Andreas Steffen
d4a1ae3af1
allow retrieval of private keys from other credential sets
2013-04-02 08:55:40 +02:00
Andreas Steffen
c2c4125cde
improve checking of sent and received http messages
2013-04-02 08:55:40 +02:00
Tobias Brunner
96ad2b17b0
Updated strongswan.conf(5) man page
2013-04-01 16:56:47 +02:00
Tobias Brunner
eca499f3d9
Load raw keys before possibly destroying the identity
...
If no identity (or %any) is configured the identification_t object is
destroyed and an invalid object was associated with the created pubkey
certificate.
Actually using %any does not work as the certificate would not match
when the client later provides an identity.
2013-04-01 13:48:34 +02:00
Tobias Brunner
a009aedb0b
ipseckey: Use proper daemon name for enable option
2013-04-01 13:46:09 +02:00
Tobias Brunner
53ac177cde
Properly handle situation if no resolver plugins are loaded
2013-04-01 13:44:04 +02:00
Andreas Steffen
5a516a83da
fixed capability metadata
2013-03-31 22:15:42 +02:00
Andreas Steffen
fec7c824b8
fix start of wpa_supplicant
2013-03-31 19:48:07 +02:00
Andreas Steffen
0cf4dc53c7
updated strongswan.conf man page for tn_ifmap plugin
2013-03-31 19:05:53 +02:00
Andreas Steffen
45e2be2399
renamed tnc_ifmap2 plugin to tnc_ifmap
2013-03-31 16:37:30 +02:00
Andreas Steffen
bde8e287d9
removed obsoleted tnc_ifmap plugin
2013-03-31 16:07:08 +02:00
Andreas Steffen
4581767493
implemented http basic authentication
2013-03-31 15:59:32 +02:00
Andreas Steffen
e8675cb35d
parse IF-MAP server URI
2013-03-31 11:39:06 +02:00
Andreas Steffen
4f4875ff13
implemented publish_enforcement_report and endSession methods
2013-03-30 13:19:27 +01:00
Andreas Steffen
628fee4563
implemented publish_ike_sa method
2013-03-30 09:15:16 +01:00
Andreas Steffen
c6f9b1fb1f
ifmap message type is known
2013-03-30 08:22:33 +01:00
Andreas Steffen
b02bdc1e06
implemented publish_device_ip method
2013-03-30 08:11:10 +01:00
Andreas Steffen
14bf3cc1bd
added IF-MAP SOAP error handling
2013-03-30 08:10:39 +01:00
Andreas Steffen
cd13c9a90f
created tnc_ifmap2_soap_msg class
2013-03-29 23:09:11 +01:00
Andreas Steffen
b885c3cde6
implement NewSession and PurgePublisher messages using the libxml2 library
2013-03-29 22:29:12 +01:00
Andreas Steffen
e99aab35de
set up a new IF-MAP session
2013-03-29 09:42:06 +01:00
Andreas Steffen
5a8dd63433
fixed typo
2013-03-27 22:56:37 +01:00
Tobias Brunner
54781f5f34
Fixed Doxygen comment in eap_radius plugin
2013-03-27 11:08:55 +01:00
Tobias Brunner
ae8ac58c45
Fix detection and use of netinet/ip6.h on FreeBSD
2013-03-27 09:56:48 +01:00
Tobias Brunner
613fb0b494
Don't set USE_ATTR_SQL when the sql plugin is enabled only
2013-03-27 07:47:53 +01:00
Tobias Brunner
419a9a4fcd
Make some private functions in plugins static
...
Fixes monolithic build.
2013-03-27 07:32:55 +01:00
Martin Willi
c59f3dcb68
Use new strongSwan HA kernel patchset keeping iptables ABI
...
Allows us to install stock debian iptables without the need for patching and
compiling our own.
2013-03-26 10:31:29 +01:00
Martin Willi
b5f3c1f785
Define SSHCONF from strongswan testing directory, not TESTDIR
...
This fixes the use of SSHCONF in the ssh wrapper script before ./do-tests
had a chance to create the required symlinks.
2013-03-26 10:31:29 +01:00
Martin Willi
0ba8842348
Lazy unmount guest filesystem after building image, as it still might be busy
2013-03-26 10:31:29 +01:00
Tobias Brunner
51caeeb161
crypt_burn: Proper cleanup
2013-03-25 18:40:32 +01:00
Tobias Brunner
d4f2f3dd7f
crypt_burn: Fix loop condition for regular crypters
2013-03-25 18:40:31 +01:00
Tobias Brunner
f2e6a67ed9
libpts: Cast first argument for %.*s to int
2013-03-25 18:40:27 +01:00
Tobias Brunner
237bb5d467
error-notify: Close file descriptors in case clients are still connected
2013-03-25 18:34:54 +01:00
Tobias Brunner
2467c46856
libpttls: Destroy reader when handling errors during SASL
2013-03-25 18:33:57 +01:00
Tobias Brunner
acbe87787b
pacman: Define gen_time out of the loop
...
It gets assigned if count==3 but only used later when count >= 7.
2013-03-25 17:13:49 +01:00
Tobias Brunner
38c410b1aa
ipseckey: NULL pointer dereference fixed in error case
2013-03-25 17:02:45 +01:00
Reto Buerki
f7fea72e46
Recipes: Disable Anet unit tests
...
Some Anet unit tests may fail because of the network configuration on
the testing host. These failures do not indicate a problem in Anet but
are a result of unpredictable events.
2013-03-25 16:49:30 +01:00
Tobias Brunner
cf95d2926c
Fixed some typos, courtesy of codespell
2013-03-25 10:59:37 +01:00
Andreas Steffen
7e20062fdf
Added hostapd package to base image
2013-03-22 23:53:39 +01:00
Andreas Steffen
8f72ba4aff
Added Framed-IP-Address information to RADIUS accounting records
2013-03-22 23:52:01 +01:00
Andreas Steffen
9fa9f68d8d
enforce singular of packets
2013-03-22 21:14:04 +01:00
Tobias Brunner
48d82a7dc7
asprintf(3) requires _GNU_SOURCE to be defined
2013-03-22 19:42:15 +01:00
Andreas Steffen
0b6c43f038
Added ikev2/rw-eap-framed-ip-radius scenario
2013-03-22 19:08:42 +01:00
Andreas Steffen
4a3c1cdc2b
Store debug output from standalone IMC/IMVs
2013-03-22 16:45:24 +01:00
Andreas Steffen
1eada67bcb
Added ikev2/ip-two-pools-v4v6-db scenario
2013-03-22 12:18:43 +01:00
Tobias Brunner
79306b7e6e
Use proper integer types when handling TLS exchanges
...
tls_t.build takes a size_t argument not a ssize_t.
2013-03-22 11:40:57 +01:00
Tobias Brunner
03237238b8
Check return value of asprintf(3) when converting AR identity
...
Using chunk_t.ptr as target was also not optimal as it resulted in
a compiler warning.
2013-03-22 11:34:16 +01:00
Andreas Steffen
753e0a0099
version bump to 5.0.3rc1
2013-03-22 10:38:25 +01:00
Andreas Steffen
a1bc67d6c9
Switch encoding of AR Identity Value from binary to UTF-8
2013-03-22 10:37:49 +01:00
Reto Buerki
3db17b0ccc
Fixed TKM build
2013-03-22 10:35:48 +01:00