strongswan.git
12 years agoadd ip xfrm state test for ikev1 transport mode
Andreas Steffen [Wed, 19 Dec 2007 21:02:15 +0000 (21:02 -0000)]
add ip xfrm state test for ikev1 transport mode

12 years agoversion bumps
Andreas Steffen [Wed, 19 Dec 2007 21:01:19 +0000 (21:01 -0000)]
version bumps

12 years agoinclude pipe-thin-green icons in distribution 4.1.10
Andreas Steffen [Wed, 19 Dec 2007 21:00:52 +0000 (21:00 -0000)]
include pipe-thin-green icons in distribution

12 years agoadded a-v-m-c-w-med.png topology graph
Andreas Steffen [Wed, 19 Dec 2007 20:59:54 +0000 (20:59 -0000)]
added a-v-m-c-w-med.png topology graph

12 years agoadded behind-same-nat p2p scenario
Andreas Steffen [Wed, 19 Dec 2007 17:55:08 +0000 (17:55 -0000)]
added behind-same-nat p2p scenario

12 years agoset nexthop default value to 0::0 in IPv6 connections
Andreas Steffen [Wed, 19 Dec 2007 00:49:32 +0000 (00:49 -0000)]
set nexthop default value to 0::0 in IPv6 connections

12 years agoset --enable-eap-aka in UML scenarios
Andreas Steffen [Wed, 19 Dec 2007 00:47:56 +0000 (00:47 -0000)]
set --enable-eap-aka in UML scenarios

12 years agocheck ip xfrm state in IKEv1 and IKEv2 transport mode scenarios
Andreas Steffen [Wed, 19 Dec 2007 00:47:21 +0000 (00:47 -0000)]
check ip xfrm state in IKEv1 and IKEv2 transport mode scenarios

12 years agoadded ipv6 transport mode scenarios for IKEv1 and IKEv2
Andreas Steffen [Wed, 19 Dec 2007 00:45:26 +0000 (00:45 -0000)]
added ipv6 transport mode scenarios for IKEv1 and IKEv2

12 years agoupdated rw-eap-aka-rsa scenario
Andreas Steffen [Wed, 19 Dec 2007 00:11:20 +0000 (00:11 -0000)]
updated rw-eap-aka-rsa scenario

12 years agomake config view in strongSwan manager look similar to ikesa view
Andreas Steffen [Tue, 18 Dec 2007 15:41:37 +0000 (15:41 -0000)]
make config view in strongSwan manager look similar to ikesa view

12 years agofixed EAP-MD5 to accept Name attribute in challenge
Martin Willi [Tue, 18 Dec 2007 10:44:44 +0000 (10:44 -0000)]
fixed EAP-MD5 to accept Name attribute in challenge

12 years agoupdated NEWS
Martin Willi [Thu, 13 Dec 2007 17:52:49 +0000 (17:52 -0000)]
updated NEWS

12 years agoimplemented Expanded EAP types to support vendor specific methods
Martin Willi [Thu, 13 Dec 2007 17:31:21 +0000 (17:31 -0000)]
implemented Expanded EAP types to support vendor specific methods

12 years agofixed actual ID length when AT_IDENTITY gets padded
Martin Willi [Thu, 13 Dec 2007 14:39:38 +0000 (14:39 -0000)]
fixed actual ID length when AT_IDENTITY gets padded

12 years agoported EAP-AKA branch into trunk
Martin Willi [Thu, 13 Dec 2007 10:54:29 +0000 (10:54 -0000)]
ported EAP-AKA branch into trunk

12 years agosbindir is required in the PATH of ipsec
Andreas Steffen [Wed, 12 Dec 2007 22:27:40 +0000 (22:27 -0000)]
sbindir is required in the PATH of ipsec

12 years agosbindir is required in the PATH of _updown
Andreas Steffen [Wed, 12 Dec 2007 22:12:10 +0000 (22:12 -0000)]
sbindir is required in the PATH of _updown

12 years agoadded ocsp cache bug fix to NEWS
Andreas Steffen [Wed, 12 Dec 2007 21:03:17 +0000 (21:03 -0000)]
added ocsp cache bug fix to NEWS

12 years agofixed error in the ordering of the certinfo_t records in the ocsp cache that caused...
Andreas Steffen [Wed, 12 Dec 2007 20:25:50 +0000 (20:25 -0000)]
fixed error in the ordering of the certinfo_t records in the ocsp cache that caused multiple entries of the same serial number to be created. This was caused by the iterator_t method insert_after() that inserts a record in the first instead of the last position of a linked list if the end of the list is reached. Fix: use linked_list_t method insert_last() instead.

