strongswan.git
13 years agoadjusted rekey-retry delay and jitter
Martin Willi [Wed, 21 Mar 2007 16:12:16 +0000 (16:12 -0000)]
adjusted rekey-retry delay and jitter

13 years agofixed some rekey collision issues
Martin Willi [Wed, 21 Mar 2007 16:11:14 +0000 (16:11 -0000)]
fixed some rekey collision issues
added retry with jitter when rekeying fails

13 years agofixed SPI byte order
Martin Willi [Wed, 21 Mar 2007 16:09:27 +0000 (16:09 -0000)]
fixed SPI byte order

13 years agofixed child rekey collision
Martin Willi [Wed, 21 Mar 2007 14:42:49 +0000 (14:42 -0000)]
fixed child rekey collision
implemented ike rekey collision

13 years agohandling of CHILD_SA rekeying collisions
Martin Willi [Wed, 21 Mar 2007 09:25:36 +0000 (09:25 -0000)]
handling of CHILD_SA rekeying collisions

13 years agofixed inproper delete of CHILD_SA
Martin Willi [Wed, 21 Mar 2007 07:01:14 +0000 (07:01 -0000)]
fixed inproper delete of CHILD_SA

13 years agoprevent from initiating to %any
Martin Willi [Wed, 21 Mar 2007 07:00:04 +0000 (07:00 -0000)]
prevent from initiating to %any

13 years agofixed some exchange collisions (except IKE/CHILD rekeying)
Martin Willi [Tue, 20 Mar 2007 16:13:21 +0000 (16:13 -0000)]
fixed some exchange collisions (except IKE/CHILD rekeying)

13 years agofixed statusall rekey time jitter bug (again)
Martin Willi [Tue, 20 Mar 2007 14:56:41 +0000 (14:56 -0000)]
fixed statusall rekey time jitter bug (again)

13 years agofixed CHILD_SA rekeying time in statusall
Martin Willi [Tue, 20 Mar 2007 12:29:42 +0000 (12:29 -0000)]
fixed CHILD_SA rekeying time in statusall

13 years agofixed nat detection bug
Martin Willi [Tue, 20 Mar 2007 12:25:08 +0000 (12:25 -0000)]
fixed nat detection bug

13 years agoOCSP support
Andreas Steffen [Tue, 20 Mar 2007 10:47:00 +0000 (10:47 -0000)]
OCSP support

13 years agoupdated NEWS, TODO and man page
Martin Willi [Tue, 20 Mar 2007 08:59:03 +0000 (08:59 -0000)]
updated NEWS, TODO and man page

13 years agorespecting "keyingtries" parameter on IKE_SA setup
Martin Willi [Tue, 20 Mar 2007 08:16:16 +0000 (08:16 -0000)]
respecting "keyingtries" parameter on IKE_SA setup

13 years agocleanups
Martin Willi [Tue, 20 Mar 2007 08:15:53 +0000 (08:15 -0000)]
cleanups
fixed reset()

13 years agonot installing a route when policy gets updated
Martin Willi [Tue, 20 Mar 2007 08:15:18 +0000 (08:15 -0000)]
not installing a route when policy gets updated

13 years agorenamed keyingtries attribute
Martin Willi [Tue, 20 Mar 2007 08:14:18 +0000 (08:14 -0000)]
renamed keyingtries attribute

13 years agoadjusted loglevels
Martin Willi [Tue, 20 Mar 2007 08:13:54 +0000 (08:13 -0000)]
adjusted loglevels

13 years agodelay OCSP response by 5 seconds
Andreas Steffen [Tue, 20 Mar 2007 04:35:16 +0000 (04:35 -0000)]
delay OCSP response by 5 seconds

13 years agoalways update reqid on policy install, fixes dpdaction=hold issue
Martin Willi [Mon, 19 Mar 2007 10:00:56 +0000 (10:00 -0000)]
always update reqid on policy install, fixes dpdaction=hold issue

