f8a362bfbc
bypass-lan: Add plugin that installs bypass policies for locally attached subnets
2017-02-08 10:38:28 +01:00
9ad147ac63
Version bump to 5.5.2dr4
2017-01-02 15:46:27 +01:00
65797c9faf
Version bump to 5.5.2dr3 and Linux kernel 4.9
2016-12-17 18:10:13 +01:00
016228c158
configure: Check for actual functions in libraries with AC_CHECK_LIB
...
Checking for `main` produces code like this in the test program:
int
main ()
{
return main ();
;
return 0;
}
This recursive call results in a warning message with some compilers (e.g.
Clang in newer Xcode versions: "all paths through this function will call
itself [-Winfinite-recursion]"), which lets the tests fail when compiling
with -Werror.
2016-12-02 16:56:13 +01:00
011195f1a9
Version bump to 5.5.2dr2
2016-11-14 16:20:51 +01:00
9d170c18bc
configure: Enable curve25519 plugin by default
2016-11-14 16:20:51 +01:00
7f9bfacd5a
curve25519: Add a plugin providing Curve25519 DH using backend drivers
2016-11-14 16:20:51 +01:00
4a97999466
Version bump to 5.5.2dr1
2016-10-30 17:34:05 +01:00
e6a4bd83ff
Version bump to 5.5.1
2016-10-20 12:57:00 +02:00
4d77fcbec9
Version bump to 5.5.1rc2
2016-10-18 18:14:57 +02:00
ede17556ad
configure: Reorder mgf1 in list of crypto plugins
2016-10-18 11:44:30 +02:00
a617223ed5
Version bump to 5.5.1rc1
2016-10-11 19:21:36 +02:00
6b3e408ba5
Version bump to 5.5.1dr5
2016-09-22 17:36:37 +02:00
e31ed9ab98
Version bump to 5.5.1dr4
2016-09-21 14:14:42 +02:00
188b190a70
mgf1: Refactored MGF1 as an XOF
2016-09-21 06:40:52 +02:00
d8f27ba679
maemo: Remove unused plugin
2016-09-15 18:33:52 +02:00
8aaa6de322
Version bump to 5.5.1dr3
2016-09-15 11:45:17 +02:00
d2577aa3c5
Version bump to 5.5.1dr2
2016-08-26 22:55:41 +02:00
6e19a1f5f2
configure: Improve check for built-in __atomic_* functions
...
With AC_SEARCH_LIBS() we don't succeed if the searched function is a
built-in as the check uses the wrong signature so the built-in will not
be applied (the warning issued by GCC is "conflicting types for built-in
function '...'"). So even if not required, libatomic will be linked if
it is found, which could be problematic if compiling on a separate host
and the target host does not have libatomic installed.
Also, some tests showed that it's more likely that __atomic_and_fetch()
requires linking libatomic than __atomic_load_n() does.
References #1533 .
2016-08-26 09:59:01 +02:00
603a1d3c8f
utils: Fix definition of BYTE_ORDER with MinGW
2016-08-24 10:40:57 +02:00
5afaf0dba2
Version bump to 5.5.1dr1
2016-08-10 18:11:53 +02:00
1342bd3386
unit-tests: Created newhope unit-tests
2016-08-10 14:22:00 +02:00
393688aea0
Created newhope plugin implementing the New Hope key exchange algorithm
2016-08-10 14:22:00 +02:00
d305f251a5
Created libnttfft
...
This makes Number Theoretic Transforms (NTT) based on the efficient
Fast-Fourier-Transform (FFT) available to multiple plugins.
2016-07-29 12:36:15 +02:00
0274163674
libtpmtss: Use pkconfig to configure TSS 2.0 includes and libraries
2016-07-20 11:26:07 +02:00
74de8c3727
Version bump to 5.5.0
2016-07-13 13:26:16 +02:00
8fafbffdb7
Version bump to 5.5.0rc1
2016-06-30 16:28:28 +02:00
aaa37f590d
configure: Enable respective TSS if aikgen/-pub2 are enabled
2016-06-28 11:30:20 +02:00
6a24637dcb
Version bump to 5.5.0dr1
2016-06-26 20:11:30 +02:00
30d4989aec
libimcv: migrate pts to tpm_tss
2016-06-22 15:33:44 +02:00
c08753bdf4
Created libtpmtss library handling access to v1.2 and v2.0 TPMs
2016-06-22 15:33:43 +02:00
87d356dc47
aikpub2: Convert TSS 2.0 AIK public key blob into PKCS#1 format
2016-06-22 15:33:43 +02:00
a35ee9f402
Revert "configure: Cache result of pthread_condattr_setclock() check"
...
