin

10 years agoclarified secret loading debug output
Andreas Steffen [Tue, 18 May 2010 14:54:20 +0000 (16:54 +0200)]
clarified secret loading debug output

10 years agoupdated ikev1/xauth-rsa-fail scenario to xauth plugin
Andreas Steffen [Tue, 18 May 2010 14:53:34 +0000 (16:53 +0200)]
updated ikev1/xauth-rsa-fail scenario to xauth plugin

10 years agocreated ikev1/xauth-id-rsa scenario using XAUTH identities
Andreas Steffen [Tue, 18 May 2010 14:53:00 +0000 (16:53 +0200)]
created ikev1/xauth-id-rsa scenario using XAUTH identities

10 years agoupdated ikev1/xauth-rsa scenario to xauth plugin
Andreas Steffen [Tue, 18 May 2010 14:52:12 +0000 (16:52 +0200)]
updated ikev1/xauth-rsa scenario to xauth plugin

10 years agoTypo fixed.
Tobias Brunner [Tue, 18 May 2010 11:59:23 +0000 (13:59 +0200)]
Typo fixed.

10 years agoimplemented xauth as a pluto plugin
Andreas Steffen [Tue, 18 May 2010 11:51:15 +0000 (13:51 +0200)]
implemented xauth as a pluto plugin

10 years agoHandle collisions between rekey and the following delete properly
Martin Willi [Tue, 18 May 2010 10:21:38 +0000 (12:21 +0200)]
Handle collisions between rekey and the following delete properly

10 years agoAdded simple conditional packet receive delay
Martin Willi [Tue, 18 May 2010 10:21:05 +0000 (12:21 +0200)]
Added simple conditional packet receive delay

10 years agoAdded simple conditional packet send delay
Martin Willi [Tue, 18 May 2010 10:20:32 +0000 (12:20 +0200)]
Added simple conditional packet send delay

10 years agoExplicitly link gpg-error to gcrypt plugin
Martin Willi [Mon, 17 May 2010 10:36:30 +0000 (12:36 +0200)]
Explicitly link gpg-error to gcrypt plugin

10 years agoLink to libgpg-error to resolve additional symbols when testing for libgcrypt
Martin Willi [Mon, 17 May 2010 09:08:13 +0000 (11:08 +0200)]
Link to libgpg-error to resolve additional symbols when testing for libgcrypt

10 years agoit's too late on Saturday evening
Andreas Steffen [Sat, 15 May 2010 16:52:59 +0000 (18:52 +0200)]
it's too late on Saturday evening

10 years agoroll back some changes
Andreas Steffen [Sat, 15 May 2010 16:48:35 +0000 (18:48 +0200)]
roll back some changes

10 years agoencoding of MODE_TUNNEL changed
Andreas Steffen [Sat, 15 May 2010 16:36:14 +0000 (18:36 +0200)]
encoding of MODE_TUNNEL changed

10 years agothe keyid is a subjectKeyIdentifier
Andreas Steffen [Sat, 15 May 2010 15:03:04 +0000 (17:03 +0200)]
the keyid is a subjectKeyIdentifier

10 years agofixed keyids in sql/rw-psk-rsa-split scenario
Andreas Steffen [Sat, 15 May 2010 14:55:08 +0000 (16:55 +0200)]
fixed keyids in sql/rw-psk-rsa-split scenario

10 years agofixed keyids in sql/rw-eap-aka-rsa scenario
Andreas Steffen [Sat, 15 May 2010 14:44:53 +0000 (16:44 +0200)]
fixed keyids in sql/rw-eap-aka-rsa scenario

10 years agofixed keyids in sql/rw-cert scenario
Andreas Steffen [Sat, 15 May 2010 14:34:50 +0000 (16:34 +0200)]
fixed keyids in sql/rw-cert scenario

10 years agofixed keyids in sql/net2net-cert scenario
Andreas Steffen [Sat, 15 May 2010 14:20:34 +0000 (16:20 +0200)]
fixed keyids in sql/net2net-cert scenario