12 years agodefine a minimum PATH environment
Andreas Steffen [Wed, 12 Dec 2007 14:56:35 +0000 (14:56 -0000)]
define a minimum PATH environment

12 years agoaligned error messages
Andreas Steffen [Wed, 12 Dec 2007 14:54:28 +0000 (14:54 -0000)]
aligned error messages

12 years agomerged EAP-MD5 into trunk
Martin Willi [Wed, 12 Dec 2007 14:29:10 +0000 (14:29 -0000)]
merged EAP-MD5 into trunk

12 years agoaccept unknown attributes in config payloads
Martin Willi [Sun, 9 Dec 2007 19:43:41 +0000 (19:43 -0000)]
accept unknown attributes in config payloads

12 years agofixed build when using --disable-pluto
Martin Willi [Fri, 7 Dec 2007 10:25:01 +0000 (10:25 -0000)]
fixed build when using --disable-pluto

12 years agoversion bump to 4.1.10
Andreas Steffen [Tue, 4 Dec 2007 23:54:32 +0000 (23:54 -0000)]
version bump to 4.1.10

12 years agoremoved c++ style comments 4.1.9
Martin Willi [Tue, 4 Dec 2007 10:48:27 +0000 (10:48 -0000)]
removed c++ style comments
fixed compiler warnings

12 years agofixed mobike/auth_lifetime in conjunction with p2p-natt
Martin Willi [Tue, 4 Dec 2007 10:05:36 +0000 (10:05 -0000)]
fixed mobike/auth_lifetime in conjunction with p2p-natt

12 years agoremoved redundant server reflexive endpoint debug message
Andreas Steffen [Tue, 4 Dec 2007 00:45:00 +0000 (00:45 -0000)]
removed redundant server reflexive endpoint debug message

12 years agoadded brackets in PKG_CHECK_MODULES
Andreas Steffen [Mon, 3 Dec 2007 23:12:39 +0000 (23:12 -0000)]
added brackets in PKG_CHECK_MODULES

12 years agoimproved P2P_ENDPOINT debugging
Andreas Steffen [Mon, 3 Dec 2007 23:06:17 +0000 (23:06 -0000)]
improved P2P_ENDPOINT debugging

12 years agoupdated NEWS
Martin Willi [Mon, 3 Dec 2007 14:48:04 +0000 (14:48 -0000)]
updated NEWS

12 years agoadded more ./configure build options for
Martin Willi [Mon, 3 Dec 2007 14:47:15 +0000 (14:47 -0000)]
added more ./configure build options for
  EAP-Identity module
  ipsec tools (openac, scepclient)
  optional charon/pluto build
  charon stroke interface

12 years agomoved AUTH_LIFETIME handling in its own task (cleaner separation, proper payload...
Martin Willi [Mon, 3 Dec 2007 10:52:18 +0000 (10:52 -0000)]
moved AUTH_LIFETIME handling in its own task (cleaner separation, proper payload order)

12 years agoadded a "libcharon-" prefix to plugins to avoid conflicts
Martin Willi [Mon, 3 Dec 2007 09:03:22 +0000 (09:03 -0000)]
added a "libcharon-" prefix to plugins to avoid conflicts

12 years agosome return code changes proposed by Marius Tomaschewski
Andreas Steffen [Thu, 29 Nov 2007 18:27:04 +0000 (18:27 -0000)]
some return code changes proposed by Marius Tomaschewski

12 years agoipsec and starter exit with LSB-compliant return codes
Andreas Steffen [Wed, 28 Nov 2007 17:02:12 +0000 (17:02 -0000)]
ipsec and starter exit with LSB-compliant return codes

12 years agobob is passive responder in p2pnat scenario
Andreas Steffen [Mon, 26 Nov 2007 22:24:08 +0000 (22:24 -0000)]
bob is passive responder in p2pnat scenario

12 years agosocket_t implementation withouth raw sockets
Martin Willi [Mon, 26 Nov 2007 11:20:00 +0000 (11:20 -0000)]
socket_t implementation withouth raw sockets
  --disable-raw-socket configure option
  prevents charon/pluto to run in parallel

