strongswan.git
14 years agorefactored ca_info_t
Andreas Steffen [Sat, 3 Mar 2007 21:07:23 +0000 (21:07 -0000)]
refactored ca_info_t

14 years agofixed netlink socket receiver code
Martin Willi [Sat, 3 Mar 2007 14:56:24 +0000 (14:56 -0000)]
fixed netlink socket receiver code
implemented interface enumeration code with netlink: no getifaddrs reqired anymore

14 years agorefactored kernel interface, works reliable again
Martin Willi [Sat, 3 Mar 2007 13:04:07 +0000 (13:04 -0000)]
refactored kernel interface, works reliable again

14 years agoimplemented get_iface() using RTM_GETADDR
Martin Willi [Fri, 2 Mar 2007 17:08:38 +0000 (17:08 -0000)]
implemented get_iface() using RTM_GETADDR
added support for multi-header netlink messages
really ugly now, need a lot of refactoring

14 years agoadded debuggin for interface lookup
Martin Willi [Thu, 1 Mar 2007 12:53:20 +0000 (12:53 -0000)]
added debuggin for interface lookup

14 years agofixed address lookup when !using getifaddrs()
Martin Willi [Thu, 1 Mar 2007 12:35:21 +0000 (12:35 -0000)]
fixed address lookup when !using getifaddrs()

14 years agoadded firewalling support when using virtual IPs
Martin Willi [Thu, 1 Mar 2007 12:31:58 +0000 (12:31 -0000)]
added firewalling support when using virtual IPs

14 years agoadded support for 0.0.0.0/0 traffic selectors
Martin Willi [Thu, 1 Mar 2007 11:42:08 +0000 (11:42 -0000)]
added support for 0.0.0.0/0 traffic selectors
fixed routing to make correct 0.0.0.0/0 routes

14 years agoconfig-payload scenario fixes
Andreas Steffen [Thu, 1 Mar 2007 08:20:50 +0000 (08:20 -0000)]
config-payload scenario fixes

14 years agopreparations for PLUTO_MY_SOURCEIP
Andreas Steffen [Thu, 1 Mar 2007 07:45:43 +0000 (07:45 -0000)]
preparations for PLUTO_MY_SOURCEIP

14 years agocorrected typo
Andreas Steffen [Thu, 1 Mar 2007 00:00:35 +0000 (00:00 -0000)]
corrected typo

14 years agoadded cert with OCSP access info
Andreas Steffen [Wed, 28 Feb 2007 23:25:13 +0000 (23:25 -0000)]
added cert with OCSP access info

14 years agodpd now takes 180 s and 5 retransmits
Andreas Steffen [Wed, 28 Feb 2007 23:19:20 +0000 (23:19 -0000)]
dpd now takes 180 s and 5 retransmits

14 years agochanged grep to creating aquire job for CHILD SA
Andreas Steffen [Wed, 28 Feb 2007 23:02:40 +0000 (23:02 -0000)]
changed grep to creating aquire job for CHILD SA

14 years agoreplaced actual virtual IPs by place holders 4.0.7
Andreas Steffen [Wed, 28 Feb 2007 22:38:49 +0000 (22:38 -0000)]
replaced actual virtual IPs by place holders

14 years agovirtual-ip scenario has been replaces by config-payload scenario
Andreas Steffen [Wed, 28 Feb 2007 22:21:58 +0000 (22:21 -0000)]
virtual-ip scenario has been replaces by config-payload scenario

14 years agoadded
Andreas Steffen [Wed, 28 Feb 2007 22:16:23 +0000 (22:16 -0000)]
added

14 years agoadded
Andreas Steffen [Wed, 28 Feb 2007 22:16:16 +0000 (22:16 -0000)]
added

14 years agoadded ocsp.h and ocsp.c
Andreas Steffen [Wed, 28 Feb 2007 20:31:07 +0000 (20:31 -0000)]
added ocsp.h and ocsp.c