13 years agoEAP-SIM cleanups
Martin Willi [Mon, 19 Mar 2007 09:59:17 +0000 (09:59 -0000)]
EAP-SIM cleanups

13 years agofixed CHILD_SA rekeying/delete bug on 64bit machines
Martin Willi [Mon, 19 Mar 2007 08:04:37 +0000 (08:04 -0000)]
fixed CHILD_SA rekeying/delete bug on 64bit machines
removed obsolete methods in delete_payload

13 years agoShortened distribution string
Andreas Steffen [Fri, 16 Mar 2007 11:48:29 +0000 (11:48 -0000)]
Shortened distribution string

13 years agoShortened distribution string
Andreas Steffen [Fri, 16 Mar 2007 11:47:48 +0000 (11:47 -0000)]
Shortened distribution string

13 years agoshortened distribution string
Andreas Steffen [Fri, 16 Mar 2007 11:41:54 +0000 (11:41 -0000)]
shortened distribution string

13 years agoadd daemon.log to web page
Andreas Steffen [Thu, 15 Mar 2007 15:01:36 +0000 (15:01 -0000)]
add daemon.log to web page

13 years agoremove /etc/resolv.conf
Andreas Steffen [Thu, 15 Mar 2007 15:00:51 +0000 (15:00 -0000)]
remove /etc/resolv.conf

13 years agoversion bump to 4.1.0
Andreas Steffen [Thu, 15 Mar 2007 14:28:47 +0000 (14:28 -0000)]
version bump to 4.1.0

13 years agoadded apache2/ocsp log directory to winnetou
Andreas Steffen [Thu, 15 Mar 2007 14:18:26 +0000 (14:18 -0000)]
added apache2/ocsp log directory to winnetou

13 years agoremoved killall openssl
Andreas Steffen [Thu, 15 Mar 2007 13:56:35 +0000 (13:56 -0000)]
removed killall openssl

13 years agoremoved killall openssl
Andreas Steffen [Thu, 15 Mar 2007 13:56:09 +0000 (13:56 -0000)]
removed killall openssl

13 years agodeleted
Andreas Steffen [Thu, 15 Mar 2007 13:54:22 +0000 (13:54 -0000)]
deleted

13 years agodeleted
Andreas Steffen [Thu, 15 Mar 2007 13:52:32 +0000 (13:52 -0000)]
deleted

13 years agocreate apach2/ocsp/ logging directory on winnetou
Andreas Steffen [Thu, 15 Mar 2007 13:49:59 +0000 (13:49 -0000)]
create apach2/ocsp/ logging directory on winnetou

13 years agodo not check for type of dpd action any more
Andreas Steffen [Thu, 15 Mar 2007 13:34:42 +0000 (13:34 -0000)]
do not check for type of dpd action any more

13 years agocreate /var/log/apache2/ocsp on winnetou
Andreas Steffen [Thu, 15 Mar 2007 13:33:42 +0000 (13:33 -0000)]
create /var/log/apache2/ocsp on winnetou

13 years agoadded
Andreas Steffen [Thu, 15 Mar 2007 13:30:55 +0000 (13:30 -0000)]
added

13 years agoadded
Andreas Steffen [Thu, 15 Mar 2007 13:29:56 +0000 (13:29 -0000)]
added

13 years agoadded
Andreas Steffen [Thu, 15 Mar 2007 13:29:02 +0000 (13:29 -0000)]
added

13 years agodelete virtual IP addresses after use
Andreas Steffen [Wed, 14 Mar 2007 23:02:44 +0000 (23:02 -0000)]
delete virtual IP addresses after use

13 years agodeleted
Andreas Steffen [Wed, 14 Mar 2007 22:08:55 +0000 (22:08 -0000)]
deleted

13 years agoadded
Andreas Steffen [Wed, 14 Mar 2007 22:07:18 +0000 (22:07 -0000)]
added

