strongswan.git
14 years agofixed auxillary message data parsing for IPV6 socket
Martin Willi [Mon, 9 Oct 2006 12:28:43 +0000 (12:28 -0000)]
fixed auxillary message data parsing for IPV6 socket
using SOL_* constants for socket level

14 years agofixed IPV6_PKTINFO setsockopt() to work with most kernel headers
Martin Willi [Mon, 9 Oct 2006 12:14:56 +0000 (12:14 -0000)]
fixed IPV6_PKTINFO setsockopt() to work with most kernel headers
replaced strerror(errno) with %m printf specifier

14 years agoadded stronger certs for moon, carol, and dave
Andreas Steffen [Mon, 9 Oct 2006 08:25:20 +0000 (08:25 -0000)]
added stronger certs for moon, carol, and dave

14 years agoadded IPv6 hw and multicast addresses
Andreas Steffen [Mon, 9 Oct 2006 08:24:49 +0000 (08:24 -0000)]
added IPv6 hw and multicast addresses

14 years agoadapted to new tcpdump ipv6 output
Andreas Steffen [Mon, 9 Oct 2006 08:23:38 +0000 (08:23 -0000)]
adapted to new tcpdump ipv6 output

14 years agomulti-level-ca scenarios use unencrypted private key
Andreas Steffen [Mon, 9 Oct 2006 08:23:11 +0000 (08:23 -0000)]
multi-level-ca scenarios use unencrypted private key

14 years agoadded scenario
Andreas Steffen [Mon, 9 Oct 2006 08:20:01 +0000 (08:20 -0000)]
added scenario

14 years agofixed timing
Andreas Steffen [Fri, 6 Oct 2006 07:57:25 +0000 (07:57 -0000)]
fixed timing

14 years agonew gentoo root file system
Andreas Steffen [Fri, 6 Oct 2006 07:54:07 +0000 (07:54 -0000)]
new gentoo root file system

14 years agofixed bug with openldap 2.3
Andreas Steffen [Fri, 6 Oct 2006 07:48:24 +0000 (07:48 -0000)]
fixed bug with openldap 2.3

14 years agoremoved ipsec.conf version information
Andreas Steffen [Fri, 6 Oct 2006 07:47:11 +0000 (07:47 -0000)]
removed ipsec.conf version information

14 years agocarolKey.pem is now protected by 3DES passphrase
Andreas Steffen [Fri, 6 Oct 2006 07:45:42 +0000 (07:45 -0000)]
carolKey.pem is now protected by 3DES passphrase

14 years agoupdated net runlevel scripts
Andreas Steffen [Fri, 6 Oct 2006 07:43:31 +0000 (07:43 -0000)]
updated net runlevel scripts

14 years agoupdated net init scripts
Andreas Steffen [Fri, 6 Oct 2006 07:42:17 +0000 (07:42 -0000)]
updated net init scripts

14 years agonew net configuration format
Andreas Steffen [Fri, 6 Oct 2006 07:40:39 +0000 (07:40 -0000)]
new net configuration format

14 years agoHW addresses must be predefined
Andreas Steffen [Fri, 6 Oct 2006 07:32:02 +0000 (07:32 -0000)]
HW addresses must be predefined

14 years agocosmetics
Andreas Steffen [Fri, 6 Oct 2006 07:24:41 +0000 (07:24 -0000)]
cosmetics

14 years agoadded USE_LIBCURL
Andreas Steffen [Fri, 6 Oct 2006 07:24:05 +0000 (07:24 -0000)]
added USE_LIBCURL

14 years agocosmetics
Andreas Steffen [Fri, 6 Oct 2006 07:23:39 +0000 (07:23 -0000)]
cosmetics

14 years agofound libraries are not appended to LIBS anymore
Andreas Steffen [Fri, 6 Oct 2006 07:22:38 +0000 (07:22 -0000)]
found libraries are not appended to LIBS anymore