14 years agoadded
Andreas Steffen [Wed, 28 Feb 2007 20:30:44 +0000 (20:30 -0000)]
added

14 years agovirtual ip uml test
Tobias Brunner [Wed, 28 Feb 2007 15:20:10 +0000 (15:20 -0000)]
virtual ip uml test

14 years agofixed reauthentication when connections other is %any
Martin Willi [Wed, 28 Feb 2007 14:17:31 +0000 (14:17 -0000)]
fixed reauthentication when connections other is %any

14 years agomerged tasking branch into trunk
Martin Willi [Wed, 28 Feb 2007 14:04:36 +0000 (14:04 -0000)]
merged tasking branch into trunk

14 years agofixed big endian bug in md5 hasher
Martin Willi [Wed, 28 Feb 2007 07:20:16 +0000 (07:20 -0000)]
fixed big endian bug in md5 hasher

14 years agocosmetics
Andreas Steffen [Tue, 27 Feb 2007 22:05:49 +0000 (22:05 -0000)]
cosmetics

14 years agoadded once flag to certinfo_t
Andreas Steffen [Tue, 27 Feb 2007 21:23:51 +0000 (21:23 -0000)]
added once flag to certinfo_t

14 years agocosmetics
Andreas Steffen [Tue, 27 Feb 2007 21:22:57 +0000 (21:22 -0000)]
cosmetics

14 years agoadded certinfos linked list
Andreas Steffen [Tue, 27 Feb 2007 21:21:54 +0000 (21:21 -0000)]
added certinfos linked list

14 years agochanged ca info to ca
Andreas Steffen [Sun, 25 Feb 2007 18:47:09 +0000 (18:47 -0000)]
changed ca info to ca

14 years agosupport of ca info sections
Andreas Steffen [Sun, 25 Feb 2007 08:18:11 +0000 (08:18 -0000)]
support of ca info sections

14 years agoadded support of OCSP accessLocations
Andreas Steffen [Sun, 25 Feb 2007 08:15:46 +0000 (08:15 -0000)]
added support of OCSP accessLocations

14 years agocorrect interface definition
Andreas Steffen [Sun, 25 Feb 2007 08:15:38 +0000 (08:15 -0000)]
correct interface definition

14 years agoadded support of OCSP accessLocations
Andreas Steffen [Sun, 25 Feb 2007 08:14:50 +0000 (08:14 -0000)]
added support of OCSP accessLocations

14 years agofull support of ca info records
Andreas Steffen [Sat, 24 Feb 2007 23:21:57 +0000 (23:21 -0000)]
full support of ca info records

14 years agoadded the create_crluri_iterator method
Andreas Steffen [Sat, 24 Feb 2007 23:21:45 +0000 (23:21 -0000)]
added the create_crluri_iterator method

14 years agoreplace ca is realized as del_ca followed by add_ca
Andreas Steffen [Sat, 24 Feb 2007 23:20:27 +0000 (23:20 -0000)]
replace ca is realized as del_ca followed by add_ca

14 years agolast CA keyword is KW_OCSPURI2
Andreas Steffen [Sat, 24 Feb 2007 23:19:28 +0000 (23:19 -0000)]
last CA keyword is KW_OCSPURI2

14 years agofull support of ca info records
Andreas Steffen [Sat, 24 Feb 2007 23:18:31 +0000 (23:18 -0000)]
full support of ca info records

14 years agofull support of ca info records
Andreas Steffen [Sat, 24 Feb 2007 23:18:08 +0000 (23:18 -0000)]
full support of ca info records

14 years agoalphabetically sorting print commands
Andreas Steffen [Sat, 24 Feb 2007 00:35:23 +0000 (00:35 -0000)]
alphabetically sorting print commands

14 years agolisting ca_info items
Andreas Steffen [Sat, 24 Feb 2007 00:34:44 +0000 (00:34 -0000)]
listing ca_info items

