strongswan.git
11 years agoload plugins for scepclient
Andreas Steffen [Fri, 22 May 2009 08:45:32 +0000 (10:45 +0200)]
load plugins for scepclient

11 years agoload plugins for scepclient
Andreas Steffen [Fri, 22 May 2009 08:40:25 +0000 (10:40 +0200)]
load plugins for scepclient

11 years agopsk scenarios don't have to load the curl plugin
Andreas Steffen [Fri, 22 May 2009 08:35:11 +0000 (10:35 +0200)]
psk scenarios don't have to load the curl plugin

11 years agopsk scenarios don't have to load the curl plugin
Andreas Steffen [Fri, 22 May 2009 08:26:38 +0000 (10:26 +0200)]
psk scenarios don't have to load the curl plugin

11 years agolod plugins for scepclient
Andreas Steffen [Fri, 22 May 2009 08:10:31 +0000 (10:10 +0200)]
lod plugins for scepclient

11 years agopsk scenarios don't have to load the curl plugin
Andreas Steffen [Fri, 22 May 2009 07:50:53 +0000 (09:50 +0200)]
psk scenarios don't have to load the curl plugin

11 years agoload plugins for scepclient
Andreas Steffen [Fri, 22 May 2009 07:50:09 +0000 (09:50 +0200)]
load plugins for scepclient

11 years agoadded pluto's plugins in ikev1/attr-cert scenario
Andreas Steffen [Fri, 22 May 2009 07:19:08 +0000 (09:19 +0200)]
added pluto's plugins in ikev1/attr-cert scenario

11 years agouse pluto's default plugins
Andreas Steffen [Fri, 22 May 2009 07:15:51 +0000 (09:15 +0200)]
use pluto's default plugins

11 years agosome more NEWS
Andreas Steffen [Thu, 21 May 2009 18:54:45 +0000 (20:54 +0200)]
some more NEWS

11 years agoFixing IPSEC_* checks on older Linux distros.
Tobias Brunner [Thu, 21 May 2009 08:03:27 +0000 (10:03 +0200)]
Fixing IPSEC_* checks on older Linux distros.

11 years agoPortably check for IPSEC_* constants (defined in ipsec.h).
Tobias Brunner [Wed, 20 May 2009 18:15:06 +0000 (20:15 +0200)]
Portably check for IPSEC_* constants (defined in ipsec.h).

The problem is that FreeBSD defines them as #defines whereas Linux defines them as enums.

11 years agoAutomatically build (and install) the DUMM Ruby extension.
Tobias Brunner [Wed, 20 May 2009 17:34:17 +0000 (19:34 +0200)]
Automatically build (and install) the DUMM Ruby extension.

11 years agoEnable building the DUMM Ruby extension in a VPATH build.
Tobias Brunner [Wed, 20 May 2009 16:40:27 +0000 (18:40 +0200)]
Enable building the DUMM Ruby extension in a VPATH build.

11 years agoThe configure script now tries to figure out where ruby.h is located.
Tobias Brunner [Wed, 20 May 2009 12:15:14 +0000 (14:15 +0200)]
The configure script now tries to figure out where ruby.h is located.

This is required because the location depends on the architecture.

11 years agoinclude TSi/TSr of triggering packet in acquire
Martin Willi [Wed, 20 May 2009 09:44:43 +0000 (11:44 +0200)]
include TSi/TSr of triggering packet in acquire

11 years agoproperly terminate EAP authentication if EAP method fails
Martin Willi [Wed, 20 May 2009 07:24:18 +0000 (09:24 +0200)]
properly terminate EAP authentication if EAP method fails

11 years agofixed dumping of integers in generator
Martin Willi [Wed, 20 May 2009 07:03:48 +0000 (09:03 +0200)]
fixed dumping of integers in generator

11 years agoadapted IKEv2 scenarios to new crypto proposal output
Andreas Steffen [Wed, 20 May 2009 06:04:01 +0000 (08:04 +0200)]
adapted IKEv2 scenarios to new crypto proposal output

