strongswan.git
2021-02-16 Tobias Brunnerpts: Don't rely on BIOS event buffer to be null terminated
2021-02-16 Tobias Brunnertls-crypto: Fix potential memory leak
2021-02-16 Tobias Brunnerike-sa-manager: Ensure we were able to create a new...
2021-02-16 Tobias Brunnergithub: Bump wolfSSL to 4.7.0
2021-02-16 Fedor Korotkovcirrus: Use FreeBSD 12.2
2021-02-15 Tobias Brunnergithub: Fix emojis in templates
2021-02-15 Tobias Brunnergithub: Add security policy
2021-02-15 Tobias Brunnergithub: Add issue templates
2021-02-15 René Fischerbotan: Use strongSwan's RNG interface in Botan plugin
2021-02-15 Tobias Brunnerbotan: Extract helper function to map RNG quality to...
2021-02-15 Tobias Brunnerbotan: Look for Botan 3 in configure script
2021-02-12 Tobias Brunnerike-sa: Avoid possible integer underflow when schedulin...
2021-02-12 Tobias Brunnerha: Register new IKE_SAs before calling inherit_post()
2021-02-12 Tobias Brunnerike-rekey: Register new IKE_SA before calling inherit_p...
2021-02-12 Tobias Brunnerike-sa-manager: Add a method to register/check out...
2021-02-12 Tobias Brunnerike-sa-manager: Rename checkout_new() to create_new()
2021-02-12 Tobias BrunnerRemove redundant calls to set peer config after checkin...
2021-02-12 Tobias Brunnerike-sa-manager: Make checkout_by_config() atomic
2021-02-12 Tobias BrunnerMerge branch 'tls13'
2021-02-12 Tobias Brunnertls-crypto: Simplify and extend cipher config filter
2021-02-12 Tobias Brunnerproposal: Add aliases for AES-GCM/CCM without explicit...
2021-02-12 Tobias Brunnertls-server: Support x25519/448 for TLS 1.2
2021-02-12 Tobias Brunnertls-crypto: Fallback to any supported ECDH group
2021-02-12 Tobias Brunnertls-crypto: Don't filter suites with specific ECDH...
2021-02-12 Tobias Brunnerdiffie-hellman: Classify x25519 and x448 as ECDH methods
2021-02-12 Pascal Knechttls-crypto: Add signature scheme config file filter
2021-02-12 Pascal Knechttls-crypto: Rename DH group/key exchange method config...
2021-02-12 Tobias Brunnerlibtls: Increase default min version to 1.2
2021-02-12 Tobias Brunnertls-peer: Verify server selects the same cipher suite...
2021-02-12 Tobias Brunnertls-server: Select cipher suite also when handling...
2021-02-12 Tobias Brunnertls-server: Remove unused variable
2021-02-12 Pascal Knechtlibtls: Add downgrade protection for TLS 1.3 and TLS 1.2
2021-02-12 Shmulik Ladkanitls-server: Optionally omit CAs in CertificateRequest...
2021-02-12 Tobias Brunnertls-eap: Conclude EAP method also after processing...
2021-02-12 Tobias Brunnerlibtls: Only run socket tests with EdDSA keys if they...
2021-02-12 Tobias Brunnertls-peer: Don't log anything if we are not sending...
2021-02-12 Tobias Brunnertls-crypto: Only log modified TLS versions if successfu...
2021-02-12 Tobias Brunnerlibtls: Reduce default max version to 1.2
2021-02-12 Tobias Brunnerlibtls: Make min/max TLS version configurable
2021-02-12 Pascal Knechttest-hkdf: Add two test cases and restructure all tests
2021-02-12 Pascal Knechttls-hkdf: Implement binder PSK generation
2021-02-12 Pascal Knechttls-hkdf: Implement resumption key generation
2021-02-12 Pascal Knechttls-peer: Mutual authentication support for TLS 1.3
2021-02-12 Pascal Knechttls-peer: Derive application traffic keys after server...
2021-02-12 Pascal Knechttls-peer: Use private key enumeration also in TLS versi...
2021-02-12 Pascal Knechttls-crypto: Share private key search between client...
2021-02-12 Pascal Knechttls-test: Add support to require/verify client certificates
2021-02-12 Pascal Knechttls-server: Mutual authentication support for TLS 1.3
2021-02-12 Pascal Knechttls-server: Terminate connection if peer certificate...
2021-02-12 Pascal Knechttls-server: Make CertificateRequest conditional in...
