strongswan.git
13 years agoremoved in favour of tests from NAT team
Martin Willi [Thu, 13 Jul 2006 12:00:36 +0000 (12:00 -0000)]
removed in favour of tests from NAT team

13 years agofixed CREATE_CHILD_SA transaction dispatching
Martin Willi [Thu, 13 Jul 2006 08:51:24 +0000 (08:51 -0000)]
fixed CREATE_CHILD_SA transaction dispatching

13 years agoadded CHILD_SA states, which allows us to detect further simultaneous transactions
Martin Willi [Thu, 13 Jul 2006 08:26:54 +0000 (08:26 -0000)]
added CHILD_SA states, which allows us to detect further simultaneous transactions
reimplemented the buggy message id handling

13 years agoupdated some inline docs
Martin Willi [Wed, 12 Jul 2006 14:08:52 +0000 (14:08 -0000)]
updated some inline docs

13 years agofixed crypter/signer in/out to conform with standard
Martin Willi [Wed, 12 Jul 2006 14:08:13 +0000 (14:08 -0000)]
fixed crypter/signer in/out to conform with standard

13 years agofixed payload order
Martin Willi [Wed, 12 Jul 2006 14:07:30 +0000 (14:07 -0000)]
fixed payload order

13 years agoadded message id logging
Martin Willi [Wed, 12 Jul 2006 14:06:25 +0000 (14:06 -0000)]
added message id logging

13 years agoadded all currently known notify payload types
Martin Willi [Wed, 12 Jul 2006 14:05:57 +0000 (14:05 -0000)]
added all currently known notify payload types

13 years agoadded policy cache to kernel interface
Martin Willi [Wed, 12 Jul 2006 11:42:36 +0000 (11:42 -0000)]
added policy cache to kernel interface
allows refcounting of multiple installed policies
finally brings us stable simultaneous rekeying

13 years agoleak detective blanks memory on free & alloc, allows further membug detection
Martin Willi [Wed, 12 Jul 2006 11:15:31 +0000 (11:15 -0000)]
leak detective blanks memory on free & alloc, allows further membug detection

13 years agocode cleanups
Martin Willi [Wed, 12 Jul 2006 11:13:48 +0000 (11:13 -0000)]
code cleanups

13 years agoidentification_t.matches() supports multiple wildcard counts
Andreas Steffen [Tue, 11 Jul 2006 06:12:45 +0000 (06:12 -0000)]
identification_t.matches() supports multiple wildcard counts

13 years agoidentification_t.matches() supports multiple wildcard counts
Andreas Steffen [Tue, 11 Jul 2006 06:11:59 +0000 (06:11 -0000)]
identification_t.matches() supports multiple wildcard counts

13 years agofurther work done for simultaneous rekeying/delete
Martin Willi [Mon, 10 Jul 2006 14:24:04 +0000 (14:24 -0000)]
further work done for simultaneous rekeying/delete
still some cases which cause trouble

13 years agofixed compiler warnings in parser when using -O2
Martin Willi [Fri, 7 Jul 2006 12:48:27 +0000 (12:48 -0000)]
fixed compiler warnings in parser when using -O2

13 years agoreenabled check_expiry
Martin Willi [Fri, 7 Jul 2006 12:25:25 +0000 (12:25 -0000)]
reenabled check_expiry

13 years agoupdated copyright information
Martin Willi [Fri, 7 Jul 2006 08:49:06 +0000 (08:49 -0000)]
updated copyright information

13 years agoreimplemented CHILD_SA rekeying & delete
Martin Willi [Fri, 7 Jul 2006 07:04:07 +0000 (07:04 -0000)]
reimplemented CHILD_SA rekeying & delete
no simultanous transaction with CHILD_SAs yet!

