strongswan.git
10 years agomaemo: Explicitly list the installed files.
Tobias Brunner [Tue, 8 Feb 2011 14:15:36 +0000 (15:15 +0100)]
maemo: Explicitly list the installed files.

This avoids packaging static libraries and .la files plus excludes man3
pages of libfreeswan.

10 years agomaemo: Use /usr/lib instead of /usr/libexec.
Tobias Brunner [Tue, 8 Feb 2011 14:14:48 +0000 (15:14 +0100)]
maemo: Use /usr/lib instead of /usr/libexec.

10 years agomaemo: Create DBUS service file with correct path to charon.
Tobias Brunner [Tue, 8 Feb 2011 14:13:15 +0000 (15:13 +0100)]
maemo: Create DBUS service file with correct path to charon.

10 years agomaemo: Fixed remake of strongswan package.
Tobias Brunner [Tue, 8 Feb 2011 14:04:06 +0000 (15:04 +0100)]
maemo: Fixed remake of strongswan package.

10 years agoFixed tnc-imc/imv library names when building monolithic
Martin Willi [Tue, 8 Feb 2011 10:22:02 +0000 (11:22 +0100)]
Fixed tnc-imc/imv library names when building monolithic

10 years agoCheck for libxml when building tnccs_11, use autoconf libxml CFLAGS/LIBS
Martin Willi [Tue, 8 Feb 2011 10:11:01 +0000 (11:11 +0100)]
Check for libxml when building tnccs_11, use autoconf libxml CFLAGS/LIBS

10 years agotnccs_11 does not link against libtls, just uses its headers
Martin Willi [Tue, 8 Feb 2011 10:09:27 +0000 (11:09 +0100)]
tnccs_11 does not link against libtls, just uses its headers

10 years agoWhitespace cleanups in tnc code
Martin Willi [Tue, 8 Feb 2011 09:56:06 +0000 (10:56 +0100)]
Whitespace cleanups in tnc code

10 years agoAdd a prefix to the global visible tnc names to avoid name clashes, move to tncifimv
Martin Willi [Tue, 8 Feb 2011 09:53:10 +0000 (10:53 +0100)]
Add a prefix to the global visible tnc names to avoid name clashes, move to tncifimv

10 years agoFixed compiler warning
Martin Willi [Tue, 8 Feb 2011 09:51:02 +0000 (10:51 +0100)]
Fixed compiler warning

10 years agotnccs_11 does not link to libtnc anymore
Martin Willi [Tue, 8 Feb 2011 09:44:08 +0000 (10:44 +0100)]
tnccs_11 does not link to libtnc anymore

10 years agoImplement correct signature for pb_tnc_msg->process()
Martin Willi [Tue, 8 Feb 2011 09:42:48 +0000 (10:42 +0100)]
Implement correct signature for pb_tnc_msg->process()

10 years agoFixed doxygen groups in libcharon tnc subtree
Martin Willi [Tue, 8 Feb 2011 09:18:42 +0000 (10:18 +0100)]
Fixed doxygen groups in libcharon tnc subtree

10 years agoFixed various doxygen errors in tnc plugins
Martin Willi [Tue, 8 Feb 2011 09:18:09 +0000 (10:18 +0100)]
Fixed various doxygen errors in tnc plugins

10 years agoFixed function parameter description
Martin Willi [Tue, 8 Feb 2011 09:14:56 +0000 (10:14 +0100)]
Fixed function parameter description

10 years agoadded ikev2/critical-extension scenario
Andreas Steffen [Tue, 8 Feb 2011 06:05:11 +0000 (07:05 +0100)]
added ikev2/critical-extension scenario

10 years agodefined OID_STRONGSWAN
Andreas Steffen [Mon, 7 Feb 2011 22:42:29 +0000 (23:42 +0100)]
defined OID_STRONGSWAN

10 years agouse DN from pkcs10 request if it exists
Andreas Steffen [Mon, 7 Feb 2011 22:41:54 +0000 (23:41 +0100)]
use DN from pkcs10 request if it exists

10 years agomaemo: New releases.
Tobias Brunner [Mon, 7 Feb 2011 15:14:12 +0000 (16:14 +0100)]
maemo: New releases.

10 years agomaemo: Build dependencies fixed.
Tobias Brunner [Mon, 7 Feb 2011 15:13:37 +0000 (16:13 +0100)]
maemo: Build dependencies fixed.

10 years agomaemo: Makefile target to build source-only packages.
Tobias Brunner [Mon, 7 Feb 2011 15:12:30 +0000 (16:12 +0100)]
maemo: Makefile target to build source-only packages.