13 years agofixed case of missing subjectKeyID
Andreas Steffen [Wed, 14 Mar 2007 21:06:57 +0000 (21:06 -0000)]
fixed case of missing subjectKeyID

13 years agocorrected typo
Andreas Steffen [Wed, 14 Mar 2007 19:33:34 +0000 (19:33 -0000)]
corrected typo

13 years agoversion bump to 4.1.0
Andreas Steffen [Wed, 14 Mar 2007 18:31:47 +0000 (18:31 -0000)]
version bump to 4.1.0

13 years agoadded
Andreas Steffen [Wed, 14 Mar 2007 15:42:40 +0000 (15:42 -0000)]
added

13 years agouse CURLOPT_NOSIGNAL
Andreas Steffen [Wed, 14 Mar 2007 15:41:58 +0000 (15:41 -0000)]
use CURLOPT_NOSIGNAL

13 years agoadded --with-sim-reader option to configure script
Martin Willi [Wed, 14 Mar 2007 15:39:45 +0000 (15:39 -0000)]
added --with-sim-reader option to configure script
some cleanups in eap_sim

13 years agoremoved dublicated code in eap_authenticator
Martin Willi [Wed, 14 Mar 2007 15:25:00 +0000 (15:25 -0000)]
removed dublicated code in eap_authenticator

13 years agolog reception of trusted signer certificate
Andreas Steffen [Wed, 14 Mar 2007 15:11:58 +0000 (15:11 -0000)]
log reception of trusted signer certificate

13 years agoversion bump to 4.1.0
Andreas Steffen [Wed, 14 Mar 2007 15:11:00 +0000 (15:11 -0000)]
version bump to 4.1.0

13 years agodeleted
Andreas Steffen [Wed, 14 Mar 2007 15:10:12 +0000 (15:10 -0000)]
deleted

13 years agoadded
Andreas Steffen [Wed, 14 Mar 2007 15:09:00 +0000 (15:09 -0000)]
added

13 years agochanged OCSPSigner to OCSPSigning
Andreas Steffen [Wed, 14 Mar 2007 15:08:23 +0000 (15:08 -0000)]
changed OCSPSigner to OCSPSigning

13 years agofixed carry bug in FIPS prf
Martin Willi [Wed, 14 Mar 2007 14:54:23 +0000 (14:54 -0000)]
fixed carry bug in FIPS prf

13 years agouser standard cert
Andreas Steffen [Wed, 14 Mar 2007 14:52:13 +0000 (14:52 -0000)]
user standard cert

13 years agodeleted
Andreas Steffen [Wed, 14 Mar 2007 14:51:57 +0000 (14:51 -0000)]
deleted

13 years agodeleted
Andreas Steffen [Wed, 14 Mar 2007 14:51:05 +0000 (14:51 -0000)]
deleted

13 years agoadded
Andreas Steffen [Wed, 14 Mar 2007 14:02:39 +0000 (14:02 -0000)]
added

13 years agoadded
Andreas Steffen [Wed, 14 Mar 2007 13:04:56 +0000 (13:04 -0000)]
added

13 years agomodified description.txt and evaltest.dat
Andreas Steffen [Wed, 14 Mar 2007 13:00:55 +0000 (13:00 -0000)]
modified description.txt and evaltest.dat

13 years agoversion number selection fix
Martin Willi [Wed, 14 Mar 2007 11:20:34 +0000 (11:20 -0000)]
version number selection fix
some cleanups

13 years agocleaned up and fixed DPD handling code
Martin Willi [Wed, 14 Mar 2007 11:07:12 +0000 (11:07 -0000)]
cleaned up and fixed DPD handling code

13 years agoremoved cfg-payload dns test code
Martin Willi [Wed, 14 Mar 2007 11:04:31 +0000 (11:04 -0000)]
removed cfg-payload dns test code