13 years agoremoved NAT_TRAVERSAL and VIRTUAL_IP compile options
Andreas Steffen [Fri, 7 Jul 2006 05:51:54 +0000 (05:51 -0000)]
removed NAT_TRAVERSAL and VIRTUAL_IP compile options

13 years agoremoved NAT_TRAVERSAL compile option
Andreas Steffen [Fri, 7 Jul 2006 05:51:20 +0000 (05:51 -0000)]
removed NAT_TRAVERSAL compile option

13 years agoremoved NAT_TRAVERSAL and VIRTUAL_IP compile options
Andreas Steffen [Fri, 7 Jul 2006 05:50:02 +0000 (05:50 -0000)]
removed NAT_TRAVERSAL and VIRTUAL_IP compile options

13 years agoadded
Andreas Steffen [Fri, 7 Jul 2006 05:44:45 +0000 (05:44 -0000)]
added

13 years agoupdated NEWS
Martin Willi [Wed, 5 Jul 2006 14:13:45 +0000 (14:13 -0000)]
updated NEWS

13 years agoadded support for leftprotoport and rightprotoport
Martin Willi [Wed, 5 Jul 2006 13:13:07 +0000 (13:13 -0000)]
added support for leftprotoport and rightprotoport

13 years agoimproved CHILD_SA output for "ipsec statusall"
Martin Willi [Wed, 5 Jul 2006 13:11:55 +0000 (13:11 -0000)]
improved CHILD_SA output for "ipsec statusall"

13 years agoupdated whitelist (getprotobynumber)
Martin Willi [Wed, 5 Jul 2006 13:10:47 +0000 (13:10 -0000)]
updated whitelist (getprotobynumber)

13 years agoredesigned IKE_SA using a transaction mechanism:
Martin Willi [Wed, 5 Jul 2006 10:53:20 +0000 (10:53 -0000)]
redesigned IKE_SA using a transaction mechanism:
  removed old state machine
  reimplemented IKE_SA setup and delete
  implemented dead peer detection
  implemented keep-alives
  a lot of fixes
  no rekeying yet

13 years agofixed compiler warnings
Martin Willi [Wed, 5 Jul 2006 10:09:42 +0000 (10:09 -0000)]
fixed compiler warnings

13 years agomade thread ids unsigned again, to avoid negative thread ids on some systems
Martin Willi [Tue, 4 Jul 2006 13:30:49 +0000 (13:30 -0000)]
made thread ids unsigned again, to avoid negative thread ids on some systems

13 years agofixed memleak when initiating a connection already up
Martin Willi [Tue, 4 Jul 2006 13:29:16 +0000 (13:29 -0000)]
fixed memleak when initiating a connection already up

13 years agoupdated leak detective whitelist
Martin Willi [Tue, 4 Jul 2006 13:26:20 +0000 (13:26 -0000)]
updated leak detective whitelist

13 years agoapplied latest NATT patch with some fixes and cleanups
Martin Willi [Tue, 4 Jul 2006 13:25:00 +0000 (13:25 -0000)]
applied latest NATT patch with some fixes and cleanups

13 years agotest currently without firewall
Andreas Steffen [Tue, 4 Jul 2006 06:54:53 +0000 (06:54 -0000)]
test currently without firewall

13 years agoadded
Andreas Steffen [Tue, 4 Jul 2006 06:51:58 +0000 (06:51 -0000)]
added

13 years agoadded
Andreas Steffen [Tue, 4 Jul 2006 06:13:54 +0000 (06:13 -0000)]
added

13 years agoadded
Andreas Steffen [Tue, 4 Jul 2006 06:13:33 +0000 (06:13 -0000)]
added

13 years agoremoved
Andreas Steffen [Tue, 4 Jul 2006 06:13:07 +0000 (06:13 -0000)]
removed

13 years agoremoved version information from ipsec.conf
Andreas Steffen [Tue, 4 Jul 2006 06:12:10 +0000 (06:12 -0000)]
removed version information from ipsec.conf

