247794827e
move SQL-based pool functionality to new attr-sql libstrongswan plugin
2009-10-13 17:02:29 +02:00
4c8bb47abd
check provenance of nameserver entry
2009-10-13 13:58:43 +02:00
27f4dd33b2
use definitions from libstrongswan/attributes/attributes.h
2009-10-13 13:55:06 +02:00
930443afff
moved attribute_manager to libstrongswan
2009-10-13 13:46:27 +02:00
a2b50c5d60
Fixed assignment of get_triplet() dummy implementation
2009-10-13 11:05:01 +02:00
cb7817a64b
scepclient now requires x509 plugin
2009-10-12 19:56:21 +02:00
3fe152f275
sql/rw-eap-aka-rsa scenario requires eapaka-3gpp2 plugin
2009-10-12 19:50:44 +02:00
63c75a98eb
updated evaltest of ikev1/no-priv-key scenario
2009-10-12 19:48:20 +02:00
88eb0a4235
INTERNAL_IP6_NETMASK needed for ModeConfig
2009-10-12 19:45:12 +02:00
073e7dc062
Merged SIM/USIM manager/card/provider, avoids code duplication
2009-10-12 14:40:21 +02:00
f7897b64f6
Added ${shlibs:Depends} dependency to Debian package
2009-10-12 14:06:51 +02:00
3690d31a2a
Added .gitignore for NM Debian package build
2009-10-12 14:06:51 +02:00
a86d534b4c
prepended all ISAKMP notification message types with ISAKMP_
2009-10-12 13:47:22 +02:00
68d23d2401
Pass NULL as other identity in EAP-AKA 3GPP2 to find a match with all plugins
2009-10-12 09:51:46 +02:00
9b2942f68d
Stroke plugin interprets NULL identities as ID_ANY in shared key lookup
2009-10-12 09:51:45 +02:00
509f70c132
added some pluto changes to NEWS
2009-10-12 08:05:48 +02:00
295e92fe36
fixed output of offered CA
2009-10-11 21:24:39 +02:00
e8e2a147db
fixed broken smartcard support (bug #91 )
2009-10-11 21:14:05 +02:00
1c75e3404d
some missing refactoring changes
2009-10-11 20:14:18 +02:00
d4acf1dd3c
myids might not be defined yet
2009-10-11 18:05:38 +02:00
0004ee1687
fixed refactoring bug
2009-10-11 16:34:04 +02:00
3197a20a87
adapted ikev2/rw-eap-aka scenarios to eapaka-3gpp2 plugin
2009-10-11 00:35:01 +02:00
9ea23c8f91
corrected ikev1/nat-two-rw evaltest.dat
2009-10-11 00:14:20 +02:00
40441ddd39
removed orphaned sha1.c
2009-10-10 22:05:59 +02:00
0da24e7d46
corrected evaltest.dat
2009-10-10 21:41:36 +02:00
17722d4489
replaced struct id by identification_t
2009-10-10 21:19:38 +02:00
55b045abb5
Added NEWS about EAP-AKA split
2009-10-09 13:31:19 +02:00
5d5e2853b6
SIM card interface takes IMSI as parameter (same as in USIM)
2009-10-09 13:02:20 +02:00
31f5280cee
Fixed USIM parameter description
2009-10-09 13:02:20 +02:00
424ddf801c
Do not use monotonic time for AKA sequence numbers, it has an undefined starting point
2009-10-09 13:02:20 +02:00
655728621b
Use constants instead of sizeof(), sizeof() does not work for function arguments
2009-10-09 13:02:20 +02:00
aba93dcc32
Calculate missing CK/IK values in USIM
2009-10-09 13:02:20 +02:00
aca7ba0ffc
Link 3gpp2 EAP-AKA plugin to libgmp
2009-10-09 13:02:20 +02:00
53a16b72ab
Separated 3gpp2 USIM card and provider functionality
2009-10-09 13:02:20 +02:00
0030880c6b
Ported AKA functions to 3gpp2 plugin
2009-10-09 13:02:19 +02:00
4720815774
Added a stub for the EAP-AKA backend implementing the 3GPP2 functions in software
2009-10-09 13:02:19 +02:00
36a3bccfcf
Implemented a manager for USIM cards/providers very similar to the SIM manager
2009-10-09 13:02:19 +02:00
c6b2b2aae2
corrected caption
2009-10-09 00:16:33 +02:00
4b4f8bd732
created identification_create_from_sockaddr() function
2009-10-09 00:13:28 +02:00
a4eb37eed0
Added medsrv.fcgi to gitignore
2009-10-08 13:10:02 +02:00
5026519057
medsrv.fcgi is not part of the git tree
2009-10-08 13:05:27 +02:00
878fc472e9
hex_str() isn't used externally any more
2009-10-08 13:04:07 +02:00
e64b4e96c9
parsing of generalNames is not needed any more
2009-10-08 12:42:29 +02:00
88212ee6e7
use of asn1_build_known_oid()
2009-10-08 12:35:36 +02:00
0354d5703d
migrated public key IDs to identification_t
2009-10-08 11:25:43 +02:00
4b1cd5a367
Reenabled acq_expires SA timer using rekey timeout
...
While not using a SA expiration for allocating SPIs works fine,
the situation is much more problematic for kernel-created temporary
SAs from acquires. If the negotiation of such a CHILD_SA fails,
the created temporary SA can not be deleted.
2009-10-07 13:09:59 +02:00
991f7ccd6c
Catch CHILD_SA state changes during acquire
...
If an acquire fails due to a TS_UNACCEPTABLE or other CHILD_SA only errors,
we have to reset the pending state in the trap manager.
2009-10-07 13:09:59 +02:00
84e390fdc4
list subjectAltNames
2009-10-06 23:50:26 +02:00
20afe5e9f5
some ipsec listall finetuning
2009-10-06 23:19:46 +02:00
ce2f2461e0
pluto and charon now have the same ipsec listall output format
2009-10-06 16:49:46 +02:00
Andreas Steffen