11 years agoadapted scenarios to new crypto proposal output
Andreas Steffen [Wed, 20 May 2009 05:51:25 +0000 (07:51 +0200)]
adapted scenarios to new crypto proposal output

11 years agomake signer names consistent
Andreas Steffen [Tue, 19 May 2009 20:56:14 +0000 (22:56 +0200)]
make signer names consistent

11 years agoremove ikev1/alg-sha-equals-sha1 scenario
Andreas Steffen [Tue, 19 May 2009 20:55:12 +0000 (22:55 +0200)]
remove ikev1/alg-sha-equals-sha1 scenario

11 years agosame format as IKEv1
Andreas Steffen [Tue, 19 May 2009 20:12:29 +0000 (22:12 +0200)]
same format as IKEv1

11 years agoadded lookup of ESP_NULL
Andreas Steffen [Tue, 19 May 2009 14:46:49 +0000 (16:46 +0200)]
added lookup of ESP_NULL

11 years agostatus output of 3DES_CBC without key length
Andreas Steffen [Tue, 19 May 2009 14:02:50 +0000 (16:02 +0200)]
status output of 3DES_CBC without key length

11 years agoremoved unused functions
Andreas Steffen [Tue, 19 May 2009 13:44:54 +0000 (15:44 +0200)]
removed unused functions

11 years agoadded des and default length cbc encryption algorithms
Andreas Steffen [Tue, 19 May 2009 13:44:34 +0000 (15:44 +0200)]
added des and default length cbc encryption algorithms

11 years agooutput of encryption algs with zero key length
Andreas Steffen [Tue, 19 May 2009 13:12:44 +0000 (15:12 +0200)]
output of encryption algs with zero key length

11 years agosupport of ESP AES_XCBC_96
Andreas Steffen [Tue, 19 May 2009 12:52:47 +0000 (14:52 +0200)]
support of ESP AES_XCBC_96

11 years agoadded Debian specific packaging files to NM applet
Martin Willi [Tue, 19 May 2009 12:00:23 +0000 (14:00 +0200)]
added Debian specific packaging files to NM applet

11 years agonew NM applet release 1.1.1
Martin Willi [Tue, 19 May 2009 11:58:59 +0000 (13:58 +0200)]
new NM applet release 1.1.1

11 years agofixed debug output of ah transforms
Andreas Steffen [Tue, 19 May 2009 11:32:10 +0000 (13:32 +0200)]
fixed debug output of ah transforms

11 years agofixed compiler warnings
Martin Willi [Tue, 19 May 2009 09:36:08 +0000 (11:36 +0200)]
fixed compiler warnings

11 years agoreplaced deprecated g_strcasecmp()
Martin Willi [Tue, 19 May 2009 09:35:51 +0000 (11:35 +0200)]
replaced deprecated g_strcasecmp()

11 years agoupdated build system to newer autotool/gnome conventions
Martin Willi [Tue, 19 May 2009 09:35:09 +0000 (11:35 +0200)]
updated build system to newer autotool/gnome conventions

11 years agoremoved tab
Andreas Steffen [Tue, 19 May 2009 08:05:09 +0000 (10:05 +0200)]
removed tab

11 years agostreamlined pluto alg_info debug output
Andreas Steffen [Tue, 19 May 2009 08:02:17 +0000 (10:02 +0200)]
streamlined pluto alg_info debug output

11 years agoadd _CBC to all encryption algorithms in CBC mode
Andreas Steffen [Tue, 19 May 2009 07:29:23 +0000 (09:29 +0200)]
add _CBC to all encryption algorithms in CBC mode

11 years agofixed lookup table
Andreas Steffen [Tue, 19 May 2009 07:26:56 +0000 (09:26 +0200)]
fixed lookup table

11 years agoputo uses proposal_get_token() from libstrongswan
Andreas Steffen [Tue, 19 May 2009 05:51:48 +0000 (07:51 +0200)]
puto uses proposal_get_token() from libstrongswan