13 years agolog entries start with lowcercase character
Andreas Steffen [Tue, 4 Jul 2006 06:11:35 +0000 (06:11 -0000)]
log entries start with lowcercase character

13 years agorestored lost IKEv2 packet suppression
Andreas Steffen [Mon, 3 Jul 2006 14:39:57 +0000 (14:39 -0000)]
restored lost IKEv2 packet suppression

13 years agoadded USE_LEAK_DETECTIVE option
Andreas Steffen [Mon, 3 Jul 2006 08:36:47 +0000 (08:36 -0000)]
added USE_LEAK_DETECTIVE option

13 years agofixed natd_hash memory leak
Andreas Steffen [Mon, 3 Jul 2006 08:34:34 +0000 (08:34 -0000)]
fixed natd_hash memory leak

13 years agotests with subdirectory structure
Andreas Steffen [Mon, 3 Jul 2006 07:11:30 +0000 (07:11 -0000)]
tests with subdirectory structure

13 years agoremoved tests
Andreas Steffen [Mon, 3 Jul 2006 07:10:25 +0000 (07:10 -0000)]
removed tests

13 years agointroduced subdirectory structure
Andreas Steffen [Mon, 3 Jul 2006 07:10:17 +0000 (07:10 -0000)]
introduced subdirectory structure

13 years agosupport of cert payloads
Andreas Steffen [Mon, 3 Jul 2006 06:27:45 +0000 (06:27 -0000)]
support of cert payloads

13 years agolowercase log entries
Andreas Steffen [Mon, 3 Jul 2006 06:26:06 +0000 (06:26 -0000)]
lowercase log entries

13 years agodistributed by ITA
Andreas Steffen [Mon, 3 Jul 2006 06:24:54 +0000 (06:24 -0000)]
distributed by ITA

13 years agoadded support of updown parameter
Andreas Steffen [Mon, 3 Jul 2006 06:22:43 +0000 (06:22 -0000)]
added support of updown parameter

13 years agogeneration of default key
Andreas Steffen [Mon, 3 Jul 2006 06:21:56 +0000 (06:21 -0000)]
generation of default key

13 years agocosmetics
Andreas Steffen [Mon, 3 Jul 2006 06:21:40 +0000 (06:21 -0000)]
cosmetics

13 years agoadded support of updown parameter
Andreas Steffen [Mon, 3 Jul 2006 06:21:14 +0000 (06:21 -0000)]
added support of updown parameter

13 years agoversion bump to 4.0.2
Andreas Steffen [Wed, 28 Jun 2006 11:09:14 +0000 (11:09 -0000)]
version bump to 4.0.2

13 years agoadded X.509 trust chain verification
Andreas Steffen [Tue, 27 Jun 2006 08:48:28 +0000 (08:48 -0000)]
added X.509 trust chain verification

13 years agoversion bump to 4.0.2
Andreas Steffen [Tue, 27 Jun 2006 08:47:03 +0000 (08:47 -0000)]
version bump to 4.0.2

13 years agoESP packet size changed
Andreas Steffen [Tue, 27 Jun 2006 07:08:37 +0000 (07:08 -0000)]
ESP packet size changed

13 years agofixed bad_proposal_syntax bug
Andreas Steffen [Tue, 27 Jun 2006 07:07:44 +0000 (07:07 -0000)]
fixed bad_proposal_syntax bug

13 years agoapplied new changes from NATT team
Martin Willi [Fri, 23 Jun 2006 14:02:30 +0000 (14:02 -0000)]
applied new changes from NATT team
DPD only done when no IPsec and IKE traffic processed
minor changes here and there

13 years agosome message code cleanups
Martin Willi [Fri, 23 Jun 2006 14:00:15 +0000 (14:00 -0000)]
some message code cleanups

13 years agofixed identification_t clone to apply function pointers
Martin Willi [Fri, 23 Jun 2006 13:20:17 +0000 (13:20 -0000)]
fixed identification_t clone to apply function pointers