This reverts commit 8d79bfa831#1502 .
2016-06-17 15:04:17 +02:00
8d79bfa831
configure: Cache result of pthread_condattr_setclock() check
...
Even if not using caching when running the configure script (-C) this
allows pre-defining the result by setting the environment variable
ss_cv_func_pthread_condattr_setclock_monotonic=yes|no|unknown
before/while running the script.
As the check requires running a test program this might be helpful
when cross-compiling to disable using monotonic time if
pthread_condattr_setclock() is defined but not actually usable with
CLOCK_MONOTONIC.
References #1502 .
2016-06-17 11:36:48 +02:00
e827e78483
configure: Fix typo in pthread_condattr_setclock() check
2016-06-17 11:36:46 +02:00
518a5b2ece
configure: Check for and explicitly link against -latomic
...
Some C libraries, such as uClibc, require an explicit link for some atomic
functions. Check for any libatomic, and explcily link it.
2016-06-14 14:27:20 +02:00
989db1bf2f
configure: Check for a potential -lpthread by using -ldl
...
Some pthread library variants depend on libdl, hence we must pass such a
library to successfully build against libpthread.
2016-05-18 14:46:20 +02:00
1aeaccad11
Version bump to 5.4.1dr4
2016-05-13 12:49:52 +02:00
5d5ecd8e72
vici: Replace dr with dev in version numbers for the Python egg
...
The versioning scheme used by Python (PEP 440) supports the rcN suffix
but development releases have to be named devN, not drN, which are
not supported and considered legacy versions.
2016-05-10 12:16:13 +02:00
26aa9c638d
Version bump to 5.4.1dr3
2016-05-08 09:06:16 +02:00
ab1cebda3a
Version bump to 5.4.1dr2
2016-05-06 22:29:32 +02:00
e8c73c1cf0
configure: Replace two remaining usages of AC_HAVE_LIBRARY with AC_CHECK_LIB
2016-04-15 10:31:19 +02:00
c407f163e6
Version bump to 5.4.1dr1
2016-04-11 10:24:12 +02:00
7a117eeaec
Version bump to 5.4.0
2016-03-22 11:20:36 +01:00
12ac5fac1a
p-cscf: Add plugin stub
2016-03-10 11:57:38 +01:00
724f590711
Version bump to 5.4.0rc1
2016-03-05 18:18:12 +01:00
fe1f915b07
Version bump to 5.4.0dr8
2016-03-04 20:55:55 +01:00
8ea4cb3e5d
thread: Allow thread ID to be value returned by gettid()
...
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
2016-03-04 09:12:11 +01:00
28649f6d91
libhydra: Remove empty unused library
2016-03-03 17:36:11 +01:00
dec9e1957f
libhydra: Move all kernel plugins to libcharon
2016-03-03 17:36:11 +01:00
794cfbad71
Version bump to 5.4.0dr7
2016-02-28 15:56:06 +01:00
fc0f8466db
Version bump to 5.4.0dr6
2016-02-16 18:17:44 +01:00
927f733159
Version bump to 5.4.0dr5
2016-01-28 09:41:05 +01:00
9492e12e61
Version bump to 5.4.0dr4
2016-01-10 01:39:08 +01:00
1990eeebfe
Version bump to 5.4.0dr3
2016-01-03 06:28:49 +01:00
b15f987ddd
configure: Support systemd >= 209
...
libsystemd-journal and libsystemd-daemon are now just
part of libsystemd.
Keep original systemd checks as a fallback.
Updates charon-systemd/Makefile.am accordingly.
Tested on:
- debian wheezy (systemd v44)
- ubuntu 15.10 (systemd v255).
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
Closes strongswan/strongswan#24 .
2015-12-21 11:53:31 +01:00
6943db5679
Version bump to 5.4.0dr2
2015-12-18 15:25:50 +01:00
2d9c68b8a8
configure: Enable vici plugin and swanctl by default
2015-12-17 17:49:48 +01:00
020d8c8f26
configure: Fix typo when enabling CPAN modules as dependency
...