10 years agoinserted newline
Andreas Steffen [Sat, 15 May 2010 14:13:22 +0000 (16:13 +0200)]
inserted newline

10 years agofixed keyids in sql/ip-split-pools-db-restart scenario
Andreas Steffen [Sat, 15 May 2010 14:11:08 +0000 (16:11 +0200)]
fixed keyids in sql/ip-split-pools-db-restart scenario

10 years agofixed keyids in sql/ip-split-pools-db scenario
Andreas Steffen [Sat, 15 May 2010 11:40:11 +0000 (13:40 +0200)]
fixed keyids in sql/ip-split-pools-db scenario

10 years agofixed keyids in sql/ip-pool-db-restart scenario
Andreas Steffen [Sat, 15 May 2010 11:22:49 +0000 (13:22 +0200)]
fixed keyids in sql/ip-pool-db-restart scenario

10 years agofixed keyids in sql/ip-pool-db-expired scenario
Andreas Steffen [Sat, 15 May 2010 11:07:22 +0000 (13:07 +0200)]
fixed keyids in sql/ip-pool-db-expired scenario

10 years agofixed keyids in sql/ip-pool-db scenario
Andreas Steffen [Sat, 15 May 2010 11:06:48 +0000 (13:06 +0200)]
fixed keyids in sql/ip-pool-db scenario

10 years agointroduced xauth_identity keyword
Andreas Steffen [Sat, 15 May 2010 08:18:29 +0000 (10:18 +0200)]
introduced xauth_identity keyword

10 years agoadapted evaltest of ikev1/ip-pool-db-push scenario to resolve plugin
Andreas Steffen [Fri, 14 May 2010 15:26:59 +0000 (17:26 +0200)]
adapted evaltest of ikev1/ip-pool-db-push scenario to resolve plugin

10 years agoadapted evaltest of ikev1/ip-pool-db scenario to resolve plugin
Andreas Steffen [Fri, 14 May 2010 15:20:28 +0000 (17:20 +0200)]
adapted evaltest of ikev1/ip-pool-db scenario to resolve plugin

10 years agorefactoring of Mode Config functionality allows transport and handling of any attribute
Andreas Steffen [Fri, 14 May 2010 15:07:03 +0000 (17:07 +0200)]
refactoring of Mode Config functionality allows transport and handling of any attribute

10 years agoadapted evaltest of ikev1/mode-config-push scenario to resolve plugin
Andreas Steffen [Fri, 14 May 2010 13:12:03 +0000 (15:12 +0200)]
adapted evaltest of ikev1/mode-config-push scenario to resolve plugin

10 years agoadapted evaltest to resolve plugin
Andreas Steffen [Fri, 14 May 2010 09:07:26 +0000 (11:07 +0200)]
adapted evaltest to resolve plugin

10 years agoimplemented support of resolve plugin
Andreas Steffen [Sat, 8 May 2010 14:09:02 +0000 (16:09 +0200)]
implemented support of resolve plugin

10 years agoinclude demux.h only once
Andreas Steffen [Thu, 6 May 2010 19:55:19 +0000 (21:55 +0200)]
include demux.h only once

10 years agoalready defined in attributes/attributes.h
Andreas Steffen [Thu, 6 May 2010 19:44:15 +0000 (21:44 +0200)]
already defined in attributes/attributes.h

10 years agoinclude state.h only once
Andreas Steffen [Thu, 6 May 2010 19:35:00 +0000 (21:35 +0200)]
include state.h only once

10 years agoremoved stray file
Andreas Steffen [Thu, 6 May 2010 08:35:25 +0000 (10:35 +0200)]
removed stray file

10 years agoSupport decoding of subjectPublicKeyInfo in openssl without pkcs1 plugin
Martin Willi [Wed, 5 May 2010 11:48:10 +0000 (13:48 +0200)]
Support decoding of subjectPublicKeyInfo in openssl without pkcs1 plugin