14 years agoversion bump to 4.0.5
Andreas Steffen [Tue, 3 Oct 2006 06:52:31 +0000 (06:52 -0000)]
version bump to 4.0.5

14 years agofixed DPD to survive IKE_SA rekeying
Martin Willi [Thu, 28 Sep 2006 06:57:46 +0000 (06:57 -0000)]
fixed DPD to survive IKE_SA rekeying

14 years ago(no commit message)
Martin Willi [Wed, 27 Sep 2006 14:15:49 +0000 (14:15 -0000)]

14 years agointroduced printf() specifiers for:
Martin Willi [Wed, 27 Sep 2006 14:14:44 +0000 (14:14 -0000)]
introduced printf() specifiers for:
  host_t (%H)
  identification_t (%D)
  chunk pointers (%B)
  memory pointer/length (%b)
added a signaling bus:
  receives event and debug messages, sends them to its listeners
  stream_logger, sys_logger, file_logger added, listen to bus
some other tweaks here and there

14 years agoadded often used RFCs and drafts
Martin Willi [Wed, 27 Sep 2006 14:10:32 +0000 (14:10 -0000)]
added often used RFCs and drafts

14 years agoDES for private key encryption is not supported
Andreas Steffen [Mon, 25 Sep 2006 07:31:02 +0000 (07:31 -0000)]
DES for private key encryption is not supported

14 years agoupdated NEWS and ChangeLog for 4.0.4 release
Martin Willi [Mon, 25 Sep 2006 07:26:16 +0000 (07:26 -0000)]
updated NEWS and ChangeLog for 4.0.4 release

14 years agofixed retransmission policy for responder
Martin Willi [Mon, 25 Sep 2006 07:24:08 +0000 (07:24 -0000)]
fixed retransmission policy for responder

14 years agofixed dpd for responder
Martin Willi [Mon, 25 Sep 2006 06:38:58 +0000 (06:38 -0000)]
fixed dpd for responder

14 years agoadded ID_ANY check to matches_binary()
Andreas Steffen [Mon, 25 Sep 2006 06:19:40 +0000 (06:19 -0000)]
added ID_ANY check to matches_binary()

14 years agoreplaced 'missing value' warning by zero length chunk_t value
Andreas Steffen [Mon, 25 Sep 2006 06:18:45 +0000 (06:18 -0000)]
replaced 'missing value' warning by zero length chunk_t value

14 years agodefined maximum hash size
Andreas Steffen [Mon, 25 Sep 2006 06:15:57 +0000 (06:15 -0000)]
defined maximum hash size

14 years agosupport of AES-192-CBC private key encryption
Andreas Steffen [Mon, 25 Sep 2006 06:13:21 +0000 (06:13 -0000)]
support of AES-192-CBC private key encryption

14 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 06:12:22 +0000 (06:12 -0000)]
added hostaccess support

14 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 06:11:36 +0000 (06:11 -0000)]
added hostaccess support

14 years agomoved auth_method to policy
Andreas Steffen [Mon, 25 Sep 2006 06:11:09 +0000 (06:11 -0000)]
moved auth_method to policy

14 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 06:10:28 +0000 (06:10 -0000)]
added hostaccess support

14 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 06:10:02 +0000 (06:10 -0000)]
added hostaccess support

14 years agomore consistent authentication logging
Andreas Steffen [Mon, 25 Sep 2006 05:59:38 +0000 (05:59 -0000)]
more consistent authentication logging

14 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 05:58:45 +0000 (05:58 -0000)]
added hostaccess support

14 years agomoved auth_method to policy
Andreas Steffen [Mon, 25 Sep 2006 05:52:50 +0000 (05:52 -0000)]
moved auth_method to policy

14 years agomoved auth_method to policy
Andreas Steffen [Mon, 25 Sep 2006 05:52:13 +0000 (05:52 -0000)]
moved auth_method to policy