11 years agomoved definition of proposal_token from proposal.c to proposal_keywords.h
Andreas Steffen [Mon, 18 May 2009 17:33:15 +0000 (19:33 +0200)]
moved definition of proposal_token from proposal.c to proposal_keywords.h

11 years agodo not write to unaligned memory in MSCHAPv2
Martin Willi [Mon, 18 May 2009 12:41:16 +0000 (14:41 +0200)]
do not write to unaligned memory in MSCHAPv2

11 years agocleanup of generator code
Martin Willi [Mon, 18 May 2009 12:06:48 +0000 (14:06 +0200)]
cleanup of generator code

11 years agoremoved unused 64-bit integer parsing rule
Martin Willi [Mon, 18 May 2009 11:36:56 +0000 (13:36 +0200)]
removed unused 64-bit integer parsing rule

11 years agodo not access unaligned words/half-words directly
Martin Willi [Mon, 18 May 2009 11:34:09 +0000 (13:34 +0200)]
do not access unaligned words/half-words directly

11 years agocleaned up parser code
Martin Willi [Mon, 18 May 2009 11:12:52 +0000 (13:12 +0200)]
cleaned up parser code

11 years agoremoved trailing spaces/tabs
Martin Willi [Mon, 18 May 2009 09:23:36 +0000 (11:23 +0200)]
removed trailing spaces/tabs

11 years agotypo
Tobias Brunner [Mon, 18 May 2009 11:04:18 +0000 (13:04 +0200)]
typo

11 years agofixed typos
Martin Willi [Mon, 18 May 2009 08:49:50 +0000 (10:49 +0200)]
fixed typos

11 years agoadded NEWS for 4.3.1
Martin Willi [Mon, 18 May 2009 07:05:30 +0000 (09:05 +0200)]
added NEWS for 4.3.1

11 years agomoved very stroke specific x509 flag handling out of core library
Martin Willi [Fri, 15 May 2009 16:15:55 +0000 (18:15 +0200)]
moved very stroke specific x509 flag handling out of core library

11 years agouse of attr and resolv-conf plugins in config-payload scenario
Andreas Steffen [Sat, 16 May 2009 09:07:29 +0000 (11:07 +0200)]
use of attr and resolv-conf plugins in config-payload scenario

11 years agoanother lease identity to be single-quoted
Andreas Steffen [Sat, 16 May 2009 09:05:15 +0000 (11:05 +0200)]
another lease identity to be single-quoted

11 years agooptimized gperf
Andreas Steffen [Fri, 15 May 2009 20:54:29 +0000 (22:54 +0200)]
optimized gperf

11 years agodidn't want to commit that
Andreas Steffen [Fri, 15 May 2009 20:47:36 +0000 (22:47 +0200)]
didn't want to commit that

11 years agomoved IKEv2 proposals and transforms to libstrongswan
Andreas Steffen [Fri, 15 May 2009 20:43:48 +0000 (22:43 +0200)]
moved IKEv2 proposals and transforms to libstrongswan

11 years agoremoved some ancient files
Andreas Steffen [Fri, 15 May 2009 19:25:21 +0000 (21:25 +0200)]
removed some ancient files

11 years agoadded OAKLEY_CAMELLIA
Andreas Steffen [Fri, 15 May 2009 19:08:43 +0000 (21:08 +0200)]
added OAKLEY_CAMELLIA

11 years agoshortened DH group names
Andreas Steffen [Fri, 15 May 2009 18:58:04 +0000 (20:58 +0200)]
shortened DH group names

11 years agooops, this was a hash_desc
Andreas Steffen [Fri, 15 May 2009 17:13:32 +0000 (19:13 +0200)]
oops, this was a hash_desc

11 years agost_okley.hash contains hash algorithm
Andreas Steffen [Fri, 15 May 2009 17:10:42 +0000 (19:10 +0200)]
st_okley.hash contains hash algorithm

11 years agoabort pluto if crypto self-test fails
Andreas Steffen [Fri, 15 May 2009 15:44:02 +0000 (17:44 +0200)]
abort pluto if crypto self-test fails