2021-02-12 Pascal Knechttls-server: Share trusted public key search between...
2021-02-12 Pascal Knechttls-crypto: Move AEAD ownership to the protection layer
2021-02-12 Pascal Knechttls-hkdf: Always use correct base key to derive finishe...
2021-02-12 Pascal Knechtlibtls: Add unit tests for Ed25519 and Ed448 keys
2021-02-12 Pascal Knechttls-test: Load keys of any type
2021-02-12 Pascal Knechttls-crypto: Support EdDSA keys with ECDSA cipher suites
2021-02-12 Pascal Knechttls-server: Consider supported signature algorithms...
2021-02-12 Pascal Knechttls-crypto: Distinguish between signing and verifying...
2021-02-12 Pascal Knechttls-server: Check if peer sent hash and signature algor...
2021-02-12 Pascal Knechttls-crypto: Add missing signature scheme constants
2021-02-12 Pascal Knechttls-server: Fix invalid signature algorithm and support...
2021-02-12 Pascal Knechttls-server: Support multiple client key shares
2021-02-12 Pascal Knechtlibtls: Add TLS version negotiation test cases
2021-02-12 Pascal Knechttls-server: Support HelloRetryRequest (HRR)
2021-02-12 Pascal Knechttls-crypto: Add support to configure DH groups to use
2021-02-12 Tobias Brunnerdiffie-hellman: Add enum names that match proposal...
2021-02-12 Pascal Knechttls-crypto: Generalizing DH group to TLS group mapping
2021-02-12 Pascal Knechttls-server: Support KeyUpdate requests and answers
2021-02-12 Pascal Knechttls-server: Refactor writing of key share extensions
2021-02-12 Pascal Knechttls-server: TLS 1.3 support for TLS server implementation
2021-02-12 Pascal Knechttls-crypto: Rename parameter to be more consistent
2021-02-12 Pascal Knechttls-crypto: Fix invalid signature algorithm list building
2021-02-12 Pascal Knechtlibtls: Add missing cipher suite and TLS extension...
2021-02-12 Pascal Knechttls-crypto: Rework cipher suite preference order
2021-02-12 Tobias Brunnertls-server: Determine supported/configured suites and...
2021-02-12 Pascal Knechttls-crypto: Check if TLS versions and cipher suites...
2021-02-12 Pascal Knechttls-peer: Don't initiate TLS connection if no cipher...
2021-02-12 Tobias Brunnertls-test: Make plugin list configurable via environment...
2021-02-12 Tobias Brunnertls-peer: Return INVALID_STATE after changing TLS 1...
2021-02-12 Tobias Brunnertls-crypto: Generate MSK for TLS 1.3
2021-02-12 Tobias Brunnertls-hkdf: Add method that allows exporting key material
2021-02-12 Tobias Brunnertls-hkdf: Handle label expansion inside expand_label()
2021-02-12 Tobias Brunnertls-hkdf: Pass secret to derive_secret() explicitly
2021-02-12 Tobias Brunnertls-hkdf: Store OKM in local variables
2021-02-12 Tobias Brunnertls-crypto: Add support for RSA-PSS signatures
2021-02-12 Tobias Brunnertls-peer: Support answering KeyUpdate requests
2021-02-12 Tobias Brunnertls-socket: Change how EOF of the underlying socket...
2021-02-12 Tobias Brunnertls-peer: Add support to handle KeyUpdate message
2021-02-12 Tobias Brunnertls-crypto: Add method to update application traffic...
2021-02-12 Tobias Brunnertls-hkdf: Support updating client/server traffic secrets
2021-02-12 Tobias Brunnertls-socket: Don't fail reading if sending data failed
2021-02-12 Tobias Brunnertls-peer: Correctly handle classic ECDH key-share format
2021-02-12 Tobias Brunnertls-test: Add options to configure TLS versions
2021-02-12 Tobias Brunnertls-socket: Allow configuring both minimum and maximum...
2021-02-12 Tobias Brunnertls: Allow setting both minimum and maximum TLS versions
2021-02-12 Tobias Brunnertls-peer: Handle HelloRetryRequest
2021-02-12 Tobias Brunnertls-crypto: Add method to hash handshake data and use...
2021-02-12 Tobias Brunnertls-crypto: Destroy HKDF instance if keys are derived...
2021-02-12 Tobias Brunnertls-peer: Refactor writing of extensions and use less...
2021-02-12 Tobias Brunnertls-peer: Refactor sending/processing finished message
next