10 years agoDo not check pointer, but length of a chunk
Martin Willi [Wed, 5 May 2010 09:30:18 +0000 (11:30 +0200)]
Do not check pointer, but length of a chunk

10 years agoDouble-check that a blob passed to is_asn1() is not empty
Martin Willi [Wed, 5 May 2010 09:26:17 +0000 (11:26 +0200)]
Double-check that a blob passed to is_asn1() is not empty

10 years agoDo not print filename twice if plugin loading fails, dlerror() contains the filename
Martin Willi [Wed, 5 May 2010 09:15:10 +0000 (11:15 +0200)]
Do not print filename twice if plugin loading fails, dlerror() contains the filename

10 years agoImplemented base32 encoding of chunks.
Martin Willi [Wed, 5 May 2010 08:40:52 +0000 (10:40 +0200)]
Implemented base32 encoding of chunks.

10 years agomoved resolve plugin from libcharon to libhydra
Andreas Steffen [Tue, 4 May 2010 21:52:44 +0000 (23:52 +0200)]
moved resolve plugin from libcharon to libhydra

10 years agoDo a proper cleanup when printing usage info.
Tobias Brunner [Tue, 4 May 2010 15:33:35 +0000 (17:33 +0200)]
Do a proper cleanup when printing usage info.

10 years agoMoved syslog.h include.
Tobias Brunner [Tue, 4 May 2010 15:40:10 +0000 (17:40 +0200)]
Moved syslog.h include.

10 years agoCompiler warning fixed.
Tobias Brunner [Tue, 4 May 2010 15:00:43 +0000 (17:00 +0200)]
Compiler warning fixed.

10 years agofixed typo
Andreas Steffen [Tue, 4 May 2010 04:18:10 +0000 (06:18 +0200)]
fixed typo

10 years agoAdd 'flush_line' option to filelog section.
Adrian-Ken Rueegsegger [Sun, 2 May 2010 12:37:16 +0000 (14:37 +0200)]
Add 'flush_line' option to filelog section.

The new boolean 'flush_line' option in the filelog section of
strongswan.conf specifies if log messages should be flushed to the given
file for each new line.

10 years agoUse reqid from connection config if present.
Reto Buerki [Thu, 22 Apr 2010 15:03:30 +0000 (17:03 +0200)]
Use reqid from connection config if present.

10 years agoAdd reqid field and getter function to child_cfg_t.
Reto Buerki [Thu, 22 Apr 2010 15:03:29 +0000 (17:03 +0200)]
Add reqid field and getter function to child_cfg_t.

10 years agoInclude reqid in stroke add connection message.
Reto Buerki [Thu, 22 Apr 2010 15:03:28 +0000 (17:03 +0200)]
Include reqid in stroke add connection message.

10 years agoAdd reqid keyword to config connection section.
Reto Buerki [Thu, 22 Apr 2010 15:03:27 +0000 (17:03 +0200)]
Add reqid keyword to config connection section.

10 years agodelete release files
Andreas Steffen [Mon, 3 May 2010 07:31:22 +0000 (09:31 +0200)]
delete release files

10 years agoversion bump to 4.4.1
Andreas Steffen [Mon, 3 May 2010 07:09:43 +0000 (09:09 +0200)]
version bump to 4.4.1

10 years agoadded getprotobyname to whitelist 4.4.0
Andreas Steffen [Sun, 2 May 2010 19:13:10 +0000 (21:13 +0200)]
added getprotobyname to whitelist

10 years agoremove subnet from sourceip
Andreas Steffen [Sun, 2 May 2010 15:58:36 +0000 (17:58 +0200)]
remove subnet from sourceip

10 years agofinal fix for cloning and deleting sourceip strings
Andreas Steffen [Sun, 2 May 2010 13:55:46 +0000 (15:55 +0200)]
final fix for cloning and deleting sourceip strings