11 years agostrongswan.conf for ikev1/ikev2 scenarios
Andreas Steffen [Fri, 15 May 2009 15:27:54 +0000 (17:27 +0200)]
strongswan.conf for ikev1/ikev2 scenarios

11 years agostrongswan.conf required for ldap scenarios
Andreas Steffen [Fri, 15 May 2009 15:14:47 +0000 (17:14 +0200)]
strongswan.conf required for ldap scenarios

11 years agostrongswan.conf for exotic algorithms
Andreas Steffen [Fri, 15 May 2009 14:57:03 +0000 (16:57 +0200)]
strongswan.conf for exotic algorithms

11 years agonew default strongswan.conf for UML scenarios
Andreas Steffen [Fri, 15 May 2009 14:41:54 +0000 (16:41 +0200)]
new default strongswan.conf for UML scenarios

11 years agoIf the NM gateway certificate has the CA constraint set, we use the gateway address...
Martin Willi [Fri, 15 May 2009 14:35:14 +0000 (16:35 +0200)]
If the NM gateway certificate has the CA constraint set, we use the gateway address as its identity.

To allow the same certificate deployment for Windows 7 and NetworkManager clients,
the NM plugin now accepts CA certificates. To prevent any certificate holder
to act as a gateway, we bind the identity to the entered gateway address. The
gateways certificate therefore must contain the IP/DNS of the gateway
as subjectAltName.

11 years agoupdated glade dialog, using tooltip instead of tooltip_text
Martin Willi [Fri, 15 May 2009 14:03:40 +0000 (16:03 +0200)]
updated glade dialog, using tooltip instead of tooltip_text

11 years agoimplemented save_secrets hook to avoid crash
Martin Willi [Fri, 15 May 2009 14:02:11 +0000 (16:02 +0200)]
implemented save_secrets hook to avoid crash

11 years agocosmetics in show_debug() output
Andreas Steffen [Fri, 15 May 2009 13:57:47 +0000 (15:57 +0200)]
cosmetics in show_debug() output

11 years agolist loaded plugins in ipsec statusall
Andreas Steffen [Fri, 15 May 2009 13:57:20 +0000 (15:57 +0200)]
list loaded plugins in ipsec statusall

11 years agoadded .gitignore files to NM applet
Martin Willi [Fri, 15 May 2009 12:40:30 +0000 (14:40 +0200)]
added .gitignore files to NM applet

11 years agopluto aborts if no SHA-1 and MD5 hashers are present
Andreas Steffen [Fri, 15 May 2009 13:23:16 +0000 (15:23 +0200)]
pluto aborts if no SHA-1 and MD5 hashers are present

11 years agoregister hash functions instead of prfs
Andreas Steffen [Fri, 15 May 2009 12:58:37 +0000 (14:58 +0200)]
register hash functions instead of prfs

11 years agodocumented the idea behind the current implementation of the scheduler
Tobias Brunner [Fri, 15 May 2009 12:41:41 +0000 (14:41 +0200)]
documented the idea behind the current implementation of the scheduler

11 years agodisable crypto self-test
Andreas Steffen [Fri, 15 May 2009 12:39:42 +0000 (14:39 +0200)]
disable crypto self-test

11 years agofixed fatal typo
Andreas Steffen [Fri, 15 May 2009 12:17:05 +0000 (14:17 +0200)]
fixed fatal typo

11 years agocleaned up pluto's IKE alg descriptors
Andreas Steffen [Fri, 15 May 2009 12:07:50 +0000 (14:07 +0200)]
cleaned up pluto's IKE alg descriptors

11 years agoupdated prf identifiers
Martin Willi [Fri, 15 May 2009 11:49:05 +0000 (13:49 +0200)]
updated prf identifiers

11 years agoupdated integrity algorithm identifiers
Martin Willi [Fri, 15 May 2009 11:48:44 +0000 (13:48 +0200)]
updated integrity algorithm identifiers