14 years agoreplace printf.h by stdio.h
Andreas Steffen [Sat, 24 Feb 2007 00:34:17 +0000 (00:34 -0000)]
replace printf.h by stdio.h

14 years agoaddin get_keyid() method
Andreas Steffen [Sat, 24 Feb 2007 00:33:48 +0000 (00:33 -0000)]
addin get_keyid() method

14 years agosupport of ca info records
Andreas Steffen [Fri, 23 Feb 2007 15:15:31 +0000 (15:15 -0000)]
support of ca info records

14 years agosupport of ca info records
Andreas Steffen [Fri, 23 Feb 2007 15:14:59 +0000 (15:14 -0000)]
support of ca info records

14 years agoversion bump to 4.0.8
Andreas Steffen [Fri, 23 Feb 2007 15:14:21 +0000 (15:14 -0000)]
version bump to 4.0.8

14 years agosupport of ca info records
Andreas Steffen [Fri, 23 Feb 2007 15:13:33 +0000 (15:13 -0000)]
support of ca info records

14 years agosupport of ca info records
Andreas Steffen [Fri, 23 Feb 2007 15:13:21 +0000 (15:13 -0000)]
support of ca info records

14 years agotypo
Andreas Steffen [Wed, 21 Feb 2007 23:08:35 +0000 (23:08 -0000)]
typo

14 years agoSHA512-HMAC bug fix and hash function self-test support
Andreas Steffen [Wed, 21 Feb 2007 13:10:24 +0000 (13:10 -0000)]
SHA512-HMAC bug fix and hash function self-test support

14 years agoSHA512-HMAC bug fix and hash function self-test support
Andreas Steffen [Wed, 21 Feb 2007 13:10:08 +0000 (13:10 -0000)]
SHA512-HMAC bug fix and hash function self-test support

14 years agohandle strong SHA-2 signatures in X.509 certificates
Andreas Steffen [Wed, 21 Feb 2007 13:08:45 +0000 (13:08 -0000)]
handle strong SHA-2 signatures in X.509 certificates

14 years agoSHA-2 fixes and add-ons
Andreas Steffen [Wed, 21 Feb 2007 13:07:39 +0000 (13:07 -0000)]
SHA-2 fixes and add-ons

14 years agoversion bumps
Andreas Steffen [Wed, 21 Feb 2007 13:07:09 +0000 (13:07 -0000)]
version bumps

14 years agoremove strong certs and keys after test
Andreas Steffen [Wed, 21 Feb 2007 13:06:26 +0000 (13:06 -0000)]
remove strong certs and keys after test

14 years agoadded
Andreas Steffen [Wed, 21 Feb 2007 13:05:53 +0000 (13:05 -0000)]
added

14 years agousing "left" as my host per default, swapping to "right" when needed
Martin Willi [Thu, 15 Feb 2007 12:13:18 +0000 (12:13 -0000)]
using "left" as my host per default, swapping to "right" when needed

14 years agorespecting source address when sending packets
Martin Willi [Thu, 15 Feb 2007 11:35:10 +0000 (11:35 -0000)]
respecting source address when sending packets

14 years agoadded PRINT_CAINFO hook
Andreas Steffen [Wed, 14 Feb 2007 10:54:39 +0000 (10:54 -0000)]
added PRINT_CAINFO hook

14 years agostroke now recognizes the keywords listocspcerts|cainfos|ocsp, rereadocspcerts and...
Andreas Steffen [Wed, 14 Feb 2007 01:08:41 +0000 (01:08 -0000)]
stroke now recognizes the keywords listocspcerts|cainfos|ocsp, rereadocspcerts and purgeocsp

14 years agoenable IP forwarding
Andreas Steffen [Wed, 14 Feb 2007 01:05:58 +0000 (01:05 -0000)]
enable IP forwarding

14 years agoprepared support of ca information records and ocsp functionality
Andreas Steffen [Wed, 14 Feb 2007 01:04:46 +0000 (01:04 -0000)]
prepared support of ca information records and ocsp functionality

