ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
10,018 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

10018 Commits

Author SHA1 Message Date
Tobias Brunner 2e7cc07ecd Moved host_t and host_resolver_t to a new networking subfolder 2012-10-24 15:06:18 +02:00
Martin Willi c4894cc172 Send certificate requests in load-tester 2012-10-24 13:25:45 +02:00
Martin Willi 0f3c5f8502 Add load-tester traffic selector configuration options 2012-10-24 13:25:13 +02:00
Martin Willi 1efd6c6f2a Make use of new CIDR string ts constructor where appropriate 2012-10-24 13:25:08 +02:00
Martin Willi fd6c0c8fb4 Add a traffic selector constructor creating a TS directly from a CIDR string 2012-10-24 13:25:02 +02:00
Martin Willi 8fc7bbc6ba Add NEWS about explicitly loaded pkcs11 certificates from ipsec.conf 2012-10-24 13:16:39 +02:00
Martin Willi 712e81306f PKCS#11 library search using keyid uses a fallback to look for certificates 2012-10-24 13:07:54 +02:00
Martin Willi aa51d5dd25 Increase the limit of acceptable IKEv1 CERTREQ payloads to 20 2012-10-24 13:07:53 +02:00
Martin Willi 4ce55ffb0b Use explicit, larger buffer sizes for smartcard keyids and modules 2012-10-24 13:07:53 +02:00
Martin Willi cd844e1c97 Remove obsolete pluto smartcard syntax in ipsec.secrets.5 2012-10-24 13:07:53 +02:00
Martin Willi f6d8fb3687 Updated ipsec.conf.5 regarding (CA) certificates loaded from smartcards 2012-10-24 13:07:53 +02:00
Martin Willi 434902b302 Add a strongswan.conf option to disable loading of all certificates from a pkcs11 module 2012-10-24 13:07:53 +02:00
Martin Willi 794d713dca Support loading cacert certificates in ipsec.conf ca sections from smartcard 2012-10-24 13:07:53 +02:00
Martin Willi 2abe404927 Refactored stroke smartcard token parsing, support module and slot in leftcert option 2012-10-24 13:07:53 +02:00
Martin Willi 36e47a409b Explicit pkcs11 certificate loading can enforce a module and a slot 2012-10-24 13:07:53 +02:00
Martin Willi 5d4c27d077 Be less verbose if loading PKCS#11 certificate fails 2012-10-24 13:07:53 +02:00
Martin Willi 05e266ea9d Add leftcert ipsec.conf.5 documentation about smartcard certificates 2012-10-24 13:07:53 +02:00
Martin Willi 9687cb5100 Load ipsec.conf %smartcard leftcerts with pkcs11 builder 2012-10-24 13:07:52 +02:00
Martin Willi fbd3863571 Add a builder to load specific pkcs11 certificates by keyid 2012-10-24 13:07:52 +02:00
Martin Willi ffe42fa405 If no pkcs11 public key for a private key found, search for a certificate 2012-10-24 13:07:52 +02:00
Martin Willi 44fdc62f82 Move pkcs11 public key lookup function declaration to header file 2012-10-24 13:07:52 +02:00
Martin Willi 6910e5c753 Add NEWS about proposals with PRFs different from integrity protection algorithms 2012-10-24 11:52:59 +02:00
Martin Willi 5b2e669ba2 Add ipsec.conf.5 documentation for explicit PRFs in IKE proposals 2012-10-24 11:49:37 +02:00
Martin Willi 7ee16e4b85 Only add an implicit PRF based on the MAC alg if no PRF given in proposal 2012-10-24 11:49:37 +02:00
Martin Willi 60e59b7e7f Add proposal keywords to explicitly specify PRF algorithms 2012-10-24 11:49:36 +02:00
Martin Willi 343e998927 Added NEWS about lookip plugin 2012-10-24 11:47:18 +02:00
Martin Willi a7f5eb1035 Add an interactive mode in lookip tool, demonstrate lasting connections 2012-10-24 11:43:34 +02:00
Martin Willi 9d422bb1b0 Send a lookip NOT_FOUND reply if a lookup yields no results 2012-10-24 11:43:34 +02:00
Martin Willi f6fb2b98e9 lookup function of lookip listener returns the number of matches 2012-10-24 11:43:34 +02:00
Martin Willi 31576ceddf Handle multiple lookip connections using a single FDSET 2012-10-24 11:43:34 +02:00
Martin Willi 28683ef137 Renamed list to store listening lookip clients 2012-10-24 11:43:34 +02:00
Martin Willi bae50c7393 Handle client subscriptions in lookip plugin 2012-10-24 11:43:34 +02:00
Martin Willi 7650dd9a4f Add a lookip server side UNIX socket processing LOOKUP and DUMP requests 2012-10-24 11:43:34 +02:00
Martin Willi d59e6db614 Add a simple command line utility to query the lookip plugin 2012-10-24 11:43:34 +02:00
Martin Willi 7877c463ea Defined on-the-wire format used on lookip socket 2012-10-24 11:43:34 +02:00
Martin Willi 1edaa79c06 Add a lookip function to register virtual IP notification listeners 2012-10-24 11:43:34 +02:00
Martin Willi 9c54b445e2 Add a lookup method to lookip plugin, using a callback to invoke 2012-10-24 11:43:34 +02:00
Martin Willi 2caa27d42e Add a lookip listener that collects the information we are interested in 2012-10-24 11:43:34 +02:00
Martin Willi e0d7c1eda7 Add a lookip plugin stub to lookup connections by virtual IP 2012-10-24 11:43:33 +02:00
Martin Willi a19d591388 Add NEWS about stroke counters 2012-10-24 11:39:13 +02:00
Martin Willi 3202f4a381 Add "listcounters" command to ipsec.8 manpage 2012-10-24 11:34:31 +02:00
Martin Willi 0c4b9f7cda Add a "ipsec listcounters" command to stroke 2012-10-24 11:34:31 +02:00
Martin Willi f9332e0a8b Add a print method for stroke counters 2012-10-24 11:34:31 +02:00
Martin Willi 2232d88569 Support field with specifiers in %N printf hook 2012-10-24 11:34:30 +02:00
Martin Willi fc4d1568d1 Add stroke message type counters 2012-10-24 11:34:30 +02:00
Martin Willi 5715af7508 Add stroke counters for invalid IKE messages 2012-10-24 11:34:30 +02:00
Martin Willi 81e0e10344 Add stroke CHILD_SA rekeying counter 2012-10-24 11:34:30 +02:00
Martin Willi a32a8d4a67 Add stroke IKE rekey counters 2012-10-24 11:34:30 +02:00
Martin Willi 418f4bc7a5 Raise a bus alert when IKE message body parsing fails 2012-10-24 11:34:30 +02:00
Martin Willi 2b95ab7620 Raise a bus alert when IKE message header parsing fails 2012-10-24 11:34:30 +02:00