10 years agofixed end->sourceip memory leak in ipsec starter
Andreas Steffen [Sun, 2 May 2010 12:56:35 +0000 (14:56 +0200)]
fixed end->sourceip memory leak in ipsec starter

10 years agoupdated options in testing.conf
Andreas Steffen [Sun, 2 May 2010 09:47:24 +0000 (11:47 +0200)]
updated options in testing.conf

10 years agofixed flex parser memory leaks in ipsec starter
Andreas Steffen [Sun, 2 May 2010 09:40:46 +0000 (11:40 +0200)]
fixed flex parser memory leaks in ipsec starter

10 years agofree config before exiting since library_deinit() calls leak detective
Andreas Steffen [Sun, 2 May 2010 09:00:21 +0000 (11:00 +0200)]
free config before exiting since library_deinit() calls leak detective

10 years agoWe have to rename thread_create on Mac OS X because it conflicts with a syscall.
Tobias Brunner [Thu, 29 Apr 2010 12:44:31 +0000 (14:44 +0200)]
We have to rename thread_create on Mac OS X because it conflicts with a syscall.

10 years agoInitialize libstrongswan in stroke (fixes Vstr logging).
Tobias Brunner [Thu, 29 Apr 2010 12:51:44 +0000 (14:51 +0200)]
Initialize libstrongswan in stroke (fixes Vstr logging).

10 years agoInitialize libstrongswan in starter (fixes Vstr logging).
Tobias Brunner [Thu, 29 Apr 2010 12:33:29 +0000 (14:33 +0200)]
Initialize libstrongswan in starter (fixes Vstr logging).

10 years agoThe mutex of a thread has to be locked when destroying it.
Tobias Brunner [Thu, 29 Apr 2010 11:30:51 +0000 (13:30 +0200)]
The mutex of a thread has to be locked when destroying it.

10 years agoFixing out-of-tree build after adding dependency to config.status.
Tobias Brunner [Thu, 29 Apr 2010 11:29:53 +0000 (13:29 +0200)]
Fixing out-of-tree build after adding dependency to config.status.

10 years agoUsers of PLUGINS depend on config.status, rebuilding them if plugin configuration...
Martin Willi [Thu, 29 Apr 2010 09:28:27 +0000 (11:28 +0200)]
Users of PLUGINS depend on config.status, rebuilding them if plugin configuration is updated

10 years agoFixed RSA key generation with gcrypt
Martin Willi [Thu, 29 Apr 2010 07:51:37 +0000 (09:51 +0200)]
Fixed RSA key generation with gcrypt

10 years agoPEM encoder supports encoding from RSA components directly, allowing gcrypt plugin...
Martin Willi [Thu, 29 Apr 2010 07:36:45 +0000 (09:36 +0200)]
PEM encoder supports encoding from RSA components directly, allowing gcrypt plugin to encode in PEM

10 years agoadded AES-GMAC support to NEWS
Andreas Steffen [Thu, 29 Apr 2010 05:41:30 +0000 (07:41 +0200)]
added AES-GMAC support to NEWS

10 years agodo not destroy whack_attr if it hasn't been initialized
Andreas Steffen [Thu, 29 Apr 2010 05:28:51 +0000 (07:28 +0200)]
do not destroy whack_attr if it hasn't been initialized

10 years agoadded debug output argument
Andreas Steffen [Wed, 28 Apr 2010 10:27:45 +0000 (12:27 +0200)]
added debug output argument

10 years agoReintroduce to_referer(), redirect() does not work with get_referer()
Martin Willi [Wed, 28 Apr 2010 07:03:08 +0000 (09:03 +0200)]
Reintroduce to_referer(), redirect() does not work with get_referer()

10 years agoUse a 301 permanent redirect if no controller given
Martin Willi [Mon, 26 Apr 2010 07:41:10 +0000 (09:41 +0200)]
Use a 301 permanent redirect if no controller given