13 years agoadded
Andreas Steffen [Wed, 14 Mar 2007 09:05:27 +0000 (09:05 -0000)]
added

13 years agoadded
Andreas Steffen [Wed, 14 Mar 2007 08:17:27 +0000 (08:17 -0000)]
added

13 years agoversion bump to strongswan-4.1.0 and linux-2.6.20.3
Andreas Steffen [Wed, 14 Mar 2007 08:15:36 +0000 (08:15 -0000)]
version bump to strongswan-4.1.0 and linux-2.6.20.3

13 years agocosmetics
Andreas Steffen [Wed, 14 Mar 2007 08:01:47 +0000 (08:01 -0000)]
cosmetics

13 years agoincreased control debugging output
Andreas Steffen [Wed, 14 Mar 2007 07:22:37 +0000 (07:22 -0000)]
increased control debugging output

13 years agoadded EAP-SIM authentication
Martin Willi [Tue, 13 Mar 2007 15:01:02 +0000 (15:01 -0000)]
added EAP-SIM authentication
  client side only
  uses an external SIM reader library specified with SIM_READER_LIB
  untested

13 years agonot detaching from bus when IKE_SA_INIT is retried
Martin Willi [Tue, 13 Mar 2007 14:55:53 +0000 (14:55 -0000)]
not detaching from bus when IKE_SA_INIT is retried

13 years agoadded AES-192/256 proposals to IKE
Martin Willi [Tue, 13 Mar 2007 14:55:03 +0000 (14:55 -0000)]
added AES-192/256 proposals to IKE

13 years agoadded generic EAP_IDENTITY client implementation using peers IKEv2 ID
Martin Willi [Tue, 13 Mar 2007 14:54:24 +0000 (14:54 -0000)]
added generic EAP_IDENTITY client implementation using peers IKEv2 ID

13 years agofixed compilation warnings and errors when not using curl
Martin Willi [Tue, 13 Mar 2007 14:52:18 +0000 (14:52 -0000)]
fixed compilation warnings and errors when not using curl

13 years agoresults from the single responses is stored in the corresponding certinfo_t structs
Andreas Steffen [Mon, 12 Mar 2007 13:42:31 +0000 (13:42 -0000)]
results from the single responses is stored in the corresponding certinfo_t structs

13 years agomoved credential_store.h from charon/config/credentials to libstrongswan
Andreas Steffen [Fri, 9 Mar 2007 16:50:19 +0000 (16:50 -0000)]
moved credential_store.h from charon/config/credentials to libstrongswan

13 years agolast patch removed, changed CURLOPT_FILE to CURLOPT_WRITEDATA
Andreas Steffen [Fri, 9 Mar 2007 16:12:51 +0000 (16:12 -0000)]
last patch removed, changed CURLOPT_FILE to CURLOPT_WRITEDATA

13 years agofixed memory leak by calling curl_slist_free_all(headers)
Andreas Steffen [Fri, 9 Mar 2007 16:09:49 +0000 (16:09 -0000)]
fixed memory leak by calling curl_slist_free_all(headers)

13 years agofixed memory leak by calling curl_slist_free_all(headers)
Andreas Steffen [Fri, 9 Mar 2007 16:08:28 +0000 (16:08 -0000)]
fixed memory leak by calling curl_slist_free_all(headers)

13 years agowhitelisting static Curl_getaddrinfo() memory leak
Andreas Steffen [Fri, 9 Mar 2007 16:07:22 +0000 (16:07 -0000)]
whitelisting static Curl_getaddrinfo() memory leak

13 years agofixed a certinfo_t memory leak in verify()
Andreas Steffen [Fri, 9 Mar 2007 14:59:28 +0000 (14:59 -0000)]
fixed a certinfo_t memory leak in verify()

13 years agofixed a memory leak in response_t
Andreas Steffen [Fri, 9 Mar 2007 14:44:34 +0000 (14:44 -0000)]
fixed a memory leak in response_t