10 years agoReport correct key size if a cipher is not supported
Martin Willi [Mon, 7 Feb 2011 15:38:54 +0000 (16:38 +0100)]
Report correct key size if a cipher is not supported

10 years agoremoved keyblobtoid.c from libfreeswan
Andreas Steffen [Mon, 7 Feb 2011 14:47:43 +0000 (15:47 +0100)]
removed keyblobtoid.c from libfreeswan

10 years agoremoved atosa.c and satoa.c from libfreeswan
Andreas Steffen [Mon, 7 Feb 2011 14:35:24 +0000 (15:35 +0100)]
removed atosa.c and satoa.c from libfreeswan

10 years agoremoved prng.c from libfreeswan
Andreas Steffen [Mon, 7 Feb 2011 14:19:06 +0000 (15:19 +0100)]
removed prng.c from libfreeswan

10 years agoRemoved empty man page for starter.
Tobias Brunner [Mon, 7 Feb 2011 10:37:12 +0000 (11:37 +0100)]
Removed empty man page for starter.

10 years agoRemoved useless man page for _copyright.
Tobias Brunner [Mon, 7 Feb 2011 10:28:44 +0000 (11:28 +0100)]
Removed useless man page for _copyright.

10 years agoSome typos fixed.
Tobias Brunner [Mon, 7 Feb 2011 10:13:27 +0000 (11:13 +0100)]
Some typos fixed.

10 years agoFixed whatis entry of pluto manpage.
Tobias Brunner [Mon, 7 Feb 2011 10:09:03 +0000 (11:09 +0100)]
Fixed whatis entry of pluto manpage.

10 years agoEscape - in manpages when used as minus sign.
Tobias Brunner [Mon, 7 Feb 2011 09:52:54 +0000 (10:52 +0100)]
Escape - in manpages when used as minus sign.

10 years agomaemo: Register with the GtkIconTheme "changed" signal not until the GUI is initialized.
Tobias Brunner [Mon, 7 Feb 2011 09:43:28 +0000 (10:43 +0100)]
maemo: Register with the GtkIconTheme "changed" signal not until the GUI is initialized.

10 years agointroduced libstrongswan.x509.enforce_critical parameter
Andreas Steffen [Sat, 5 Feb 2011 08:01:18 +0000 (09:01 +0100)]
introduced libstrongswan.x509.enforce_critical parameter

10 years agoversion bump to 4.5.1rc2
Andreas Steffen [Sat, 5 Feb 2011 07:59:36 +0000 (08:59 +0100)]
version bump to 4.5.1rc2

10 years agoProperly initialize variable 'critical'.
Tobias Brunner [Fri, 4 Feb 2011 17:01:47 +0000 (18:01 +0100)]
Properly initialize variable 'critical'.

10 years agomaemo: Moved package sources.
Tobias Brunner [Fri, 4 Feb 2011 17:01:10 +0000 (18:01 +0100)]
maemo: Moved package sources.

10 years agomaemo: Added Maemo specific patches for strongswan.conf.
Tobias Brunner [Fri, 4 Feb 2011 17:00:18 +0000 (18:00 +0100)]
maemo: Added Maemo specific patches for strongswan.conf.

10 years agomaemo: Use newer Debian source package format.
Tobias Brunner [Fri, 4 Feb 2011 16:59:31 +0000 (17:59 +0100)]
maemo: Use newer Debian source package format.

10 years agomaemo: Adding Makefiles to build Debian packages.
Tobias Brunner [Fri, 4 Feb 2011 16:58:55 +0000 (17:58 +0100)]
maemo: Adding Makefiles to build Debian packages.

10 years agomaemo: Move debian/ directory for applet to packages/.
Tobias Brunner [Fri, 4 Feb 2011 16:41:15 +0000 (17:41 +0100)]
maemo: Move debian/ directory for applet to packages/.

10 years agomaemo: Enable pluto and starter.
Tobias Brunner [Fri, 4 Feb 2011 11:52:40 +0000 (12:52 +0100)]
maemo: Enable pluto and starter.

10 years agomaemo: Added Maemo specific fields (including icons) to packages.
Tobias Brunner [Fri, 4 Feb 2011 11:51:53 +0000 (12:51 +0100)]
maemo: Added Maemo specific fields (including icons) to packages.

10 years agomaemo: Don't include debian files in distribution.
Tobias Brunner [Fri, 4 Feb 2011 11:50:38 +0000 (12:50 +0100)]
maemo: Don't include debian files in distribution.

