Andreas Steffen
1b7e081bfa
NEWS for the 4.5.1dr2 release
2010-12-12 10:46:43 +01:00
Andreas Steffen
c2e625514d
some more cosmetics
2010-12-12 10:19:54 +01:00
Andreas Steffen
41216e6518
final cosmetics in PB-TNC debug output
2010-12-12 10:17:43 +01:00
Andreas Steffen
54eb669dd5
implemented PB-TNC message parsing checks
2010-12-12 00:42:31 +01:00
Andreas Steffen
3a4695dc5e
some code optimizations
2010-12-11 00:52:53 +01:00
Andreas Steffen
781730b86a
support handshake retry requests
2010-12-10 23:41:12 +01:00
Andreas Steffen
4ca368d223
the PB-TNC protocol is working
2010-12-10 23:21:13 +01:00
Andreas Steffen
512d2e045f
refactored message handling
2010-12-10 17:09:21 +01:00
Andreas Steffen
af1e3ff567
do not accept results and recommendation messages from clients
2010-12-10 17:04:11 +01:00
Andreas Steffen
7289f4424a
defined some additional Private Enterprise Numbers
2010-12-10 14:58:33 +01:00
Andreas Steffen
5988fc0dfd
define pb_tnc_state_machine_t object
2010-12-10 14:56:40 +01:00
Andreas Steffen
755f2419a5
debug cosmetics
2010-12-10 11:55:02 +01:00
Martin Willi
cf5866b9c0
Renamed purgex509/crl to purgecerts/crls to be consistent with list commands
2010-12-10 11:21:55 +01:00
Andreas Steffen
7e7efa647e
implemented handling of received PB-TNC messages
2010-12-10 11:16:57 +01:00
Martin Willi
6aa144ddb7
Added options to flush CRLs/X509 certs from the cert cache
2010-12-10 09:45:22 +01:00
Andreas Steffen
68fada37b1
refactored PB-TNC state machine in receive direction
2010-12-09 23:38:38 +01:00
Andreas Steffen
7382a639fb
refactored PB-TNC state machine in send direction
2010-12-09 23:18:55 +01:00
Andreas Steffen
4333c48a1b
pb_tnc_batch_t class implements parsing and building of PB-TNC batches
2010-12-09 21:33:12 +01:00
Andreas Steffen
2f942ba67d
fixed memory corruption
2010-12-08 12:15:53 +01:00
Martin Willi
86993d6b90
Never register IKE_SA during checkout_new, as rekeying keeps it checked out
2010-12-07 16:30:38 +01:00
Tobias Brunner
e6f42b0721
Include the destination net in the policy priority calculation.
...
The resulting priorities are as follows:
IPv6 IPv4
routed normal routed normal
max 4096(+3) 2048(+3) 4096(+3) 2048(+3)
min 3072 1024 3840 1792
Where min is for a policy between two single hosts and max is
for /0 on both ends (lower priorities are preferred by the kernel).
(+3) applies for cases where no protocol and no ports are defined.
2010-12-07 12:14:50 +01:00
Andreas Steffen
4332cd7f95
added newline
2010-12-07 09:02:55 +01:00
Andreas Steffen
faccd69068
re-introduced comment
2010-12-07 09:01:28 +01:00
Andreas Steffen
a42aaed64f
Migrated stroke_control_t to INIT/METHOD macros
2010-12-07 08:58:57 +01:00
Andreas Steffen
d31aec9fa7
Migrated stroke_plugin_t to INIT/METHOD macros
2010-12-07 08:01:56 +01:00
Thomas Egerer
76ce213c43
Guarantee entry->other is set when calling put_connected_peers
...
Given the original intent of entry->host, the check for DoS attacks, it
can happen that this value remains NULL when an entry is created. This
is particularly awkward if put_connected_peers is called to check if a
connection to a given peer already exists, since it takes the address
family into consideration (git commit b74219d0) which is gleaned from
entry->host.
This patch guarantees that entry->other is a clone of host before
put_connected_peers is called.
2010-12-06 10:56:57 +01:00
Andreas Steffen
2965eb3cc7
added sql/multi-level-ca scenario
2010-12-05 21:53:43 +01:00
Andreas Steffen
93cbe45c09
stupid typo
2010-12-05 15:48:22 +01:00
Andreas Steffen
fba18c5105
cosmetics
2010-12-05 15:23:18 +01:00
Andreas Steffen
02f08ef910
cosmetics
2010-12-05 15:16:15 +01:00
Andreas Steffen
a6bf8e9118
added parsing checks
2010-12-05 15:01:01 +01:00
Andreas Steffen
58d73d38bc
output TLS-independent error messages
2010-12-05 14:55:18 +01:00
Andreas Steffen
13a7f5f3e3
added certificate_authorities and certificate_distribution_points tables
2010-12-05 11:30:06 +01:00
Andreas Steffen
2da636fd9b
support of reqid field in SQL database
2010-12-05 11:21:40 +01:00
Andreas Steffen
e150442bed
fixed pb_reason_string_message_t class
2010-12-05 11:20:18 +01:00
Andreas Steffen
7e02e49112
Migrated fips_prf plugin to INIT/METHOD macros
2010-12-04 20:56:21 +01:00
Andreas Steffen
c7b778450e
Migrated md4_plugin_t to INIT/METHOD macros
2010-12-04 20:45:49 +01:00
Andreas Steffen
e5e79bd403
Migrated md5_plugin_t to INIT/METHOD macros
2010-12-04 20:43:41 +01:00
Andreas Steffen
1e84aa74aa
Migrated ldap plugin to INIT/METHOD macros
2010-12-04 20:15:59 +01:00
Andreas Steffen
4df49844d9
Migrated pubkey_plugin_t to INIT/METHOD macros
2010-12-04 15:43:04 +01:00
Andreas Steffen
dd621140d3
Migrated pkcs1_plugin_t to INIT/METHOD macros
2010-12-04 11:43:06 +01:00
Andreas Steffen
c742935dac
Migrated curl_plugin_t to INIT/METHOD macros
2010-12-04 11:40:40 +01:00
Andreas Steffen
1bb67ff852
Migrated random plugin to INIT/METHOD macros
2010-12-04 11:37:03 +01:00
Andreas Steffen
79bbe64e17
Migrated sha1_plugin_t to INIT/METHOD macros
2010-12-04 11:26:02 +01:00
Andreas Steffen
72c436c170
Migrated sha2_plugin_t to INIT/METHOD macros
2010-12-04 10:48:42 +01:00
Andreas Steffen
4d7e8032ec
Migrated mysql plugin to INIT/METHOD macros
2010-12-04 10:38:35 +01:00
Andreas Steffen
c6fde416c4
use private destroy() function
2010-12-04 10:28:30 +01:00
Andreas Steffen
cca86ba94d
Migrated sqlite plugin to INIT/METHOD macros
2010-12-04 10:20:33 +01:00
Andreas Steffen
621f9324d9
Migrated test_vectors_plugin_t to INIT/METHOD macros
2010-12-04 10:10:37 +01:00
Andreas Steffen
36e4aa7b9e
Migrated x509_plugin_t to INIT/METHOD macros
2010-12-04 10:07:56 +01:00