13 years agoocsp signer certificate and ocsp response signature can be verified
Andreas Steffen [Thu, 8 Mar 2007 23:29:04 +0000 (23:29 -0000)]
ocsp signer certificate and ocsp response signature can be verified

13 years agofixed memleaks when using EAP authentication
Martin Willi [Thu, 8 Mar 2007 22:56:14 +0000 (22:56 -0000)]
fixed memleaks when using EAP authentication
fixed configuration payloads when using EAP

13 years agofixed payload order (again)
Martin Willi [Thu, 8 Mar 2007 20:21:17 +0000 (20:21 -0000)]
fixed payload order (again)

13 years agoincluding peers certificate when his certreq is empty
Martin Willi [Thu, 8 Mar 2007 20:19:24 +0000 (20:19 -0000)]
including peers certificate when his certreq is empty

13 years agoimplemented cookies as initiator
Martin Willi [Thu, 8 Mar 2007 20:18:39 +0000 (20:18 -0000)]
implemented cookies as initiator
proper logging of notifies in IKE_SA setup

13 years agodisabling routing for IPv6, does not work correctly
Martin Willi [Thu, 8 Mar 2007 20:17:34 +0000 (20:17 -0000)]
disabling routing for IPv6, does not work correctly

13 years agofixed call of add_auth_certificate()
Andreas Steffen [Thu, 8 Mar 2007 19:44:14 +0000 (19:44 -0000)]
fixed call of add_auth_certificate()

13 years agogeneralized get_ca_certificate() to get_auth_certificate(auth_flags)
Andreas Steffen [Thu, 8 Mar 2007 18:56:43 +0000 (18:56 -0000)]
generalized get_ca_certificate() to get_auth_certificate(auth_flags)

13 years agoadded fetcher_finalize() to clean up libcurl
Andreas Steffen [Thu, 8 Mar 2007 17:00:32 +0000 (17:00 -0000)]
added fetcher_finalize() to clean up libcurl

13 years agosome cleanups
Martin Willi [Thu, 8 Mar 2007 16:58:59 +0000 (16:58 -0000)]
some cleanups
not installing %any DNS servers

13 years agosupport of setting and getting authority flags
Andreas Steffen [Thu, 8 Mar 2007 16:48:16 +0000 (16:48 -0000)]
support of setting and getting authority flags

13 years agosupport if ocsp signing certificates
Andreas Steffen [Thu, 8 Mar 2007 16:47:18 +0000 (16:47 -0000)]
support if ocsp signing certificates

13 years agosupport if ocsp signing certificates
Andreas Steffen [Thu, 8 Mar 2007 16:46:50 +0000 (16:46 -0000)]
support if ocsp signing certificates

13 years agofixed payload order in IKE_AUTH
Martin Willi [Thu, 8 Mar 2007 15:59:21 +0000 (15:59 -0000)]
fixed payload order in IKE_AUTH

13 years agoremoved SHA2 kernel proposals from default, the kernel doesn't support them yet
Martin Willi [Thu, 8 Mar 2007 15:18:51 +0000 (15:18 -0000)]
removed SHA2 kernel proposals from default, the kernel doesn't support them yet

13 years agoallocation fixes, not complete
Martin Willi [Thu, 8 Mar 2007 14:41:30 +0000 (14:41 -0000)]
allocation fixes, not complete

13 years agohandling "No policy found" properly
Martin Willi [Thu, 8 Mar 2007 14:41:09 +0000 (14:41 -0000)]
handling "No policy found" properly

13 years agoadded more debugging output for policy lookup
Martin Willi [Thu, 8 Mar 2007 14:40:15 +0000 (14:40 -0000)]
added more debugging output for policy lookup
returning a (dummy) policy even when TS does not match, so we can properly send a TS_UNACCEPTABLE