strongswan.git
15 years agoversion bump to 4.1.3
Andreas Steffen [Fri, 25 May 2007 07:25:38 +0000 (07:25 -0000)]
version bump to 4.1.3

15 years agofixed man page
Martin Willi [Fri, 25 May 2007 07:19:49 +0000 (07:19 -0000)]
fixed man page

15 years agoupdated man-page for left/rightsourceip
Martin Willi [Fri, 25 May 2007 07:15:18 +0000 (07:15 -0000)]
updated man-page for left/rightsourceip

15 years agoremoved paranoid module checking
Martin Willi [Fri, 25 May 2007 05:45:41 +0000 (05:45 -0000)]
removed paranoid module checking

15 years agoadded compatibility names (pluto) for sha2 algorithms (sha2_256, ...)
Martin Willi [Fri, 25 May 2007 05:44:53 +0000 (05:44 -0000)]
added compatibility names (pluto) for sha2 algorithms (sha2_256, ...)

15 years agoadded #define LDAP_DEPRECATED in order to use old ldap_init() function
Andreas Steffen [Thu, 24 May 2007 12:09:48 +0000 (12:09 -0000)]
added #define LDAP_DEPRECATED in order to use old ldap_init() function

15 years agoremoved unneeded libdes files speed.c and des_opts.c
Andreas Steffen [Thu, 24 May 2007 12:08:44 +0000 (12:08 -0000)]
removed unneeded libdes files speed.c and des_opts.c

15 years agocecho changes in UML scripts
Andreas Steffen [Wed, 23 May 2007 22:24:47 +0000 (22:24 -0000)]
cecho changes in UML scripts

15 years agoadded virtual-ip scenario
Andreas Steffen [Wed, 23 May 2007 21:41:05 +0000 (21:41 -0000)]
added virtual-ip scenario

15 years agodefined ietfAttr_t type and its destroy function
Andreas Steffen [Wed, 23 May 2007 19:43:24 +0000 (19:43 -0000)]
defined ietfAttr_t type and its destroy function

15 years agoremoved old FreeS/WAN cvs revision entries
Andreas Steffen [Wed, 23 May 2007 19:27:48 +0000 (19:27 -0000)]
removed old FreeS/WAN cvs revision entries

15 years agoadded #include <linux/types.h> required by 2.6.21 linux headers
Andreas Steffen [Wed, 23 May 2007 19:27:02 +0000 (19:27 -0000)]
added #include <linux/types.h> required by 2.6.21 linux headers

15 years agoproper thread cancellation when using the charon->interfaces
Martin Willi [Wed, 23 May 2007 09:08:13 +0000 (09:08 -0000)]
proper thread cancellation when using the charon->interfaces

15 years agofixed crash when using 0.0.0.0/0 subnets
Martin Willi [Wed, 23 May 2007 06:33:22 +0000 (06:33 -0000)]
fixed crash when using 0.0.0.0/0 subnets

15 years agoremoved misleading warning when rekeying
Martin Willi [Wed, 23 May 2007 06:32:41 +0000 (06:32 -0000)]
removed misleading warning when rekeying

15 years agosupport for virtual IP definition on client side:
Martin Willi [Tue, 22 May 2007 13:49:31 +0000 (13:49 -0000)]
support for virtual IP definition on client side:
  if leftsourceip is defined, it is requested.
  server may define rightsourceip=%config to accept any,
  or it may overwrite it using rightsourceip.
  if server does not return an IP, client enforces its configured leftsourceip.