10 years agomaemo: Package dependencies and descriptions changed.
Tobias Brunner [Fri, 4 Feb 2011 11:49:41 +0000 (12:49 +0100)]
maemo: Package dependencies and descriptions changed.

10 years agomaemo: Touch icon dir to trigger update event.
Tobias Brunner [Fri, 4 Feb 2011 11:39:07 +0000 (12:39 +0100)]
maemo: Touch icon dir to trigger update event.

10 years agomaemo: Listen for IKE_SA state changes insted of CHILD_SA state changes.
Tobias Brunner [Fri, 4 Feb 2011 11:36:28 +0000 (12:36 +0100)]
maemo: Listen for IKE_SA state changes insted of CHILD_SA state changes.

If the IKE_SA_INIT request fails, there is not yet a CHILD_SA that could
trigger state changes.

10 years agomaemo: Reload icons on icon theme change.
Tobias Brunner [Fri, 4 Feb 2011 11:34:26 +0000 (12:34 +0100)]
maemo: Reload icons on icon theme change.

This is also needed during the installation because the applet might be
loaded before the icons are installed (or the icon cache is refreshed).

10 years agomaemo: Adding some missing files (required by automake).
Tobias Brunner [Fri, 4 Feb 2011 11:33:22 +0000 (12:33 +0100)]
maemo: Adding some missing files (required by automake).

10 years agoReplace hashtable key if a put operation replaces value
Martin Willi [Thu, 3 Feb 2011 15:58:12 +0000 (16:58 +0100)]
Replace hashtable key if a put operation replaces value

Fixes a crash if lifetime of key is bound to value (i.e. key == value)

10 years agoFix check to increase hashtable size properly
Martin Willi [Thu, 3 Feb 2011 15:57:39 +0000 (16:57 +0100)]
Fix check to increase hashtable size properly

10 years agoInvoke the per-round authorize() hook before purging current auth info on IKE_SA
Martin Willi [Thu, 3 Feb 2011 12:31:11 +0000 (13:31 +0100)]
Invoke the per-round authorize() hook before purging current auth info on IKE_SA

10 years agoFilter out non-matching ike_cfg in backend manager, so backends don't have to
Martin Willi [Thu, 3 Feb 2011 09:03:36 +0000 (10:03 +0100)]
Filter out non-matching ike_cfg in backend manager, so backends don't have to

10 years agodisable INITIAL_CONTACT message by setting unigueids=no
Andreas Steffen [Wed, 2 Feb 2011 14:58:34 +0000 (15:58 +0100)]
disable INITIAL_CONTACT message by setting unigueids=no

10 years agoMigrated ike_auth to INIT/METHOD macros, fixes missing initial_contact initialization
Martin Willi [Wed, 2 Feb 2011 14:13:39 +0000 (15:13 +0100)]
Migrated ike_auth to INIT/METHOD macros, fixes missing initial_contact initialization

10 years agoAccept non-encrypted INFORMATIONALs for ME connectivity checks
Martin Willi [Tue, 1 Feb 2011 08:46:32 +0000 (09:46 +0100)]
Accept non-encrypted INFORMATIONALs for ME connectivity checks

10 years agoDo not use destroyed rng/hasher if IKE_SA has been flush()ed
Martin Willi [Thu, 20 Jan 2011 09:32:37 +0000 (10:32 +0100)]
Do not use destroyed rng/hasher if IKE_SA has been flush()ed

10 years agoAdd missing AUTH_RULE for trusted self-signed peer certificates
Martin Willi [Tue, 1 Feb 2011 08:24:42 +0000 (09:24 +0100)]
Add missing AUTH_RULE for trusted self-signed peer certificates

10 years agoload constraints plugin in ikev2/multi-level-ca-pathlen scenario
Andreas Steffen [Mon, 31 Jan 2011 13:46:16 +0000 (14:46 +0100)]
load constraints plugin in ikev2/multi-level-ca-pathlen scenario

10 years agofixed checking of unknown critical extensions in openssl_x509
Andreas Steffen [Mon, 31 Jan 2011 13:37:48 +0000 (14:37 +0100)]
fixed checking of unknown critical extensions in openssl_x509

10 years agoadapted some UML timings
Andreas Steffen [Mon, 31 Jan 2011 08:38:22 +0000 (09:38 +0100)]
adapted some UML timings