Fixes: a17b6d469c
2015-12-14 11:49:51 +01:00
5e2b740a00
128 bit default security strength requires 3072 bit prime DH group
2015-12-14 10:39:40 +01:00
2b39da2634
configure: Link against potential -ldl when checking for OpenSSL libcrypto
2015-12-04 08:02:03 +01:00
fc235f90fe
Version bump to 5.4.0dr1
2015-12-01 15:06:23 +01:00
a17b6d469c
Built the CPAN file structure for the Vici::Session perl module
2015-12-01 14:52:43 +01:00
a101bce862
Implement vici Perl binding
2015-12-01 14:52:43 +01:00
66021f7263
Version bump to 5.3.5
2015-11-26 09:56:10 +01:00
8e9adf3d09
Version bump to 5.4.0dr1
2015-11-16 16:36:50 +01:00
722714bdfe
Version bump to 5.3.4
2015-11-16 13:22:25 +01:00
ef4279f2e5
utils: Provide a fallback for sigwaitinfo() if needed
...
Apparently, not available on Mac OS X 10.10 Yosemite. We don't provide
this on Windows.
2015-11-13 18:24:45 +01:00
bec682e1da
Version bump to 5.3.4rc1
2015-11-13 12:18:28 +01:00
0748517582
Version bump to 5.3.4dr3
2015-11-10 16:54:38 +01:00
32ebb56c5b
configure: Load sha1 and random plugins in manager by default
...
If the openssl plugin is not enabled we need these to generate session
IDs and to authenticate the users.
The md4 plugin is not needed in the manager.
Fixes #1168 .
2015-11-09 11:03:47 +01:00
f1f7134ecb
Version bump to 5.3.4dr2
2015-11-06 16:07:04 +01:00
6590298dad
Version bump to 5.3.4dr1
2015-11-04 19:42:17 +01:00
a488584b5f
Implemented SHA-3 hash algorithm including test vectors
2015-11-03 21:35:09 +01:00
a215008c11
Version bump to 5.3.3
2015-09-06 15:05:36 +02:00
01604016f7
Version bump to 5.3.3rc2
2015-09-01 13:16:43 +02:00
5de8703ee0
Version bump to 5.3.3rc1
2015-08-25 15:10:13 +02:00
46686372c6
Version bump to 5.3.3dr6
2015-08-19 07:18:30 +02:00
b48ffcb1b3
Implemented HCD IMC and IMV
2015-08-18 21:25:38 +02:00
6ef4668626
pki: Add --dn command to extract the subject DN of a certificate
2015-08-17 11:34:01 +02:00
6d9cd1d66b
utils: Check for dirfd(3)
...
Not all POSIX compatible systems might provide it yet. If not, we close
the lowest FD to close and hope it gets reused by opendir().
2015-08-17 11:19:48 +02:00
f25f4192c7
utils: Directly use syscall() to close open FDs in closefrom()
...
This avoids any allocations, since calling malloc() after fork() is
potentially unsafe.
Fixes #990 .
2015-08-17 11:19:44 +02:00
cdd7d2b197
Version bump to 5.3.3dr5
2015-08-16 09:04:42 +02:00
16c4dd8f26
Version bump to 5.3.3dr4
2015-08-10 07:48:14 +02:00
3103c68210
configure: Explicitly disable unused parameter warnings in qsort_r test
...
When compiling with -Wextra (and without disabling these warnings
globally) the tests would otherwise fail due to the unused arguments in
the cmp() functions.
Fixes #1053 .
2015-08-04 19:08:30 +02:00
e0d3a2a873
Version bump to 5.3.3dr3
2015-07-31 17:47:14 +02:00
41458e3362
Version bump to 5.3.3dr2
2015-07-28 14:28:58 +02:00
41aa7eb531
Version bump to 5.3.3dr1
2015-07-21 23:15:36 +02:00
29e3544f1f
libipsec: Add a unit-test test runner
2015-07-12 13:54:08 +02:00
42459b41f0
configure: Check if building against a x86/x64 architecture
...
This allows us to include compiler flags specific for them, such as MMX/SSE.
