Andreas Steffen
078ce348ae
IKEv1 rightallowany flag introduced
2007-06-20 09:46:54 +00:00
Martin Willi
cbbb71c4ac
don't modify des/3des input key anymore
2007-06-19 07:56:28 +00:00
Martin Willi
6835280041
fixed virtua IP: adding virtual IP to interface address list cache directly
...
corrected debug targets
2007-06-19 06:20:33 +00:00
Andreas Steffen
280f6b1ab2
set nexthop to him when instantiating rightallowyes template with leftnexthop == right
2007-06-18 20:07:47 +00:00
Andreas Steffen
d0f55e236d
support of right|leftallowany flag
2007-06-18 17:51:45 +00:00
Andreas Steffen
571bca865b
added dynamic DNS scenarios
2007-06-18 17:50:54 +00:00
Martin Willi
3b04350ab2
added extensions management to IKE_SA
...
fixed NATD payload (port) when using route lookup
2007-06-18 10:32:01 +00:00
Martin Willi
7068410b6f
source address lookup in kernel interface
...
use it for NAT detection if no source address known from config
support for %any...%any connections
2007-06-18 07:25:58 +00:00
Martin Willi
209c2e9049
support for left=%any change our address dynamically
2007-06-18 05:57:59 +00:00
Martin Willi
ca68a75eaf
increased receive buffer to handle more interfaces
2007-06-18 05:56:18 +00:00
Andreas Steffen
174c9e18c1
eliminated nexthop
2007-06-17 15:29:49 +00:00
Andreas Steffen
2dc0366994
fixed typo
2007-06-16 20:22:05 +00:00
Andreas Steffen
0c8e0615aa
recognize strongswan-2.8.5 VID
2007-06-16 20:21:14 +00:00
Martin Willi
08a8f4496f
implemented more flexible iterator hook API
...
kernel interface handles interface changes and updates address list
2007-06-15 13:23:18 +00:00
Martin Willi
02b3ec0a10
implemented address change notification (for MOBIKE)
...
implemented up to date address list cache to list interfaces
2007-06-14 15:16:15 +00:00
Martin Willi
fede28be8b
fixed memleak when initiating to %any
2007-06-14 08:44:19 +00:00
Martin Willi
04f4e82d53
added missing files to the last commit
2007-06-14 08:17:23 +00:00
Martin Willi
26424f03c3
proper reauthentication:
...
IKE_SA is closed completely before the new is initiated,
resolves some issues when a dynamic IP is requested from a pool
2007-06-14 08:13:05 +00:00
Martin Willi
eda454a261
case insensitive identification_t.equals() for FQDN and RFC822ADDR
2007-06-14 07:02:01 +00:00
Martin Willi
424e0c467e
ported interfaces to new threading functions (incomplete)
2007-06-11 14:24:32 +00:00
Martin Willi
5e564f2bff
added setsid() to properly detach from console
2007-06-11 12:21:12 +00:00
Martin Willi
432b298e40
documentation fixes and updates
2007-06-11 12:11:41 +00:00
Martin Willi
9fe1a1ca76
introduced callback_job:
...
simple asynchronous method invocation
use daemons thread pool for all threads
proper cancellation and cleanups
cancellation mechanism to dynamically unload multithreaded code
unified event_queue and scheduler => scheduler
unified job_queue and thread_pool => processor
removed job_type_t, not really needed
fixes here, there and everywhere
2007-06-11 10:57:19 +00:00
Andreas Steffen
aca0317d92
removed all nexthop statements
2007-06-10 18:52:14 +00:00
Martin Willi
9cc7a29786
disabling leak detective at runtime by setting LEAK_DETECTIVE_DISABLE env var
2007-06-08 07:21:03 +00:00
Andreas Steffen
b9659a50dc
version bumps to linux 2.6.21.3 kernel and strongswan 4.1.4
2007-06-08 07:11:06 +00:00
Andreas Steffen
ed1813ff6f
added x as a wildcard for number of tests
2007-06-08 07:10:00 +00:00
Andreas Steffen
0b455e2e7b
pass eroutes now need explicit routes
2007-06-08 07:06:10 +00:00
Andreas Steffen
b7af55ac87
no need for left|rightnexthop parameter any more
2007-06-08 07:03:14 +00:00
Andreas Steffen
7a1f49c314
do not delete existing routes with NETKEY
2007-06-08 07:01:17 +00:00
Andreas Steffen
e93c68ba0d
_updown inserts routes only if a sourceip is defined
2007-06-06 13:37:43 +00:00
Andreas Steffen
ef01451916
insert route only in case of sourceip
2007-06-06 13:30:27 +00:00
Andreas Steffen
9bac1d6640
do not print nexthop in ipsec status[all]
2007-06-06 13:16:48 +00:00
Martin Willi
8e481be97a
included patch from Rene Mayrhofer to respect DESTDIR in make install
2007-06-06 05:55:18 +00:00
Andreas Steffen
d0a6ed9a3c
version bump to 4.1.4
2007-05-26 19:07:39 +00:00
Andreas Steffen
b5463662d2
version bump to 4.1.4
2007-05-26 19:05:34 +00:00
Andreas Steffen
ad8c6c60dc
moved assignment of CERT_UNKNOWN
2007-05-25 14:04:39 +00:00
Andreas Steffen
2b34eafbc0
changed exceeded to reached
2007-05-25 11:42:00 +00:00
Andreas Steffen
3f9834a491
log trust pathlen
2007-05-25 11:41:06 +00:00
Andreas Steffen
3367fa8b74
fixed html output
2007-05-25 11:33:49 +00:00
Andreas Steffen
41e16cf4cf
libfreeswan kernel header problem fixed
2007-05-25 11:17:16 +00:00
Andreas Steffen
89eeedc243
included a certificate label in the is_trusted() method
2007-05-25 11:10:35 +00:00
Martin Willi
998ca0ea9c
updated NEWS for 4.1.3
2007-05-25 11:06:03 +00:00
Andreas Steffen
60b44bbe62
stop dave in posttest.dat
2007-05-25 09:29:10 +00:00
Andreas Steffen
0bc543f1dc
multi-level-ca-strict scenario added
2007-05-25 09:23:24 +00:00
Andreas Steffen
238b92d632
virtual-ip-override scenario added
2007-05-25 09:22:42 +00:00
Andreas Steffen
845cfa025b
stop iptables on dave
2007-05-25 09:22:08 +00:00
Andreas Steffen
f44dbc639b
DBG1 level now shows stepping up through the certifiate hierarchy up to the trust anchor
2007-05-25 08:29:35 +00:00
Andreas Steffen
13b872ebd2
set certinfo status to CERT_UNKNOWN before crl and|or ocsp verification
2007-05-25 08:21:27 +00:00
Andreas Steffen
f2566a3bac
x509_t* argument in get_issuer() method is not constant any more because a short cut to the ca might be set
2007-05-25 08:17:29 +00:00