12 years agoadded USE_P2P UML compile option
Andreas Steffen [Mon, 26 Nov 2007 00:29:52 +0000 (00:29 -0000)]
added USE_P2P UML compile option

12 years agoadded a-m-c-w-s-b-med.png topology graph
Andreas Steffen [Mon, 26 Nov 2007 00:28:29 +0000 (00:28 -0000)]
added a-m-c-w-s-b-med.png topology graph

12 years agoadded p2pnat/medsrv-psk scenario
Andreas Steffen [Mon, 26 Nov 2007 00:25:22 +0000 (00:25 -0000)]
added p2pnat/medsrv-psk scenario

12 years agoadded two scenarios testing repeated authentication (RFC 4478)
Andreas Steffen [Sun, 25 Nov 2007 15:47:58 +0000 (15:47 -0000)]
added two scenarios testing repeated authentication (RFC 4478)

12 years agoimproving [3361]: moved one of the added return values
Tobias Brunner [Thu, 22 Nov 2007 11:22:33 +0000 (11:22 -0000)]
improving [3361]: moved one of the added return values

12 years agoadded two return statements comitted by Marius Tomaschewski
Andreas Steffen [Wed, 21 Nov 2007 23:42:27 +0000 (23:42 -0000)]
added two return statements comitted by Marius Tomaschewski

12 years agoversion bump to uml linux kernel 2.6.23.8
Andreas Steffen [Wed, 21 Nov 2007 23:30:28 +0000 (23:30 -0000)]
version bump to uml linux kernel 2.6.23.8

12 years agonew IPv6 scenarios were added
Andreas Steffen [Wed, 21 Nov 2007 00:53:14 +0000 (00:53 -0000)]
new IPv6 scenarios were added

12 years agoupdated TODO
Martin Willi [Tue, 20 Nov 2007 12:26:37 +0000 (12:26 -0000)]
updated TODO

12 years agoupdated NEWS
Martin Willi [Tue, 20 Nov 2007 12:23:39 +0000 (12:23 -0000)]
updated NEWS

12 years agoimplemented RFC4478 (repeated authentication)
Martin Willi [Tue, 20 Nov 2007 12:06:40 +0000 (12:06 -0000)]
implemented RFC4478 (repeated authentication)
changed %V printf handler to take a time delta, %#V now takes two arguments

12 years agofixed callback_job cancellation for threads waiting in the bus
Martin Willi [Mon, 19 Nov 2007 12:32:28 +0000 (12:32 -0000)]
fixed callback_job cancellation for threads waiting in the bus

12 years agofixed memrchr compiler warning
Martin Willi [Mon, 19 Nov 2007 12:27:08 +0000 (12:27 -0000)]
fixed memrchr compiler warning

12 years agofixed two leaks in stroke_interface
Martin Willi [Mon, 19 Nov 2007 11:28:11 +0000 (11:28 -0000)]
fixed two leaks in stroke_interface

12 years agoindentation of list.cs
Andreas Steffen [Sun, 18 Nov 2007 20:59:46 +0000 (20:59 -0000)]
indentation of list.cs

12 years agohandle right=%any case in strongSwan manager
Andreas Steffen [Sat, 17 Nov 2007 23:08:16 +0000 (23:08 -0000)]
handle right=%any case in strongSwan manager

12 years agofixed typo in iptables script
Andreas Steffen [Fri, 16 Nov 2007 22:45:47 +0000 (22:45 -0000)]
fixed typo in iptables script

12 years agoadded rw-psk-ikev2 scenario
Andreas Steffen [Fri, 16 Nov 2007 20:25:26 +0000 (20:25 -0000)]
added rw-psk-ikev2 scenario

12 years agoadded rw-psk-ikev1 scenario
Andreas Steffen [Fri, 16 Nov 2007 20:25:15 +0000 (20:25 -0000)]
added rw-psk-ikev1 scenario

12 years agosearch : delimiter in ipsec.secrets entries from the rear
Andreas Steffen [Fri, 16 Nov 2007 20:23:29 +0000 (20:23 -0000)]
search : delimiter in ipsec.secrets entries from the rear

12 years agorefactored bus and interface to resolve threading issues (WIP)
Martin Willi [Thu, 15 Nov 2007 18:35:54 +0000 (18:35 -0000)]
refactored bus and interface to resolve threading issues (WIP)