14 years agoadded support of ca information records and ocsp keywords
Andreas Steffen [Wed, 14 Feb 2007 01:03:08 +0000 (01:03 -0000)]
added support of ca information records and ocsp keywords

14 years agoenabled adding and deleting ca information records
Andreas Steffen [Wed, 14 Feb 2007 01:02:09 +0000 (01:02 -0000)]
enabled adding and deleting ca information records

14 years agofixed starter crash due to freeing default IPSEC_EAPDIR string
Andreas Steffen [Wed, 14 Feb 2007 00:56:58 +0000 (00:56 -0000)]
fixed starter crash due to freeing default IPSEC_EAPDIR string

14 years agoadd --eapdir option only if defined in ipsec.conf
Andreas Steffen [Wed, 14 Feb 2007 00:53:45 +0000 (00:53 -0000)]
add --eapdir option only if defined in ipsec.conf

14 years agoremoved eap aka module due nda
Martin Willi [Tue, 13 Feb 2007 15:19:30 +0000 (15:19 -0000)]
removed eap aka module due nda

14 years agomerged EAP framework from branch into trunk
Martin Willi [Mon, 12 Feb 2007 15:56:47 +0000 (15:56 -0000)]
merged EAP framework from branch into trunk
includes a lot of other modifications

14 years ago%T requires time_t ptr
Andreas Steffen [Thu, 8 Feb 2007 17:59:37 +0000 (17:59 -0000)]
%T requires time_t ptr

14 years agoremoved my time_t printf handler patch, applied the one of andreas (64bit save)
Martin Willi [Thu, 8 Feb 2007 15:22:21 +0000 (15:22 -0000)]
removed my time_t printf handler patch, applied the one of andreas (64bit save)

14 years agofixed printf() hooks for time
Martin Willi [Thu, 8 Feb 2007 14:31:59 +0000 (14:31 -0000)]
fixed printf() hooks for time

14 years agoadded support for NULL encryption in ESP
Martin Willi [Thu, 8 Feb 2007 13:54:42 +0000 (13:54 -0000)]
added support for NULL encryption in ESP

14 years agobe more liberal in accepting notifies with a protocol id
Martin Willi [Thu, 8 Feb 2007 13:53:41 +0000 (13:53 -0000)]
be more liberal in accepting notifies with a protocol id

14 years agoinclude NO_EXT_SEQUENCE_NUMBER in default proposal
Martin Willi [Thu, 8 Feb 2007 13:31:31 +0000 (13:31 -0000)]
include NO_EXT_SEQUENCE_NUMBER in default proposal

14 years agooutput peer id if RSA public key is not found
Andreas Steffen [Fri, 2 Feb 2007 11:04:05 +0000 (11:04 -0000)]
output peer id if RSA public key is not found

14 years agofixed typo
Andreas Steffen [Fri, 2 Feb 2007 11:03:33 +0000 (11:03 -0000)]
fixed typo

14 years agoversion bump to 4.0.8
Andreas Steffen [Fri, 2 Feb 2007 11:02:29 +0000 (11:02 -0000)]
version bump to 4.0.8

14 years agoadded address listing without getifaddrs for uclibc (only IPv4 yet)
Martin Willi [Fri, 2 Feb 2007 09:58:59 +0000 (09:58 -0000)]
added address listing without getifaddrs for uclibc (only IPv4 yet)

14 years agoadded threads to support multiple simultaneous stroke requests
Martin Willi [Fri, 2 Feb 2007 07:30:19 +0000 (07:30 -0000)]
added threads to support multiple simultaneous stroke requests

14 years agorenamed all static clone() functions to avoid naming conflicts with uclibc
Martin Willi [Thu, 1 Feb 2007 15:24:10 +0000 (15:24 -0000)]
renamed all static clone() functions to avoid naming conflicts with uclibc