2015-06-29 17:32:14 +02:00
370fb3feb0
chapoly: Provide a generic ChaCha20/Poly1305 AEAD supporting driver backends
2015-06-29 17:32:14 +02:00
3ea5d437fb
Version bump to 5.3.2
2015-06-08 09:56:34 +02:00
f284c17890
Version bump to 5.3.1
2015-06-01 09:50:48 +02:00
d6b75c9563
List attribute request entries also during build
2015-05-24 09:17:29 +02:00
f16f792e17
vici: Make installation of Ruby Gem and Python Egg optional
...
Installing them might not work well when building distro packages (e.g.
with DESTDIR installs). It might be easier to install them later with a
script in the distro package.
When building from source on the local system it could still be useful to
install the packages directly, which can be enabled with separate configure
options.
The main problem with DESTDIR installations of the Python Egg is that
easy_install creates or modifies a file called easy-install.pth in the
installation directory. So it's not actually possible to simply copy
the results in DESTDIR over to the actual system as that file would have
to be merged with any existing one.
Fixes #914 .
2015-05-21 17:22:01 +02:00
17a2e00a31
Version bump to 5.3.1dr1
2015-04-24 11:35:42 +02:00
78c04b5d4d
aesni: Provide a plugin stub for AES-NI instruction based crypto primitives
2015-04-15 11:35:26 +02:00
036c7b63c0
configure: Check for __int128 type support
2015-04-14 12:03:40 +02:00
ef5f96366e
Version bump to 5.3.0
2015-03-27 20:56:44 +01:00
cf9befcba4
Version bump to 5.3.0rc1
2015-03-23 23:15:31 +01:00
07302b2f7c
configure: Check optional py.test availability when building with python eggs
2015-03-18 13:59:15 +01:00
2c8c52c4e2
vici: Include python package in distribution
2015-03-18 13:59:14 +01:00
374b3db191
configure: Add --enable-python-eggs and --with-pythoneggdir options
...
Detect easy_install for Python egg installation to install any egg we provide
in strongSwan.
2015-03-18 13:59:13 +01:00
afc1b67344
Version bump to 5.3.0dr2
2015-03-16 17:15:58 +01:00
1735d80f38
files: Add simple plugin to load files from file:// URIs
2015-03-09 16:08:52 +01:00
4e92441d0c
Remove obsolete _updown_espmark script
...
According to NEWS it was created to support kernels < 2.6.16.
2015-03-06 16:51:50 +01:00
c6595222d6
Version bump to 5.3.0dr1
2015-02-26 09:12:54 +01:00
89b60e9fd7
configure: Use pkg-config to detect libiptc used by connmark/forecast
...
This ensures the library is available. On Debian/Ubuntu it is a dynamic
library provided by the iptables-dev package.
2015-02-23 12:35:28 +01:00
e5ad2e6614
forecast: Add the broadcast/multicast forwarding plugin called forecast
2015-02-20 16:34:55 +01:00
8c2290dcf9
connmark: Add a plugin stub
2015-02-20 15:33:59 +01:00
124490a8e0
unit-tester: Drop the old unit-tester libcharon plugin
...
While it has some tests that we don't directly cover with the new unit tests,
most of them require special infrastructure and therefore have not been used
for a long time.
2015-02-20 13:34:55 +01:00
1f29cd2c5d
libcharon: Add a test runner
2015-02-20 13:34:55 +01:00
82e4b83378
attr-sql: Move plugin to libcharon
2015-02-20 13:34:55 +01:00
c6c7f97a1d
attr: Move plugin to libcharon
2015-02-20 13:34:54 +01:00
6bfd1fbb71
resolve: Move plugin back to libcharon
...
Since pluto is gone, all existing users build upon libcharon.
2015-02-20 13:34:54 +01:00
482810141c
configure: Load SQL backends after crypto plugins
...
If the MySQL client library is linked against OpenSSL the mysql plugin
will cause a segmentation fault when it is unloaded after the openssl
plugin has already been deinitialized. This is very similar to the issues
with curl (see 44b6a34d43Fixes #814 .
2015-02-10 16:08:09 +01:00
e9878d72db
Version bump to 5.2.2
2014-12-23 15:40:02 +01:00
374b569ed0
pki: Add simple PKCS#12 display command
2014-12-12 13:11:29 +01:00
a23d3073e3
pki: Load hmac plugin which is required to decrypt PKCS#12 containers
2014-12-12 13:11:29 +01:00
dce6f69546
Version bump to 5.2.2rc1
2014-12-12 12:00:20 +01:00
700df23886
bliss: Fix monolithic build
...