10 years agomove sleep into host start if statement
Andreas Steffen [Mon, 31 Jan 2011 07:18:34 +0000 (08:18 +0100)]
move sleep into host start if statement

10 years agofixed typo
Andreas Steffen [Mon, 31 Jan 2011 07:07:28 +0000 (08:07 +0100)]
fixed typo

10 years agoadded ikev2/rw-eap-tnc-dynamic scenario
Andreas Steffen [Mon, 31 Jan 2011 06:30:41 +0000 (07:30 +0100)]
added ikev2/rw-eap-tnc-dynamic scenario

10 years agoupdated testing.conf UML configuration file
Andreas Steffen [Mon, 31 Jan 2011 04:47:39 +0000 (05:47 +0100)]
updated testing.conf UML configuration file

10 years agoadditional UML configuration options
Andreas Steffen [Mon, 31 Jan 2011 04:47:05 +0000 (05:47 +0100)]
additional UML configuration options

10 years agoversion bump to strongswan-4.5.1rc1
Andreas Steffen [Mon, 31 Jan 2011 04:39:17 +0000 (05:39 +0100)]
version bump to strongswan-4.5.1rc1

10 years agoadded tnccs_dynamic plugin and tnccs_11 refactoring to NEWS
Andreas Steffen [Mon, 31 Jan 2011 04:37:41 +0000 (05:37 +0100)]
added tnccs_dynamic plugin and tnccs_11 refactoring to NEWS

10 years agoadded comment to determine_tnccs_protocol() function
Andreas Steffen [Mon, 31 Jan 2011 04:31:22 +0000 (05:31 +0100)]
added comment to determine_tnccs_protocol() function

10 years agoimplemented dynamic detection of TNCCS protocol
Andreas Steffen [Sun, 30 Jan 2011 23:59:01 +0000 (00:59 +0100)]
implemented dynamic detection of TNCCS protocol

10 years agoDo not log potentially hundreds of cert requests for unknown CAs at level 1
Martin Willi [Thu, 27 Jan 2011 08:14:53 +0000 (09:14 +0100)]
Do not log potentially hundreds of cert requests for unknown CAs at level 1

10 years agoUse wrapped threading functions in ha plugin
Martin Willi [Thu, 20 Jan 2011 14:52:29 +0000 (15:52 +0100)]
Use wrapped threading functions in ha plugin

10 years agoLoad load-tester plugin before kernel interfaces, fixes fake_kernel option
Martin Willi [Wed, 19 Jan 2011 15:43:00 +0000 (16:43 +0100)]
Load load-tester plugin before kernel interfaces, fixes fake_kernel option

10 years agoIncrease tls_writer buffer by at least 4 bytes
Martin Willi [Wed, 19 Jan 2011 13:41:59 +0000 (14:41 +0100)]
Increase tls_writer buffer by at least 4 bytes

10 years agoFix potential use after free
Thomas Egerer [Tue, 18 Jan 2011 14:59:35 +0000 (15:59 +0100)]
Fix potential use after free

10 years agoWhitelist gnutls init function
Martin Willi [Mon, 17 Jan 2011 12:32:45 +0000 (13:32 +0100)]
Whitelist gnutls init function

10 years agoImplemented an alternative HTTP fetcher based on libsoup
Martin Willi [Mon, 17 Jan 2011 12:27:18 +0000 (13:27 +0100)]
Implemented an alternative HTTP fetcher based on libsoup

10 years agoAdded simple fetcher tool to test fetcher implementations
Martin Willi [Mon, 17 Jan 2011 12:26:12 +0000 (13:26 +0100)]
Added simple fetcher tool to test fetcher implementations

10 years agobacktrace->contains_function takes multiple names, speeding up whitelist check drasti...
Martin Willi [Mon, 17 Jan 2011 12:23:57 +0000 (13:23 +0100)]
backtrace->contains_function takes multiple names, speeding up whitelist check drastically

10 years agoAdd some common glib non-leaks to whitelist
Martin Willi [Mon, 17 Jan 2011 12:23:00 +0000 (13:23 +0100)]
Add some common glib non-leaks to whitelist

10 years agoAdd missing va_end to va_start in curl_fetcher
Martin Willi [Mon, 17 Jan 2011 12:21:35 +0000 (13:21 +0100)]
Add missing va_end to va_start in curl_fetcher

10 years agoDo not pass an enum type to va_arg
Martin Willi [Mon, 17 Jan 2011 12:21:12 +0000 (13:21 +0100)]
Do not pass an enum type to va_arg