14 years agosending proper signal to the bus when detecting a dead peer
Martin Willi [Thu, 1 Feb 2007 15:23:31 +0000 (15:23 -0000)]
sending proper signal to the bus when detecting a dead peer

14 years agoadded configuration of XAUTH and ModeConfig push mode
Andreas Steffen [Mon, 29 Jan 2007 08:38:17 +0000 (08:38 -0000)]
added configuration of XAUTH and ModeConfig push mode

14 years agoversion bump
Andreas Steffen [Mon, 29 Jan 2007 07:47:31 +0000 (07:47 -0000)]
version bump

14 years agoversion bump
Andreas Steffen [Mon, 29 Jan 2007 07:47:03 +0000 (07:47 -0000)]
version bump

14 years agoCisco XAUTH interoperability
Andreas Steffen [Mon, 29 Jan 2007 07:46:09 +0000 (07:46 -0000)]
Cisco XAUTH interoperability

14 years agoXAUTH interoperability with Cisco
Andreas Steffen [Mon, 29 Jan 2007 07:43:34 +0000 (07:43 -0000)]
XAUTH interoperability with Cisco

14 years agoremoved IPSECPOLICY compile option
Andreas Steffen [Mon, 29 Jan 2007 07:42:30 +0000 (07:42 -0000)]
removed IPSECPOLICY compile option

14 years agounload xauth_module only if XAUTH_DEFAULT_LIB is defined
Andreas Steffen [Sun, 28 Jan 2007 00:14:50 +0000 (00:14 -0000)]
unload xauth_module only if XAUTH_DEFAULT_LIB is defined

14 years agoloading the XAUTH module requires libdl
Andreas Steffen [Sun, 28 Jan 2007 00:08:49 +0000 (00:08 -0000)]
loading the XAUTH module requires libdl

14 years agoadded some more attributes, inst XAUTH_TYPE in reply
Andreas Steffen [Fri, 26 Jan 2007 18:09:28 +0000 (18:09 -0000)]
added some more attributes, inst XAUTH_TYPE in reply

14 years agoMode Config refactoring
Andreas Steffen [Thu, 25 Jan 2007 19:40:34 +0000 (19:40 -0000)]
Mode Config refactoring

14 years agoXAUTH fixes and Cisco Unity support
Andreas Steffen [Thu, 25 Jan 2007 19:39:50 +0000 (19:39 -0000)]
XAUTH fixes and Cisco Unity support

14 years agolog APPLICATION_VERSION and UNITY_DDNS_HOSTNAME strings
Andreas Steffen [Wed, 24 Jan 2007 07:38:36 +0000 (07:38 -0000)]
log APPLICATION_VERSION and UNITY_DDNS_HOSTNAME strings

14 years agoadded Cisco Unity ModeCfg attributes
Andreas Steffen [Sun, 21 Jan 2007 08:45:10 +0000 (08:45 -0000)]
added Cisco Unity ModeCfg attributes

14 years agoversion bump to 4.0.7
Andreas Steffen [Sat, 20 Jan 2007 17:56:57 +0000 (17:56 -0000)]
version bump to 4.0.7

14 years agofixed 64 bit issue with print time
Andreas Steffen [Sat, 20 Jan 2007 15:13:05 +0000 (15:13 -0000)]
fixed 64 bit issue with print time

14 years agofixed XAUTHResp bug
Andreas Steffen [Mon, 15 Jan 2007 07:45:42 +0000 (07:45 -0000)]
fixed XAUTHResp bug

14 years agoincluded xauth.h
Andreas Steffen [Sun, 14 Jan 2007 10:25:37 +0000 (10:25 -0000)]
included xauth.h

14 years agouse uml_mconsole to check end of booting process
Andreas Steffen [Thu, 11 Jan 2007 20:07:05 +0000 (20:07 -0000)]
use uml_mconsole to check end of booting process

14 years agoname the created CHILD_SA
Andreas Steffen [Thu, 11 Jan 2007 20:03:38 +0000 (20:03 -0000)]
name the created CHILD_SA