15 years agofixed memleak
Martin Willi [Tue, 22 May 2007 09:38:42 +0000 (09:38 -0000)]
fixed memleak

15 years agousing local address as gateway in installed routes
Martin Willi [Tue, 22 May 2007 07:47:16 +0000 (07:47 -0000)]
using local address as gateway in installed routes

15 years agosupport of left|rightgroups parameter
Andreas Steffen [Sun, 20 May 2007 15:38:36 +0000 (15:38 -0000)]
support of left|rightgroups parameter

15 years agoreduced crl validity of research and sales ca to 15 days
Andreas Steffen [Sat, 19 May 2007 19:47:24 +0000 (19:47 -0000)]
reduced crl validity of research and sales ca to 15 days

15 years agofixed nextUpdate and until behaviour in the non-strict case
Andreas Steffen [Sat, 19 May 2007 19:46:13 +0000 (19:46 -0000)]
fixed nextUpdate and until behaviour in the non-strict case

15 years agoset rightca= to root CA
Andreas Steffen [Fri, 18 May 2007 13:19:47 +0000 (13:19 -0000)]
set rightca= to root CA

15 years agoadded multi-level-ca-revoked scenario
Andreas Steffen [Fri, 18 May 2007 13:18:28 +0000 (13:18 -0000)]
added  multi-level-ca-revoked scenario

15 years agoadded multi-level-ca-loop scenario
Andreas Steffen [Fri, 18 May 2007 12:42:49 +0000 (12:42 -0000)]
added  multi-level-ca-loop scenario

15 years agosupport of CA-based ipsec policies
Andreas Steffen [Fri, 18 May 2007 12:28:05 +0000 (12:28 -0000)]
support of CA-based ipsec policies

15 years agosupport of CA-based ipsec policies
Andreas Steffen [Fri, 18 May 2007 12:25:37 +0000 (12:25 -0000)]
support of CA-based ipsec policies

15 years agosupport of crlnumber in research and sales CAs
Andreas Steffen [Fri, 18 May 2007 12:24:50 +0000 (12:24 -0000)]
support of crlnumber in research and sales CAs

15 years agoadded multi-level-ca-ldap scenario
Andreas Steffen [Fri, 18 May 2007 12:23:31 +0000 (12:23 -0000)]
added multi-level-ca-ldap scenario

15 years agoadded multi-level-ca scenario
Andreas Steffen [Fri, 18 May 2007 12:23:10 +0000 (12:23 -0000)]
added multi-level-ca scenario

15 years agoca-based policy now requires rightca=%any in the two-certs scenario
Andreas Steffen [Fri, 18 May 2007 10:53:58 +0000 (10:53 -0000)]
ca-based policy now requires rightca=%any in the two-certs scenario

15 years agoadd is_ca() method
Andreas Steffen [Fri, 18 May 2007 10:16:10 +0000 (10:16 -0000)]
add is_ca() method

15 years agoadded set_ca_info() and get_ca_info() methods
Andreas Steffen [Fri, 18 May 2007 10:15:23 +0000 (10:15 -0000)]
added set_ca_info() and get_ca_info() methods

15 years agooutput of eap_type_names requires %N format
Andreas Steffen [Fri, 18 May 2007 10:14:01 +0000 (10:14 -0000)]
output of eap_type_names requires %N format

15 years agoadded set_other_ca() and get_other_ca()
Andreas Steffen [Thu, 17 May 2007 17:55:29 +0000 (17:55 -0000)]
added set_other_ca() and get_other_ca()

15 years agoadded set_other_ca() and get_other_ca()
Andreas Steffen [Thu, 17 May 2007 17:55:02 +0000 (17:55 -0000)]
added set_other_ca() and get_other_ca()

15 years agoexport MAX_CA_PATH_LEN
Andreas Steffen [Thu, 17 May 2007 17:19:09 +0000 (17:19 -0000)]
export MAX_CA_PATH_LEN

15 years agocheck self-signedness of certificate at creation time
Andreas Steffen [Thu, 17 May 2007 17:18:38 +0000 (17:18 -0000)]
check self-signedness of certificate at creation time

15 years agoremoved route_job, handled all in interface_manager
Martin Willi [Wed, 16 May 2007 08:49:10 +0000 (08:49 -0000)]
removed route_job, handled all in interface_manager

15 years agorouting/unrouting through interface
Martin Willi [Wed, 16 May 2007 08:32:15 +0000 (08:32 -0000)]
routing/unrouting through interface