13 years agocleaner error handling on UDP encapsultion sockopt failure
Martin Willi [Thu, 22 Jun 2006 13:05:15 +0000 (13:05 -0000)]
cleaner error handling on UDP encapsultion sockopt failure

13 years agoadded mysterious UDP encapsulation socket option to get encapsulation working
Martin Willi [Thu, 22 Jun 2006 12:57:49 +0000 (12:57 -0000)]
added mysterious UDP encapsulation socket option to get encapsulation working

13 years agofixed BAD_PROPOSAL_SYNTAX vulnerability
Andreas Steffen [Thu, 22 Jun 2006 12:16:12 +0000 (12:16 -0000)]
fixed BAD_PROPOSAL_SYNTAX vulnerability

13 years agofirst merge of NATT code
Martin Willi [Thu, 22 Jun 2006 06:36:28 +0000 (06:36 -0000)]
first merge of NATT code

13 years agofixed testing build 4.0.1
Martin Willi [Wed, 21 Jun 2006 12:58:02 +0000 (12:58 -0000)]
fixed testing build

13 years agoupdated for 4.0.1 release
Martin Willi [Wed, 21 Jun 2006 12:14:40 +0000 (12:14 -0000)]
updated for 4.0.1 release

13 years agoupdated news for 4.0.1 release
Martin Willi [Wed, 21 Jun 2006 12:11:29 +0000 (12:11 -0000)]
updated news for 4.0.1 release

13 years agofixed whitelist detection
Martin Willi [Tue, 20 Jun 2006 11:03:47 +0000 (11:03 -0000)]
fixed whitelist detection

13 years agoreworked function ignore mechanism to not-report whitelist
Martin Willi [Tue, 20 Jun 2006 10:05:56 +0000 (10:05 -0000)]
reworked function ignore mechanism to not-report whitelist
  rather than overriding functions

13 years agofixed execv call args to work when using strictcrl and syslog
Martin Willi [Tue, 20 Jun 2006 10:04:35 +0000 (10:04 -0000)]
fixed execv call args to work when using strictcrl and syslog

13 years agofixed bug: usage of already freed mem
Martin Willi [Tue, 20 Jun 2006 09:53:25 +0000 (09:53 -0000)]
fixed bug: usage of already freed mem

13 years agoreadded local_credential_store
Martin Willi [Tue, 20 Jun 2006 08:43:57 +0000 (08:43 -0000)]
readded local_credential_store
added sendcert policy to connection
some other cleanups

13 years agoimplemented rereadcrls rereadcacerts
Andreas Steffen [Tue, 20 Jun 2006 06:08:33 +0000 (06:08 -0000)]
implemented rereadcrls rereadcacerts

13 years agoimplemented rereadcrls rereadcacerts
Andreas Steffen [Tue, 20 Jun 2006 06:07:37 +0000 (06:07 -0000)]
implemented rereadcrls rereadcacerts

13 years agoimplemented rereadcrls rereadcacerts
Andreas Steffen [Tue, 20 Jun 2006 06:05:01 +0000 (06:05 -0000)]
implemented rereadcrls rereadcacerts

13 years agoremoved local_credential_store
Andreas Steffen [Tue, 20 Jun 2006 05:57:52 +0000 (05:57 -0000)]
removed local_credential_store

13 years agofixed SPI when acting as initiator of rekeying
Martin Willi [Mon, 19 Jun 2006 09:27:14 +0000 (09:27 -0000)]
fixed SPI when acting as initiator of rekeying

13 years agofixed SPI when rekeying and deleting CHILD_SAs
Martin Willi [Mon, 19 Jun 2006 08:54:19 +0000 (08:54 -0000)]
fixed SPI when rekeying and deleting CHILD_SAs

13 years agochange key derivation order to fullfill RFC
Martin Willi [Mon, 19 Jun 2006 08:11:42 +0000 (08:11 -0000)]
change key derivation order to fullfill RFC