12 years agobe less agressive, but more verbose in killing charon
Martin Willi [Thu, 15 Nov 2007 18:34:05 +0000 (18:34 -0000)]
be less agressive, but more verbose in killing charon

12 years agoadded IKE IP addresses to config list for manager
Martin Willi [Thu, 15 Nov 2007 10:09:48 +0000 (10:09 -0000)]
added IKE IP addresses to config list for manager

12 years agofiltering out IKEv1 configurations for manager
Martin Willi [Thu, 15 Nov 2007 10:09:14 +0000 (10:09 -0000)]
filtering out IKEv1 configurations for manager

12 years agofixed daemon kill before threads are spawned
Martin Willi [Wed, 14 Nov 2007 10:12:34 +0000 (10:12 -0000)]
fixed daemon kill before threads are spawned

12 years agofixed NO_PROPOSAL_CHOSEN response on IKE_SA_INIT
Martin Willi [Wed, 14 Nov 2007 09:41:08 +0000 (09:41 -0000)]
fixed NO_PROPOSAL_CHOSEN response on IKE_SA_INIT

12 years agochanged session timeout to 15 minutes
Martin Willi [Tue, 13 Nov 2007 12:00:02 +0000 (12:00 -0000)]
changed session timeout to 15 minutes

12 years agoimplemented IKE_SA initiation in manager
Martin Willi [Tue, 13 Nov 2007 11:58:28 +0000 (11:58 -0000)]
implemented IKE_SA initiation in manager

12 years agoimplemented configuration query and IKE_SA initiation in XML interface
Martin Willi [Tue, 13 Nov 2007 11:56:52 +0000 (11:56 -0000)]
implemented configuration query and IKE_SA initiation in XML interface

12 years agoconfiguration query for manager (WIP)
Martin Willi [Mon, 12 Nov 2007 18:34:50 +0000 (18:34 -0000)]
configuration query for manager (WIP)

12 years agoimplemented IKE/CHILD_SA close through manager
Martin Willi [Mon, 12 Nov 2007 15:09:11 +0000 (15:09 -0000)]
implemented IKE/CHILD_SA close through manager

12 years agoimplemented IKE/CHILD_SA termination through XML interface
Martin Willi [Mon, 12 Nov 2007 15:06:04 +0000 (15:06 -0000)]
implemented IKE/CHILD_SA termination through XML interface

12 years agoupdated gentoo root file system
Andreas Steffen [Fri, 9 Nov 2007 00:49:45 +0000 (00:49 -0000)]
updated gentoo root file system

12 years agoupgrade of apache2 runlevel scripts from 2.0 to 2.2
Andreas Steffen [Fri, 9 Nov 2007 00:48:08 +0000 (00:48 -0000)]
upgrade of apache2 runlevel scripts from 2.0 to 2.2

12 years agoupgrade from apache 2.0 to 2.2
Andreas Steffen [Fri, 9 Nov 2007 00:38:01 +0000 (00:38 -0000)]
upgrade from apache 2.0 to 2.2

12 years agoIPv6 scenarios now used the new IPv6 topology graphs
Andreas Steffen [Thu, 8 Nov 2007 13:28:30 +0000 (13:28 -0000)]
IPv6 scenarios now used the new IPv6 topology graphs

12 years agocreated IPv6 topology graphs
Andreas Steffen [Thu, 8 Nov 2007 13:26:41 +0000 (13:26 -0000)]
created IPv6 topology graphs

12 years agoremoved internal IP from m-w-s.png
Andreas Steffen [Thu, 8 Nov 2007 13:25:25 +0000 (13:25 -0000)]
removed internal IP from m-w-s.png

12 years agoanother four IPv6 scenarios fully demonstrate ip6tables firewall use
Andreas Steffen [Thu, 8 Nov 2007 11:59:29 +0000 (11:59 -0000)]
another four IPv6 scenarios fully demonstrate ip6tables firewall use

12 years agoannounce IPv6 iptables support in _updown script
Andreas Steffen [Thu, 8 Nov 2007 10:55:07 +0000 (10:55 -0000)]
announce IPv6 iptables support in _updown script