14 years agoadded hostaccess support; moved auth_method to policy
Andreas Steffen [Mon, 25 Sep 2006 05:51:16 +0000 (05:51 -0000)]
added hostaccess support; moved auth_method to policy

14 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 05:49:36 +0000 (05:49 -0000)]
added hostaccess support

14 years agoadded hostaccess support
Andreas Steffen [Mon, 25 Sep 2006 05:46:56 +0000 (05:46 -0000)]
added hostaccess support

14 years agoadded new test scenarios
Andreas Steffen [Mon, 25 Sep 2006 05:42:13 +0000 (05:42 -0000)]
added new test scenarios

14 years agofixed some compiler warnings 4.0.4
Martin Willi [Thu, 21 Sep 2006 09:17:13 +0000 (09:17 -0000)]
fixed some compiler warnings

14 years agoextended statusall output
Martin Willi [Thu, 21 Sep 2006 07:03:21 +0000 (07:03 -0000)]
extended statusall output
  added job/event-queue statistics
  added allocation statistics when using LEAK_DETECTIVE

14 years agofixed include typo
Martin Willi [Thu, 21 Sep 2006 05:55:07 +0000 (05:55 -0000)]
fixed include typo

14 years agopublic declaration of all HASH_SIZEs in hasher.h
Martin Willi [Wed, 20 Sep 2006 06:45:19 +0000 (06:45 -0000)]
public declaration of all HASH_SIZEs in hasher.h

14 years agosupport of encrypted private key files
Andreas Steffen [Wed, 20 Sep 2006 05:48:54 +0000 (05:48 -0000)]
support of encrypted private key files

14 years agosupport of encrypted private key files
Andreas Steffen [Wed, 20 Sep 2006 05:48:27 +0000 (05:48 -0000)]
support of encrypted private key files

14 years agoadded copyright notice to sha2_hasher
Martin Willi [Tue, 19 Sep 2006 14:54:01 +0000 (14:54 -0000)]
added copyright notice to sha2_hasher
included SHA2 in build process

14 years agoimplemented sha2_hasher which supports SHA-256, SHA-384 and SHA-512
Martin Willi [Tue, 19 Sep 2006 14:49:47 +0000 (14:49 -0000)]
implemented sha2_hasher which supports SHA-256, SHA-384 and SHA-512

14 years agoadded support for 3DES encryption algorithm in IKE
Martin Willi [Tue, 19 Sep 2006 11:18:35 +0000 (11:18 -0000)]
added support for 3DES encryption algorithm in IKE

14 years agofixed the ids parsing bug
Andreas Steffen [Tue, 19 Sep 2006 06:17:06 +0000 (06:17 -0000)]
fixed the ids parsing bug

14 years agofixed the ids parsing bug
Andreas Steffen [Tue, 19 Sep 2006 06:16:48 +0000 (06:16 -0000)]
fixed the ids parsing bug

14 years agoupdated TODOs
Martin Willi [Mon, 18 Sep 2006 11:41:04 +0000 (11:41 -0000)]
updated TODOs

14 years agofixed memleak
Martin Willi [Mon, 18 Sep 2006 11:39:53 +0000 (11:39 -0000)]
fixed memleak
fixed proper handling of id parsing errors
proper return value when no PSK found

14 years agoadded HOST_ACCESS for firewall script as default
Martin Willi [Mon, 18 Sep 2006 11:38:37 +0000 (11:38 -0000)]
added HOST_ACCESS for firewall script as default

14 years agomore debugging output for PSK authentication
Martin Willi [Mon, 18 Sep 2006 11:38:11 +0000 (11:38 -0000)]
more debugging output for PSK authentication

14 years agosome cleanups here and there
Martin Willi [Mon, 18 Sep 2006 11:37:40 +0000 (11:37 -0000)]
some cleanups here and there