13 years ago(no commit message)
Martin Willi [Fri, 16 Jun 2006 14:10:49 +0000 (14:10 -0000)]

13 years agoadded crl support
Andreas Steffen [Fri, 16 Jun 2006 05:55:30 +0000 (05:55 -0000)]
added crl support

13 years agoadded listcrls
Andreas Steffen [Fri, 16 Jun 2006 05:55:02 +0000 (05:55 -0000)]
added listcrls

13 years agoadded chunk_equals_or_null()
Andreas Steffen [Fri, 16 Jun 2006 05:53:47 +0000 (05:53 -0000)]
added chunk_equals_or_null()

13 years agoadded crl support
Andreas Steffen [Fri, 16 Jun 2006 05:52:52 +0000 (05:52 -0000)]
added crl support

13 years agochanged tabs from 8 to 4 spaces
Andreas Steffen [Fri, 16 Jun 2006 05:52:26 +0000 (05:52 -0000)]
changed tabs from 8 to 4 spaces

13 years agoadded crl support
Andreas Steffen [Fri, 16 Jun 2006 05:51:36 +0000 (05:51 -0000)]
added crl support

13 years agocosmetics
Andreas Steffen [Fri, 16 Jun 2006 05:51:16 +0000 (05:51 -0000)]
cosmetics

13 years agocosmetics (space)
Andreas Steffen [Fri, 16 Jun 2006 05:50:28 +0000 (05:50 -0000)]
cosmetics (space)

13 years agofixed compilation error
Martin Willi [Thu, 15 Jun 2006 13:41:06 +0000 (13:41 -0000)]
fixed compilation error

13 years agoupdated for release
Martin Willi [Thu, 15 Jun 2006 13:23:06 +0000 (13:23 -0000)]
updated for release

13 years agofixed aes code, we support now aes128, aes192, aes256 in IKE
Martin Willi [Thu, 15 Jun 2006 13:14:09 +0000 (13:14 -0000)]
fixed aes code, we support now aes128, aes192, aes256 in IKE

13 years agoadded support for "ike" and "esp" keywords
Martin Willi [Thu, 15 Jun 2006 11:09:11 +0000 (11:09 -0000)]
added support for "ike" and "esp" keywords
fixed bugs in proposal code
algorithm selection for charon works now with ipsec.conf
a lot of other fixes

13 years agoimplemented clean spi allocation behavior when using multiple proposals
Martin Willi [Thu, 15 Jun 2006 11:06:22 +0000 (11:06 -0000)]
implemented clean spi allocation behavior when using multiple proposals

13 years agofixed logleve(l) keyword typo
Martin Willi [Thu, 15 Jun 2006 11:03:41 +0000 (11:03 -0000)]
fixed logleve(l) keyword typo

13 years agohandling of "rekey=no" parameter added
Martin Willi [Thu, 15 Jun 2006 11:02:15 +0000 (11:02 -0000)]
handling of "rekey=no" parameter added

13 years agochanged default algorithms to:
Martin Willi [Thu, 15 Jun 2006 11:01:17 +0000 (11:01 -0000)]
changed default algorithms to:
  ike: aes128-sha-modp2048
  esp: aes128-sha1, 3des-md5

13 years agoadded default CRL directory path
Andreas Steffen [Wed, 14 Jun 2006 12:44:12 +0000 (12:44 -0000)]
added default CRL directory path

13 years agoadded strictcrlpolicy command line argument
Andreas Steffen [Wed, 14 Jun 2006 12:43:51 +0000 (12:43 -0000)]
added strictcrlpolicy command line argument

13 years agoadded option parsing
Andreas Steffen [Wed, 14 Jun 2006 12:42:36 +0000 (12:42 -0000)]
added option parsing

13 years agoadded local CRLs
Andreas Steffen [Wed, 14 Jun 2006 12:41:37 +0000 (12:41 -0000)]
added local CRLs