This requires moving test files so that the Makefile for the tests can be
included after building libstrongswan, which requires the plugin when
building monolithically. Due to this a static helper library is required
as directly referring to object files (or source files) is not possible.
It's also necessary to avoid any link-time dependency on libstrongswan in
bliss_huffman, to avoid circular dependencies (bliss_huffman -> libstrongswan
-> bliss -> bliss_huffman).
2014-12-12 12:00:20 +01:00
32d19652f1
Version bump to 5.2.2dr1
2014-11-29 15:00:10 +01:00
9d5b91d198
Created framework for BLISS post-quantum signature algorithm
2014-11-29 14:51:14 +01:00
385d4486ba
libhydra: Add test runner
2014-10-30 12:32:44 +01:00
4b1b91913a
Version bump to 5.2.1
2014-10-18 12:12:17 +02:00
4e37bdbf57
kernel-pfroute: Check for RTM_IFANNOUNCE availability
...
This message is not available on OS X.
2014-10-14 16:33:10 +02:00
f684be6583
vici: Use "gem"-assisted vici ruby gem building and installation
2014-10-10 11:42:17 +02:00
409f1fc144
configure: Add global --enable-ruby-gems and --with-rubygemdir options
...
This provides the options to build and install ruby gems for components
providing them, such as vici.
2014-10-10 11:42:17 +02:00
f83215bbdb
version bump to 5.2.1rc1
2014-10-06 23:14:13 +02:00
b2c1973ffb
ext-auth: Add an ext-auth plugin invoking an external authorization script
...
Original patch courtesy of Vyronas Tsingaras.
2014-10-06 18:30:46 +02:00
d6fb2cc6e3
Merged libpts into libimcv
2014-10-05 12:55:37 +02:00
44b6a34d43
configure: Load fetcher plugins after crypto base plugins
...
Some fetcher plugins (such as curl) might build upon OpenSSL to implement
HTTPS fetching. As we set (and can't unset) threading callbacks in our
openssl plugin, we must ensure that OpenSSL functions don't get called after
openssl plugin unloading.
We achieve that by loading curl and all other fetcher plugins after the base
crypto plugins, including openssl.
2014-09-24 17:34:54 +02:00
0097141858
init: Provide a service file for charon-systemd using swanctl
2014-09-22 14:19:38 +02:00
b2f76c514d
systemd: Check if ./configure detected a systemd system unit directory
2014-09-22 14:19:38 +02:00
db8ae75bf6
systemd: Discover and check systemd libraries with pkg-config during configure
2014-09-22 14:19:38 +02:00
73ed38e74f
systemd: Provide a charon-systemd daemon targeting full systemd integration
2014-09-22 13:55:11 +02:00
b04f40406d
configure: Add additional includes when checking for linux/fib_rules.h
...
This seems to be required on Cent OS 6.5.
2014-08-11 18:40:18 +02:00
fafed376e7
imv-swid: Use pkg-config to check for libjson-c
...
The package/library is called libjson-c on recent distributions.
Some like Ubuntu 14.04 provide symlinks with the old name but these
will eventually disappear. Using pkg-config allows us to easily check
for it (with a fallback) and configure the proper compiler flags.
Fixes #663 .
2014-07-30 16:57:00 +02:00
13ec4cf2ad
Version bump to 5.2.1dr1
2014-07-16 15:59:56 +02:00
af494268fb
Version bump to 5.2.0
2014-07-08 15:24:31 +02:00
38f27e172c
conf: Document swanctl options
2014-06-30 13:25:13 +02:00
4d066ef7fc
conf: Document aikgen options
2014-06-30 13:25:13 +02:00
3986c1e3fd
autoconf: Replace --disable-tools option with --disable-scepclient
...
Since using a separate option for pki this was the only tool that was still
enabled by that option.
2014-06-30 13:25:13 +02:00
566d1a90cd
Remove kernel-klips plugin
2014-06-19 14:20:33 +02:00
f245ac6cc0
starter: Add tests for ipsec.conf parser
2014-06-19 14:00:48 +02:00
b16e177e06
Version bump to 5.2.0rc1
2014-06-15 11:40:15 +02:00
bd19e27ae3
windows: Do not check if having clock_gettime()
...