10 years agoUse newer Linux capability native API, if available
Martin Willi [Sat, 15 Jan 2011 15:24:58 +0000 (16:24 +0100)]
Use newer Linux capability native API, if available

10 years agoDo not install config files with user/group, as it might not exist on build machine
Martin Willi [Sat, 15 Jan 2011 15:24:19 +0000 (16:24 +0100)]
Do not install config files with user/group, as it might not exist on build machine

10 years agoCompare ending address in ts->equals, fixes redundant traffic selector elimination
Martin Willi [Fri, 14 Jan 2011 12:22:19 +0000 (13:22 +0100)]
Compare ending address in ts->equals, fixes redundant traffic selector elimination

10 years agoRevert "Send INITIAL_CONTACT even if we have a unique policy"
Martin Willi [Thu, 13 Jan 2011 09:50:46 +0000 (10:50 +0100)]
Revert "Send INITIAL_CONTACT even if we have a unique policy"

It makes sense to omit INITIAL_CONTACT if don't have a unique policy,
as a client might want to connect from different devices to the same
account.

This reverts commit 719c33b41a1f9fe9b2585df3e7aa804a760c361c.

10 years agoFixed memory cleanup if no DHCP transaction found for an OFFER
Martin Willi [Wed, 12 Jan 2011 14:17:08 +0000 (15:17 +0100)]
Fixed memory cleanup if no DHCP transaction found for an OFFER

10 years agoForce port update as responder when initiator switches to 4500 in IKE_AUTH
Martin Willi [Wed, 12 Jan 2011 12:54:46 +0000 (13:54 +0100)]
Force port update as responder when initiator switches to 4500 in IKE_AUTH

10 years agoAvoid variable name overloading
Martin Willi [Wed, 12 Jan 2011 12:54:13 +0000 (13:54 +0100)]
Avoid variable name overloading

10 years agoterminate TNCCS 1.1 connection after sending recommendation
Andreas Steffen [Mon, 10 Jan 2011 06:22:02 +0000 (07:22 +0100)]
terminate TNCCS 1.1 connection after sending recommendation

10 years agofixed XML syntax for TNCCS-Recommendation messages
Andreas Steffen [Mon, 10 Jan 2011 06:21:03 +0000 (07:21 +0100)]
fixed XML syntax for TNCCS-Recommendation messages

10 years agoimplemented check_and_build_recommendation()
Andreas Steffen [Mon, 10 Jan 2011 05:46:17 +0000 (06:46 +0100)]
implemented check_and_build_recommendation()

10 years agocorrect numbering of batches
Andreas Steffen [Mon, 10 Jan 2011 04:08:48 +0000 (05:08 +0100)]
correct numbering of batches

10 years agoinitialize the reference count correctly
Andreas Steffen [Mon, 10 Jan 2011 04:08:07 +0000 (05:08 +0100)]
initialize the reference count correctly

10 years agohandle zero size Base64 conversions
Andreas Steffen [Mon, 10 Jan 2011 04:06:59 +0000 (05:06 +0100)]
handle zero size Base64 conversions

10 years agocommunicate DELETE state to IMCs and IMVs
Andreas Steffen [Sun, 9 Jan 2011 22:27:43 +0000 (23:27 +0100)]
communicate DELETE state to IMCs and IMVs

10 years agoSend INITIAL_CONTACT even if we have a unique policy
Martin Willi [Mon, 10 Jan 2011 10:54:10 +0000 (11:54 +0100)]
Send INITIAL_CONTACT even if we have a unique policy

10 years agoimplemented parsing of TNCCS 1.1 messages
Andreas Steffen [Sun, 9 Jan 2011 09:00:54 +0000 (10:00 +0100)]
implemented parsing of TNCCS 1.1 messages

10 years agosend notifyConnectionChange() to IMCs
Andreas Steffen [Sun, 9 Jan 2011 09:00:13 +0000 (10:00 +0100)]
send notifyConnectionChange() to IMCs

10 years agosuiteb directory hasn't been moved to Master yet
Andreas Steffen [Sat, 8 Jan 2011 01:17:14 +0000 (02:17 +0100)]
suiteb directory hasn't been moved to Master yet

10 years agogenerate TNCCS-Error messages
Andreas Steffen [Sat, 8 Jan 2011 01:16:14 +0000 (02:16 +0100)]
generate TNCCS-Error messages

10 years agocreated process() method for TNCCS messages
Andreas Steffen [Sat, 8 Jan 2011 01:15:10 +0000 (02:15 +0100)]
created process() method for TNCCS messages