14 years agoadded auth_method field
Andreas Steffen [Mon, 18 Sep 2006 07:46:16 +0000 (07:46 -0000)]
added auth_method field

14 years agoadded auth_method field
Andreas Steffen [Mon, 18 Sep 2006 07:45:16 +0000 (07:45 -0000)]
added auth_method field

14 years agocosmetics
Andreas Steffen [Mon, 18 Sep 2006 07:44:41 +0000 (07:44 -0000)]
cosmetics

14 years agoverify_emsa_pkcs1_signature returns status_t
Andreas Steffen [Mon, 18 Sep 2006 07:44:16 +0000 (07:44 -0000)]
verify_emsa_pkcs1_signature returns status_t

14 years agocosmetics
Andreas Steffen [Mon, 18 Sep 2006 07:43:44 +0000 (07:43 -0000)]
cosmetics

14 years agoadded PSK support
Andreas Steffen [Mon, 18 Sep 2006 07:42:57 +0000 (07:42 -0000)]
added PSK support

14 years agoenabled firewall support
Andreas Steffen [Mon, 18 Sep 2006 07:41:54 +0000 (07:41 -0000)]
enabled firewall support

14 years agoadded
Andreas Steffen [Mon, 18 Sep 2006 07:41:22 +0000 (07:41 -0000)]
added

14 years agoadded
Andreas Steffen [Mon, 18 Sep 2006 07:41:09 +0000 (07:41 -0000)]
added

14 years agoadded
Andreas Steffen [Mon, 18 Sep 2006 07:40:37 +0000 (07:40 -0000)]
added

14 years agoproper error handling for socket creation
Martin Willi [Mon, 18 Sep 2006 06:44:38 +0000 (06:44 -0000)]
proper error handling for socket creation

14 years agohandle certificate parsing error more generous
Martin Willi [Thu, 14 Sep 2006 13:14:58 +0000 (13:14 -0000)]
handle certificate parsing error more generous

14 years agofixed certificate verification bug!
Martin Willi [Thu, 14 Sep 2006 12:22:08 +0000 (12:22 -0000)]
fixed certificate verification bug!

14 years agofixed memleak when receiving invalid certificate
Martin Willi [Thu, 14 Sep 2006 12:15:41 +0000 (12:15 -0000)]
fixed memleak when receiving invalid certificate

14 years agoversion bump to 4.0.4
Andreas Steffen [Thu, 14 Sep 2006 06:47:21 +0000 (06:47 -0000)]
version bump to 4.0.4

14 years agoversion bump to 4.0.4
Andreas Steffen [Thu, 14 Sep 2006 06:45:16 +0000 (06:45 -0000)]
version bump to 4.0.4

14 years agotwo new test scenarios
Andreas Steffen [Thu, 14 Sep 2006 06:39:14 +0000 (06:39 -0000)]
two new test scenarios

14 years agofixed path to images directory
Andreas Steffen [Thu, 14 Sep 2006 06:38:50 +0000 (06:38 -0000)]
fixed path to images directory

14 years agoimplemented updown script to handle firewalling
Martin Willi [Tue, 12 Sep 2006 13:50:14 +0000 (13:50 -0000)]
implemented updown script to handle firewalling

14 years agoadd priority management for kernel policy
Martin Willi [Fri, 8 Sep 2006 13:10:52 +0000 (13:10 -0000)]
add priority management for kernel policy
let ROUTED policies installed, until manuall removed
introduced new naming scheme to allow proper shutdown of IKE/CHILD_SAs
ike_sa_manager cleanups

14 years agoimplemented handling of dpdaction and dpddelay ipsec.conf parameters
Martin Willi [Fri, 8 Sep 2006 06:12:02 +0000 (06:12 -0000)]
implemented handling of dpdaction and dpddelay ipsec.conf parameters