15 years agoremoved dead folder
Martin Willi [Wed, 16 May 2007 06:42:52 +0000 (06:42 -0000)]
removed dead folder

15 years agohierarchical display of tests
Andreas Steffen [Tue, 15 May 2007 20:30:21 +0000 (20:30 -0000)]
hierarchical display of tests

15 years agomultiple peer certificate support
Andreas Steffen [Tue, 15 May 2007 19:07:38 +0000 (19:07 -0000)]
multiple peer certificate support

15 years agoremoved reference to radij.c code
Andreas Steffen [Tue, 15 May 2007 19:06:05 +0000 (19:06 -0000)]
removed reference to radij.c code

15 years agoauthentication failure is handled in ike_auth.c
Andreas Steffen [Tue, 15 May 2007 19:05:26 +0000 (19:05 -0000)]
authentication failure is handled in ike_auth.c

15 years agocosmetics
Andreas Steffen [Tue, 15 May 2007 19:04:15 +0000 (19:04 -0000)]
cosmetics

15 years agocosmetics
Andreas Steffen [Tue, 15 May 2007 19:03:23 +0000 (19:03 -0000)]
cosmetics

15 years agoadded two-certs scenario
Andreas Steffen [Tue, 15 May 2007 15:54:06 +0000 (15:54 -0000)]
added two-certs scenario

15 years agoadapted authentication failure text to those in the authenticators
Andreas Steffen [Tue, 15 May 2007 14:52:44 +0000 (14:52 -0000)]
adapted authentication failure text to those in the authenticators

15 years agoverification of locally loaded peer certificates
Andreas Steffen [Tue, 15 May 2007 14:51:04 +0000 (14:51 -0000)]
verification of locally loaded peer certificates

15 years agosupport of multiple certificates with same peer id
Andreas Steffen [Tue, 15 May 2007 12:46:05 +0000 (12:46 -0000)]
support of multiple certificates with same peer id

15 years agocosmetics
Andreas Steffen [Tue, 15 May 2007 12:45:19 +0000 (12:45 -0000)]
cosmetics

15 years agoworking dummy for NetworkManager DBUS interface
Martin Willi [Mon, 14 May 2007 13:22:04 +0000 (13:22 -0000)]
working dummy for NetworkManager DBUS interface
  more a tech demo

15 years agoversion bump to 4.1.3
Andreas Steffen [Thu, 10 May 2007 12:40:09 +0000 (12:40 -0000)]
version bump to 4.1.3

15 years agosimplified capability dropping
Martin Willi [Wed, 9 May 2007 13:12:06 +0000 (13:12 -0000)]
simplified capability dropping

15 years agoproperly implemented interface_managers initiate, terminte_[ike|child]
Martin Willi [Wed, 9 May 2007 12:33:08 +0000 (12:33 -0000)]
properly implemented interface_managers initiate, terminte_[ike|child]
proper thread release when stroke is CTRL+C'ed
fixed some permission issues

15 years agoproperly ignoring signals rised by a thread which is in listening state
Martin Willi [Tue, 8 May 2007 12:58:33 +0000 (12:58 -0000)]
properly ignoring signals rised by a thread which is in listening state

15 years agochanging UID/GID after startup of pluto/charon
Martin Willi [Mon, 7 May 2007 12:38:46 +0000 (12:38 -0000)]
changing UID/GID after startup of pluto/charon
added --with-uid/--with-gid configure option

15 years agoextended interface_manager (more work needed here)
Martin Willi [Thu, 3 May 2007 14:22:52 +0000 (14:22 -0000)]
extended interface_manager (more work needed here)

15 years agoallow to have listening state TRUE while sending singal ourself
Martin Willi [Thu, 3 May 2007 14:22:15 +0000 (14:22 -0000)]
allow to have listening state TRUE while sending singal ourself

15 years agoreducing capabilities of the threads to a minimum
Martin Willi [Thu, 3 May 2007 14:21:22 +0000 (14:21 -0000)]
reducing capabilities of the threads to a minimum
proper flush of pending packets on daemon shutdown
adding local address as gateway address in dynamic route