Windows does not have it, but libwinpthread has. If this library is available
during build, it will be linked, which we prefer to avoid.
2014-06-06 15:34:12 +02:00
9d228ddb04
Version bump to 5.2.0dr6
2014-06-06 11:18:17 +02:00
f48c26bce3
pki: Support complex trustchain and revocation checking in --verify
2014-06-04 16:34:16 +02:00
6f90fc8061
winhttp: Implement a http(s) fetcher based on Microsofts WinHTTP API
2014-06-04 16:34:15 +02:00
00780f0238
kernel-iph: Add a stub for a Windows IP Helper based networking backend
2014-06-04 16:32:07 +02:00
8d91eee3fc
kernel-wfp: Add a stub for a Windows Filtering Platform based IPsec backend
2014-06-04 16:32:05 +02:00
fb0b539084
socket-win: Implement a Windows socket plugin using Winsock2
2014-06-04 16:31:09 +02:00
3b7b806d27
windows: Compile with -mno-ms-bitfields if option not set explicitly
...
-mms-bitfields is the default in newer MinGWs, but it breaks
__attribute__((packed)).
2014-06-04 15:53:13 +02:00
0ca8541564
configure: Fix attribute((packed)) test when using -Werror
2014-06-04 15:53:13 +02:00
3ab6082a0f
configure: Mark conftest variable as unused to pass test with -Werror
...
When using -Werror, the warning for the unused variable would let the test fail,
even if in6addr_any is available.
2014-06-04 15:53:13 +02:00
2d42dce4a4
configure: Don't use -rdynamic with the LLVM toolchain
2014-06-04 15:53:13 +02:00
5cd28cd25a
pki: Provide a fallback if strptime() not supported
...
For simplicity, we support the default pki datetime format only, but optionally
accept four digit years for longer lifetimes.
2014-06-04 15:53:11 +02:00
b70849ada2
configure: Separate pki from --disable-tools
...
While pki builds and runs just fine on Windows, this is not true for scepclient.
2014-06-04 15:53:08 +02:00
4161ee6678
configure: Check if __attribute__((packed)) works as expected
...
This is really hard to detect if not, and is not unlikely. If -mms-bitfields
is given, the attribute does not work. Even worse, that switch is by default
on with GCC/MinGW 4.7+ for Windows targets.
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52991
2014-06-04 15:53:08 +02:00
ee2498e3d6
bus: Build syslog logger depending on syslog() availability
2014-06-04 15:53:05 +02:00
8e1c0d15a9
mysql: Add Windows support
...
As the mysql_config script is not available for Windows, we use a hardcoded
library name and no additional CFLAGS. This builds fine against the binary
MySQL Connector/C distribution.
2014-06-04 15:53:04 +02:00
df4341747c
charon-svc: Implement a Windows IKE service using libcharon
...
The resulting binary can be either run as Windows service or directly as
console application.
2014-06-04 15:53:04 +02:00
b9dca7057c
filelog: Ignore flush_line option if setlinebuf() not supported
2014-06-04 15:53:04 +02:00
c6503d451a
charon: Don't use syslog() if not supported
2014-06-04 15:53:03 +02:00
396baeaea2
windows: Never link to libpthread
2014-06-04 15:53:03 +02:00
b7a4d44bd0
openssl: Check and link against libeay32 instead of libcrypto on Windows
...
Most Windows OpenSSL builds come with the crypto library named libeay32.
2014-06-04 15:53:02 +02:00
4163421f91
plugins: Don't link with -rdynamic on Windows
2014-06-04 15:53:02 +02:00
a7e943a640
backtrace: Add DbgHelp based Windows support for creating/printing backtraces
2014-06-04 15:52:57 +02:00
ce24e0d3e5
configure.ac: Define USE_WINDOWS for Automake when building for Windows
2014-06-03 12:24:34 +02:00
bee82725eb
Check for libjson
2014-05-31 20:37:56 +02:00
e2c9f6ce04
Version bump to 5.2.0dr5
2014-05-31 20:37:26 +02:00
6becc59dc8
Version bump to 5.2.0dr4
2014-05-14 09:57:08 +02:00
92b5626055
Version bump to 5.2.0dr3
2014-05-12 07:39:33 +02:00
85d26e0c87
swanctl: Add a swanctl command overview manpage
2014-05-07 15:48:17 +02:00
b18191ba0f
swanctl: Generate swanctl.conf(5) man page
2014-05-07 15:48:16 +02:00
7c8a907895
swanctl: Use a ./configure-able swanctl base directory
2014-05-07 15:48:14 +02:00
e381e69f9b
swanctl: Add a stub for a vici based configuration and control utility
2014-05-07 15:48:10 +02:00
6770cfe34a
vici: Add a plugin stub for the "Versatile IKE Control Interface" plugin
2014-05-07 14:13:34 +02:00
a0c2370ea5
utils: Enable __atomic* built-ins based on the GCC version
...