10 years agoadded ikev1/alg-esp-aes-gmac scenario
Andreas Steffen [Tue, 27 Apr 2010 11:48:37 +0000 (13:48 +0200)]
added ikev1/alg-esp-aes-gmac scenario

10 years agoadded AES_GMAC output string
Andreas Steffen [Tue, 27 Apr 2010 11:47:11 +0000 (13:47 +0200)]
added AES_GMAC output string

10 years agoadded ikev2/alg-esp-aes-gmac scenario
Andreas Steffen [Tue, 27 Apr 2010 11:13:10 +0000 (13:13 +0200)]
added ikev2/alg-esp-aes-gmac scenario

10 years agoadded ikev1/alg-modp-subgroup scenario
Andreas Steffen [Fri, 23 Apr 2010 13:23:54 +0000 (15:23 +0200)]
added ikev1/alg-modp-subgroup scenario

10 years agoadded ikev2/alg-modp-subgroup scenario
Andreas Steffen [Fri, 23 Apr 2010 13:03:16 +0000 (15:03 +0200)]
added ikev2/alg-modp-subgroup scenario

10 years agoinclude dhcp-client-identifier in the DHCP request
Andreas Steffen [Fri, 23 Apr 2010 10:57:43 +0000 (12:57 +0200)]
include dhcp-client-identifier in the DHCP request

10 years agoadded ikev2/dhcp-static-client-id scenario
Andreas Steffen [Fri, 23 Apr 2010 10:56:59 +0000 (12:56 +0200)]
added ikev2/dhcp-static-client-id scenario

10 years agofixed optional dnsmasq.conf in the ikev2/dhcp-static-mac scenario
Andreas Steffen [Fri, 23 Apr 2010 10:38:30 +0000 (12:38 +0200)]
fixed optional dnsmasq.conf in the ikev2/dhcp-static-mac scenario

10 years agoadded ikev2/dhcp-static-mac scenario
Andreas Steffen [Fri, 23 Apr 2010 10:33:11 +0000 (12:33 +0200)]
added ikev2/dhcp-static-mac scenario

10 years agoadded ikev2/dhcp-dynamic scenario
Andreas Steffen [Fri, 23 Apr 2010 09:52:37 +0000 (11:52 +0200)]
added ikev2/dhcp-dynamic scenario

10 years agomake DHCP debug messages consistent
Andreas Steffen [Fri, 23 Apr 2010 05:37:16 +0000 (07:37 +0200)]
make DHCP debug messages consistent

10 years agofixed typo
Andreas Steffen [Thu, 22 Apr 2010 22:02:13 +0000 (00:02 +0200)]
fixed typo

10 years agoIgnore DH exchange in CHILD_SA rekeying if the selected proposal contains no DH group
Martin Willi [Wed, 21 Apr 2010 06:40:55 +0000 (08:40 +0200)]
Ignore DH exchange in CHILD_SA rekeying if the selected proposal contains no DH group

10 years agofixed segfault in pluto with multiple ISAKMP SAs in delete payload
Heiko Hund [Tue, 20 Apr 2010 19:22:50 +0000 (21:22 +0200)]
fixed segfault in pluto with multiple ISAKMP SAs in delete payload

10 years agoAdded support for DH groups 22, 23 and 24, patch contributed by Joy Latten
Martin Willi [Mon, 19 Apr 2010 12:41:20 +0000 (14:41 +0200)]
Added support for DH groups 22, 23 and 24, patch contributed by Joy Latten

10 years agoAccept DHCP replies on bootps port, as we act as a relay agent if server address...
Martin Willi [Mon, 19 Apr 2010 09:16:36 +0000 (11:16 +0200)]
Accept DHCP replies on bootps port, as we act as a relay agent if server address configured

10 years agoIntegrating libhydra into the Android build system.
Tobias Brunner [Mon, 12 Apr 2010 14:47:47 +0000 (16:47 +0200)]
Integrating libhydra into the Android build system.