15 years agosetting MALLOC_CHECK_=0 for charon to not use glibc's malloc checker
Martin Willi [Wed, 2 May 2007 09:59:47 +0000 (09:59 -0000)]
setting MALLOC_CHECK_=0 for charon to not use glibc's malloc checker

15 years agoadded more API documentation to backends/interfaces
Martin Willi [Mon, 30 Apr 2007 10:23:01 +0000 (10:23 -0000)]
added more API documentation to backends/interfaces

15 years agoadded udp.h 4.1.2
Andreas Steffen [Sun, 29 Apr 2007 19:48:54 +0000 (19:48 -0000)]
added udp.h

15 years agofixed include
Andreas Steffen [Sun, 29 Apr 2007 19:31:27 +0000 (19:31 -0000)]
fixed include

15 years agolocal include of pfkeyv2.h and netlink.h
Andreas Steffen [Sun, 29 Apr 2007 19:23:56 +0000 (19:23 -0000)]
local include of pfkeyv2.h and netlink.h

15 years agoreverted to original header files
Andreas Steffen [Sun, 29 Apr 2007 18:19:02 +0000 (18:19 -0000)]
reverted to original header files

15 years agoactually not needed
Andreas Steffen [Sat, 28 Apr 2007 21:32:57 +0000 (21:32 -0000)]
actually not needed

15 years agoactually not needed
Andreas Steffen [Sat, 28 Apr 2007 21:28:19 +0000 (21:28 -0000)]
actually not needed

15 years agoactually not needed
Andreas Steffen [Sat, 28 Apr 2007 21:28:08 +0000 (21:28 -0000)]
actually not needed

15 years agoadded compiler.h filter.h in.h and udp.h to src/include/linux/
Andreas Steffen [Sat, 28 Apr 2007 21:18:56 +0000 (21:18 -0000)]
added compiler.h filter.h in.h and udp.h to src/include/linux/

15 years agoadded netlink.h and rtnetlink.h to src/include/linux
Andreas Steffen [Sat, 28 Apr 2007 20:35:23 +0000 (20:35 -0000)]
added netlink.h and rtnetlink.h to src/include/linux

15 years agomoved linux26/rtnetlink.h and linux26/netlink.h to src/include/linux
Andreas Steffen [Sat, 28 Apr 2007 20:35:06 +0000 (20:35 -0000)]
moved linux26/rtnetlink.h and linux26/netlink.h to src/include/linux

15 years agoadded netlink.h and rtnetlink.h to src/include/linux
Andreas Steffen [Sat, 28 Apr 2007 20:33:19 +0000 (20:33 -0000)]
added netlink.h and rtnetlink.h to src/include/linux

15 years agomoved linux26/rtnetlink.h and linux26/netlink.h to src/include/linux
Andreas Steffen [Sat, 28 Apr 2007 20:31:40 +0000 (20:31 -0000)]
moved linux26/rtnetlink.h and linux26/netlink.h to src/include/linux

15 years agoadded esp-alg-aesxcbc scenario
Andreas Steffen [Sat, 28 Apr 2007 20:01:06 +0000 (20:01 -0000)]
added esp-alg-aesxcbc scenario

15 years agofixed evaltest.dat
Andreas Steffen [Sat, 28 Apr 2007 20:00:39 +0000 (20:00 -0000)]
fixed evaltest.dat

15 years agocrlNumber is now listed by ipsec listcrls
Andreas Steffen [Fri, 27 Apr 2007 22:45:24 +0000 (22:45 -0000)]
crlNumber is now listed by ipsec listcrls

15 years agolist crlnumber
Andreas Steffen [Fri, 27 Apr 2007 22:36:29 +0000 (22:36 -0000)]
list crlnumber

15 years agolist crlnumber
Andreas Steffen [Fri, 27 Apr 2007 22:27:22 +0000 (22:27 -0000)]
list crlnumber

15 years agoadded crlNumber OID
Andreas Steffen [Fri, 27 Apr 2007 22:04:08 +0000 (22:04 -0000)]
added crlNumber OID

