ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
5,706 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

5706 Commits

Author SHA1 Message Date
Andreas Steffen 7ea87db00d added some more TLS debug output 2010-08-05 09:51:05 +02:00
Andreas Steffen 7030e3950a fixed type in cipher suite list build 2010-08-05 01:26:10 +02:00
Andreas Steffen 4657b3a42a log selected TLS version and cipher suite 2010-08-05 01:21:59 +02:00
Andreas Steffen 289c9ac3d7 log TLS handshake messages in debug level 2 2010-08-04 16:55:55 +02:00
Tobias Brunner 744b83c7c9 Fixed loading of secrets with IDs. 
Since the ID string is manually terminated by a null character, write
permission is required for the mmapped ipsec.secrets.
 2010-08-04 16:03:46 +02:00
Tobias Brunner dca2d89209 Fixed loading of private keys without password. 
The chunk storing the password was not correctly initialized, resulting
in a segmentation fault when no password was specified in ipsec.secrets.
 2010-08-04 14:22:48 +02:00
Tobias Brunner 83628fd600 Accept EAP_ONLY_AUTHENTICATION notifies from any client, now that IANA allocated an ID. 2010-08-04 12:58:53 +02:00
Andreas Steffen 8e7920eea1 generated aaa certificate 2010-08-04 12:44:47 +02:00
Tobias Brunner 12549bedea IKEv2 notification types updated. 2010-08-04 10:06:00 +02:00
Martin Willi e82186fb5a Reimplemented mem pool to support multiple leases for a single identity 2010-08-04 09:49:59 +02:00
Martin Willi 6e4f4d2fdf Save/Load state of PKCS#11 hasher 2010-08-04 09:26:22 +02:00
Martin Willi 83e52fd12d Register hmac/xcbc algorithms after potentially underlying PKCS#11 2010-08-04 09:26:22 +02:00
Martin Willi a3aeb89227 Do initial slot enumeration manually 2010-08-04 09:26:22 +02:00
Martin Willi 0f0fc891d8 Implemented hasher_t using PKCS#11 2010-08-04 09:26:22 +02:00
Martin Willi 66267ea515 Defer certificate loading until all PKCS#11 modules are loaded 2010-08-04 09:26:21 +02:00
Martin Willi 65858b83f8 Destroy IKE_SA Managers crypto primitives during flush, the plugins are gone in destroy 2010-08-04 09:26:21 +02:00
Martin Willi 5a27bf8ad8 Provide a public PKCS#11 mechanism enumerator 2010-08-04 09:26:21 +02:00
Martin Willi efab731338 Added PKCS#11 private key support to the pki tool 2010-08-04 09:26:21 +02:00
Martin Willi 089d554a01 The pki tool uses a callback credential set to read in passphrase/PIN 2010-08-04 09:26:21 +02:00
Martin Willi 0d08ebe7ac Pass type of requested key in the callback credential set 2010-08-04 09:26:21 +02:00
Martin Willi af007ed68a Support PKCS#11 keys requiring reauthentication for each operation 2010-08-04 09:26:21 +02:00
Martin Willi 199b17122d Do not try to log in if we already have a user session 2010-08-04 09:26:21 +02:00
Martin Willi 15177f5785 Obseleted BUILD_PASSPHRASE(_CALLBACK) for private key loading, use credential sets 2010-08-04 09:26:21 +02:00
Martin Willi 3429be9514 Use a dedicated build part for challenge passwords, BUILD_PASSPHRASE gets obsolete 2010-08-04 09:26:21 +02:00
Martin Willi 0556667dca Use credential sets to load smartcard keys 2010-08-04 09:26:21 +02:00
Martin Willi 70789d28a1 Handle PIN: as a magic keyword for prompt, use getpass() to silently read credentials 2010-08-04 09:26:21 +02:00
Martin Willi 62be923683 Implemented a callback based credential set, currently for shared keys only 2010-08-04 09:26:21 +02:00
Martin Willi 0749e91bec Implemented a generic in-memory credential set, currently for shared keys only 2010-08-04 09:26:21 +02:00
Martin Willi 9587ece534 mmap() ipsec.secrets instead malloc(), proper error checking 2010-08-04 09:26:21 +02:00
Martin Willi 947298b302 Splitted up the load_secrets() function 2010-08-04 09:26:21 +02:00
Martin Willi 1e4e29076c Updated ipsec.secrets.5 regarding IKEv2 smartcard support 2010-08-04 09:26:21 +02:00
Martin Willi 57522106c4 %prompt support for smartcard PIN via "ipsec secrets" 2010-08-04 09:26:20 +02:00
Martin Willi a0bdd5d63e Implemented callback PIN invocation for PKCS#11 login 2010-08-04 09:26:20 +02:00
Martin Willi 7afc00d03c Implemented keyid discovery on all modules/slots 2010-08-04 09:26:20 +02:00
Martin Willi 0b8b664056 Pass the PKCS11 keyid as chunk, not as string 2010-08-04 09:26:20 +02:00
Martin Willi 353d10d590 Reuse generic passphrase build part, not a dedicated PIN part 2010-08-04 09:26:20 +02:00
Martin Willi 5f1e4438cb Implemented private key on top of a PKCS#11 token 2010-08-04 09:26:20 +02:00
Martin Willi d007ce3206 Extended the PKCS#11 object enumerator by attribute retrieval 2010-08-04 09:26:20 +02:00
Martin Willi ddbac66028 Use the PKCS#11 object enumerator 2010-08-04 09:26:20 +02:00
Martin Willi 9baa41c52d Implemented a generic PKCS#11 object enumerator 2010-08-04 09:26:20 +02:00
Martin Willi cd251d9a21 Unload plugins in reverse order 2010-08-04 09:26:20 +02:00
Martin Willi 3479c27931 Support module names in %smartcard specifier, streamlined smartcard building 2010-08-04 09:26:20 +02:00
Martin Willi 36c852a08b Added enumerator for PKCS#11 tokens 2010-08-04 09:26:20 +02:00
Martin Willi fe876b24d9 Handle NOT_SUPPORT return value from WaitForSlot 2010-08-04 09:26:20 +02:00
Martin Willi 66033012c9 Reenabled dlclose 2010-08-04 09:26:20 +02:00
Martin Willi a6d2ec331b Implemented a credential set on top of a PKCS#11 token 2010-08-04 09:26:20 +02:00
Martin Willi 50a9e84540 Added NSPR PR_CallOnce to leak detective whitelist 2010-08-04 09:26:20 +02:00
Martin Willi 044e0dd1b1 Added buffer checking variants of syslog functions to leak detective 2010-08-04 09:26:20 +02:00
Martin Willi c281a427e0 Moved gmp plugin before users of it 2010-08-04 09:26:19 +02:00
Martin Willi fdd7e21225 Added a token add/remove callback function to the manager 2010-08-04 09:26:19 +02:00