14 years agoreuse reqid when a ROUTED child_sa gets INSTALLED
Martin Willi [Tue, 5 Sep 2006 14:07:25 +0000 (14:07 -0000)]
reuse reqid when a ROUTED child_sa gets INSTALLED
fixed a bug in retransmission code
added support for the "keyingtries" ipsec.conf parameter
added support for the "dpddelay" ipsec.conf parameter
done some work for "dpdaction" behavior
some other cleanups and fixes

14 years agofixed a at-least-one-year-old bug which caused crashed in the scheduler
Martin Willi [Thu, 31 Aug 2006 06:48:10 +0000 (06:48 -0000)]
fixed a at-least-one-year-old bug which caused crashed in the scheduler

14 years agoadded raw socket filter for IPv6
Martin Willi [Thu, 31 Aug 2006 06:18:15 +0000 (06:18 -0000)]
added raw socket filter for IPv6

14 years agoimplemented NAT detection for IPv6
Martin Willi [Thu, 31 Aug 2006 06:17:41 +0000 (06:17 -0000)]
implemented NAT detection for IPv6

14 years agoremoved unneeded constructor
Martin Willi [Thu, 31 Aug 2006 06:16:52 +0000 (06:16 -0000)]
removed unneeded constructor

14 years agoinitial support for IPv6 (more testing needed)
Martin Willi [Wed, 30 Aug 2006 17:12:56 +0000 (17:12 -0000)]
initial support for IPv6 (more testing needed)
  socket works (without v6 filter)
  traffic selector handle IPv4/v4 cleanly
    improvements in traffic selector code
  kernel interface accepts v6 traffic selectors and hosts
  host_t class has full IPv6 support

14 years agoadded stddef.h include for compilers which do not support the offsetof() directive
Martin Willi [Mon, 28 Aug 2006 09:02:51 +0000 (09:02 -0000)]
added stddef.h include for compilers which do not support the offsetof() directive

14 years agomoved interface enumeration code to socket, where it belongs
Martin Willi [Mon, 28 Aug 2006 08:45:22 +0000 (08:45 -0000)]
moved interface enumeration code to socket, where it belongs
query interfaces every time we need it to respect changes in network config
added address listing on startup and "ipsec statusall"

14 years agoversion bump of UML kernel to 2.6.17.11
Andreas Steffen [Fri, 25 Aug 2006 09:25:12 +0000 (09:25 -0000)]
version bump of UML kernel to 2.6.17.11

14 years agofixed crash bug when doing "ipsec down" with an unknown connection
Martin Willi [Fri, 25 Aug 2006 09:19:42 +0000 (09:19 -0000)]
fixed crash bug when doing "ipsec down" with an unknown connection

14 years agoadded name property in CHILD_SA, allows proper status output
Martin Willi [Fri, 25 Aug 2006 09:07:37 +0000 (09:07 -0000)]
added name property in CHILD_SA, allows proper status output

14 years ago(no commit message)
Martin Willi [Fri, 25 Aug 2006 07:42:48 +0000 (07:42 -0000)]

14 years agofixed bug which prevented port float when nat is detected
Martin Willi [Fri, 25 Aug 2006 07:37:22 +0000 (07:37 -0000)]
fixed bug which prevented port float when nat is detected

14 years agoversion bumps
Andreas Steffen [Fri, 25 Aug 2006 07:30:29 +0000 (07:30 -0000)]
version bumps

14 years ago'sha' and 'sha1' are now treated as synonyms
Andreas Steffen [Wed, 23 Aug 2006 12:07:15 +0000 (12:07 -0000)]
'sha' and 'sha1' are now treated as synonyms

14 years ago'sha' and 'sha1' are now treated as synonyms
Andreas Steffen [Wed, 23 Aug 2006 12:07:07 +0000 (12:07 -0000)]
'sha' and 'sha1' are now treated as synonyms

14 years agoupdated Changelog and other docs
Martin Willi [Wed, 23 Aug 2006 11:48:33 +0000 (11:48 -0000)]
updated Changelog and other docs