15 years agoadded crlNumber OID
Andreas Steffen [Fri, 27 Apr 2007 22:03:46 +0000 (22:03 -0000)]
added crlNumber OID

15 years agogenerated new winnetou certificate
Andreas Steffen [Fri, 27 Apr 2007 21:41:27 +0000 (21:41 -0000)]
generated new winnetou certificate

15 years agoadded crlnumber
Andreas Steffen [Fri, 27 Apr 2007 21:41:07 +0000 (21:41 -0000)]
added crlnumber

15 years agoadded interface.h
Andreas Steffen [Fri, 27 Apr 2007 21:29:31 +0000 (21:29 -0000)]
added interface.h

15 years agofixed casting
Andreas Steffen [Fri, 27 Apr 2007 21:28:54 +0000 (21:28 -0000)]
fixed casting

15 years agoadded writeable_backend.h
Andreas Steffen [Fri, 27 Apr 2007 20:58:45 +0000 (20:58 -0000)]
added writeable_backend.h

15 years agofixed typo
Andreas Steffen [Fri, 27 Apr 2007 18:13:57 +0000 (18:13 -0000)]
fixed typo

15 years agoremoved dependencies from /usr/include/linux headers
Andreas Steffen [Fri, 27 Apr 2007 17:33:42 +0000 (17:33 -0000)]
removed dependencies from /usr/include/linux headers

15 years agocosmetics
Andreas Steffen [Fri, 27 Apr 2007 17:31:50 +0000 (17:31 -0000)]
cosmetics

15 years agoremoved dependencies on linux/types.h
Andreas Steffen [Fri, 27 Apr 2007 17:24:20 +0000 (17:24 -0000)]
removed dependencies on linux/types.h

15 years agorestructuring of configuration backends
Martin Willi [Fri, 27 Apr 2007 14:25:08 +0000 (14:25 -0000)]
restructuring of configuration backends
added propotypes of new control interfaces (xml & dbus)
introduced loadable:
  configuration backends
  control interfaces
using pluggable modules as in EAP

15 years agoremoved eap sim config
Martin Willi [Fri, 27 Apr 2007 14:11:18 +0000 (14:11 -0000)]
removed eap sim config

15 years agoforcing proper autoload of af_key kernel module in charon
Martin Willi [Fri, 27 Apr 2007 07:43:42 +0000 (07:43 -0000)]
forcing proper autoload of af_key kernel module in charon

15 years agoupdated news
Martin Willi [Thu, 26 Apr 2007 07:58:50 +0000 (07:58 -0000)]
updated news

15 years agoupdated NEWS
Martin Willi [Thu, 26 Apr 2007 06:33:03 +0000 (06:33 -0000)]
updated NEWS

15 years agoxauth_modules.verify_secret() function now passes the connection name
Andreas Steffen [Wed, 25 Apr 2007 07:51:04 +0000 (07:51 -0000)]
xauth_modules.verify_secret() function now passes the connection name

15 years agoadded conn_name to xauth_module.verify_secret() function call
Andreas Steffen [Wed, 25 Apr 2007 07:00:16 +0000 (07:00 -0000)]
added conn_name to xauth_module.verify_secret() function call

15 years agoproperly checking received IDr as initiator
Martin Willi [Wed, 25 Apr 2007 06:06:13 +0000 (06:06 -0000)]
properly checking received IDr as initiator

15 years agoadded support for AES-XCBC in kernel using e.g. esp=aes128-aesxcbc (>=linux-2.6.20)
Martin Willi [Mon, 23 Apr 2007 13:00:20 +0000 (13:00 -0000)]
added support for AES-XCBC in kernel using e.g. esp=aes128-aesxcbc (>=linux-2.6.20)

15 years agofixed CHILD_SA proposal selection when not using DH exchange
Martin Willi [Mon, 23 Apr 2007 12:59:10 +0000 (12:59 -0000)]
fixed CHILD_SA proposal selection when not using DH exchange