11 years agoadded a "purgeike" command to stroke, deleting all IKE_SAs without a CHILD_SA
Martin Willi [Fri, 15 May 2009 09:02:04 +0000 (11:02 +0200)]
added a "purgeike" command to stroke, deleting all IKE_SAs without a CHILD_SA

11 years agouse left|rightauth notation in eap scenarios
Andreas Steffen [Fri, 15 May 2009 08:39:57 +0000 (10:39 +0200)]
use left|rightauth notation in eap scenarios

11 years agostroke accepts "down conn1{*}/[*]" to delete all CHILD/IKE_SAs using a given config
Martin Willi [Fri, 15 May 2009 08:16:33 +0000 (10:16 +0200)]
stroke accepts "down conn1{*}/[*]" to delete all CHILD/IKE_SAs using a given config

11 years agofixed copy-and-paste error
Andreas Steffen [Fri, 15 May 2009 08:17:17 +0000 (10:17 +0200)]
fixed copy-and-paste error

11 years agouml evaltest changes due to 4.3.x
Andreas Steffen [Fri, 15 May 2009 08:01:24 +0000 (10:01 +0200)]
uml evaltest changes due to 4.3.x

11 years agoadded plutdebug=control
Andreas Steffen [Fri, 15 May 2009 07:13:13 +0000 (09:13 +0200)]
added plutdebug=control

11 years agoif enabled, load openssl plugin by default in pluto
Andreas Steffen [Fri, 15 May 2009 06:46:49 +0000 (08:46 +0200)]
if enabled, load openssl plugin by default in pluto

11 years agomore intuitive leap year check
Tobias Brunner [Thu, 14 May 2009 16:58:17 +0000 (18:58 +0200)]
more intuitive leap year check

11 years agoalso support 192 bit keys for Twofish and Serpent
Andreas Steffen [Thu, 14 May 2009 23:48:56 +0000 (01:48 +0200)]
also support 192 bit keys for Twofish and Serpent

11 years agofixed copy-and-paste caption error
Andreas Steffen [Thu, 14 May 2009 23:40:27 +0000 (01:40 +0200)]
fixed copy-and-paste caption error

11 years agogot rid of libcrypto
Andreas Steffen [Thu, 14 May 2009 23:28:48 +0000 (01:28 +0200)]
got rid of libcrypto

11 years agoremoved libcrypto includes
Andreas Steffen [Thu, 14 May 2009 21:07:17 +0000 (23:07 +0200)]
removed libcrypto includes

11 years agocleaned up pluto's crypto framework
Andreas Steffen [Thu, 14 May 2009 20:56:10 +0000 (22:56 +0200)]
cleaned up pluto's crypto framework

11 years agocompleted serpent plugin
Andreas Steffen [Thu, 14 May 2009 20:30:24 +0000 (22:30 +0200)]
completed serpent plugin

11 years agocosmetics
Andreas Steffen [Thu, 14 May 2009 20:25:38 +0000 (22:25 +0200)]
cosmetics

11 years agosplit encrypt/decrypt functionality of crypto_cbc()
Andreas Steffen [Thu, 14 May 2009 19:03:39 +0000 (21:03 +0200)]
split encrypt/decrypt functionality of crypto_cbc()

11 years agofixed ikev1 iv derivation
Andreas Steffen [Thu, 14 May 2009 18:25:38 +0000 (20:25 +0200)]
fixed ikev1 iv derivation

11 years agoMac OS X doesn't have SADB_X_AALG_AES_XCBC_MAC
Tobias Brunner [Thu, 14 May 2009 12:31:27 +0000 (14:31 +0200)]
Mac OS X doesn't have SADB_X_AALG_AES_XCBC_MAC

11 years agoadded another possible location for the ipsec.h header file
Tobias Brunner [Thu, 14 May 2009 12:29:41 +0000 (14:29 +0200)]
added another possible location for the ipsec.h header file

11 years agofixed compiler warning
Tobias Brunner [Tue, 12 May 2009 17:25:42 +0000 (19:25 +0200)]
fixed compiler warning