12 years agoenabled ip6tables-based firewalling in first two IPv6 scenarios
Andreas Steffen [Wed, 7 Nov 2007 16:41:57 +0000 (16:41 -0000)]
enabled ip6tables-based firewalling in first two IPv6 scenarios

12 years agodo-tests script applies ip6tables in ipv6 subdir
Andreas Steffen [Wed, 7 Nov 2007 12:22:44 +0000 (12:22 -0000)]
do-tests script applies ip6tables in ipv6 subdir

12 years agothe _updown scripts now fully supports ip6tables firewall rule insertion and deletion
Andreas Steffen [Wed, 7 Nov 2007 12:20:15 +0000 (12:20 -0000)]
the _updown scripts now fully supports ip6tables firewall rule insertion and deletion

12 years agodisable MOBIKE in net2net IPv6 scenario
Andreas Steffen [Tue, 6 Nov 2007 18:19:51 +0000 (18:19 -0000)]
disable MOBIKE in net2net IPv6 scenario

12 years agoadded rw-ikev1 IPv6 scenario
Andreas Steffen [Tue, 6 Nov 2007 17:50:43 +0000 (17:50 -0000)]
added rw-ikev1 IPv6 scenario

12 years agocharon does not need leftnexthop for ipv6 scenarios
Andreas Steffen [Tue, 6 Nov 2007 16:38:29 +0000 (16:38 -0000)]
charon does not need leftnexthop for ipv6 scenarios

12 years agoversion bumpt to 4.1.9
Andreas Steffen [Tue, 6 Nov 2007 13:47:27 +0000 (13:47 -0000)]
version bumpt to 4.1.9

12 years agofixed ipv6 target in _updown script
Andreas Steffen [Tue, 6 Nov 2007 13:46:35 +0000 (13:46 -0000)]
fixed ipv6 target in _updown script

12 years agofixed _updown target for ipv6
Andreas Steffen [Tue, 6 Nov 2007 13:45:54 +0000 (13:45 -0000)]
fixed _updown target for ipv6

12 years agonew net2net ipv6 scenarios for IKEv1 and IKEv2
Andreas Steffen [Tue, 6 Nov 2007 13:44:57 +0000 (13:44 -0000)]
new net2net ipv6 scenarios for IKEv1 and IKEv2

12 years agoadding new virtual ip before deleting old one to keep IP on reauthentication
Martin Willi [Thu, 25 Oct 2007 07:50:23 +0000 (07:50 -0000)]
adding new virtual ip before deleting old one to keep IP on reauthentication

12 years agoadded vsignal todo
Martin Willi [Thu, 25 Oct 2007 07:49:32 +0000 (07:49 -0000)]
added vsignal todo

12 years agorequest_t.redirect takes variable argument list
Martin Willi [Fri, 19 Oct 2007 19:40:53 +0000 (19:40 -0000)]
request_t.redirect takes variable argument list
request_t.serve to serve non-template data
fixed dispatcher thread locking code

12 years agoupdated NEWS 4.1.8
Andreas Steffen [Wed, 17 Oct 2007 03:40:51 +0000 (03:40 -0000)]
updated NEWS

12 years agouml kernel version bump to 2.6.23.1
Andreas Steffen [Wed, 17 Oct 2007 03:39:16 +0000 (03:39 -0000)]
uml kernel version bump to 2.6.23.1

12 years agocorrected typos
Andreas Steffen [Wed, 17 Oct 2007 02:56:24 +0000 (02:56 -0000)]
corrected typos

12 years agocorrected brief
Andreas Steffen [Wed, 17 Oct 2007 02:55:53 +0000 (02:55 -0000)]
corrected brief

12 years agocorrected brief
Andreas Steffen [Wed, 17 Oct 2007 02:55:17 +0000 (02:55 -0000)]
corrected brief

12 years agoadded hasher_signature_algorithm_to_oid() function
Andreas Steffen [Fri, 12 Oct 2007 23:18:42 +0000 (23:18 -0000)]
added hasher_signature_algorithm_to_oid() function

12 years agoadded get_publicKeyInfo() method
Andreas Steffen [Fri, 12 Oct 2007 22:49:39 +0000 (22:49 -0000)]
added get_publicKeyInfo() method

12 years agoadded create_certificate_iterator() method
Andreas Steffen [Fri, 12 Oct 2007 21:57:20 +0000 (21:57 -0000)]
added create_certificate_iterator() method