This solves a problem with GNAT when compiling charon-tkm as __atomic*
built-ins are only provided in GCC 4.7 and newer.
Currently GNAT 4.6 and GCC 4.7.2 is shipped with Debian wheezy (stable),
as used in the testing environment. So while the configure script correctly
detected the __atomic* built-ins, and defined HAVE_GCC_ATOMIC_OPERATIONS,
this define turned out to be incorrect when charon-tkm was later built
with GNAT.
2014-05-04 19:16:46 +02:00
9be1c8d175
aikgen generates AIK private/public key pairs
...
aikgen outputs a binary AIK private key blob and the AIK public key.
Optionally the Identity Request encrypted with the public key of
the Privacy CA can be output.
2014-05-03 15:28:17 +02:00
f2eb226653
Version bump to 5.2.0dr2
2014-04-27 19:15:11 +02:00
0f603d425d
utils: Use GCC's __atomic built-ins if available
...
These are available since GCC 4.7 and will eventually replace the __sync
operations. They support the memory model defined by C++11. For instance,
by using __ATOMIC_RELAXED for some operations on the reference counters we
can avoid memory barriers, which are required by __sync operations (whose
memory model essentially is __ATOMIC_SEQ_CST).
2014-04-24 17:54:14 +02:00
6d1b4b6baf
Version bump to 5.2.0dr1
2014-04-15 09:20:38 +02:00
266fcdce2b
Version bump to 5.1.3
2014-04-14 15:18:38 +02:00
c0efaaebe3
tls: Create a unit-test runner
2014-04-01 14:28:55 +02:00
dbd4fc074a
openac: Remove obsolete openac utility
...
The same functionality is now provided by the pki --acert subcommand.
2014-03-31 11:39:25 +02:00
5ac0e66879
acert: Implement a plugin finding, validating and evaluating attribute certs
...
This validator checks for any attribute certificate it can find for validated
end entity certificates and tries to extract group membership information
used for connection authorization rules.
2014-03-31 11:14:58 +02:00
6e8c665a51
pki: Add acert and extend pki/print manpages
2014-03-31 11:14:58 +02:00
045f25fc81
Version bump to 5.1.3rc1
2014-03-26 22:00:00 +01:00
4ffe02a75d
configure: Add an option to select a specific printf hook implementation
2014-03-20 15:49:05 +01:00
0e6f3a380a
configure: Add an option to enable all optional features/plugins
...
This has probably no real practical use, but it simplifies testing.
2014-03-20 15:29:27 +01:00
1c26ce2dc3
configure: Reorder and group feature options
2014-03-20 15:29:27 +01:00
9483f8ec59
Version bump to 5.1.3dr1
2014-03-07 21:56:34 +01:00
af15c71bfb
configure: Fix autoreconf with older autotools
...
Older autoconf versions (e.g. on CentOS 6.5) produce an empty else block
for the removed empty argument, which the shell then trips over when
executing ./configure.
Fixes #536 .
2014-03-03 17:14:26 +01:00
1d252e9dec
Version bump to 5.1.2
2014-02-27 22:46:52 +01:00
2ed241aeb3
utils: Add memrchr(3) replacement for platforms that don't support it
...
For instance, on Mac OS X memrchr(3) is not provided by the C library.
2014-02-26 11:05:07 +01:00
8f57961f4c
Version bump to 5.1.2rc2
2014-02-17 12:02:23 +01:00
7573a7ed56
conf: Only install config snippets for enabled components
2014-02-12 14:34:34 +01:00
c4bb26b849
conf: Split strongswan.conf(5) man page and use generated snippet
2014-02-12 14:34:33 +01:00
Tobias Brunner