Martin Willi
2e897fe30a
Handle first exchange in IKEv1 main mode as responder
2012-03-20 17:30:41 +01:00
Martin Willi
3a470f3035
Added limiting encoding of IKEv1 SA payloads
2012-03-20 17:30:41 +01:00
Martin Willi
2bcd51b389
Added SA payload IKEv1 encoding types to generator
2012-03-20 17:30:41 +01:00
Martin Willi
bce8d3be11
Don't set IKEv2 only header flags when using IKEv1
2012-03-20 17:30:41 +01:00
Martin Willi
da8cadbd93
Set default IKE header initiator flag in IKEv2 only
2012-03-20 17:30:41 +01:00
Martin Willi
c73c832c5a
Added an IKEv1 main mode task stub
2012-03-20 17:30:41 +01:00
Martin Willi
4a09d9ee7f
Added a stub for a IKEv1 task manager
2012-03-20 17:30:41 +01:00
Martin Willi
e69f7dcddf
Use task manager as generic interface, renamed implementation to _v2.
2012-03-20 17:30:41 +01:00
Martin Willi
4ac22be0ec
Fix unaligned aliasing warning in raw socket
2012-03-20 17:30:41 +01:00
Tobias Brunner
f7a8fcedc0
Use enum to define IKE version on peer_cfg_t.
...
Replaced all those magic numbers.
2012-03-20 17:30:41 +01:00
Tobias Brunner
3238faf8e6
Fix init message arrival check.
2012-03-20 17:30:41 +01:00
Tobias Brunner
354ac9579f
Compile error fixed.
2012-03-20 17:30:41 +01:00
Tobias Brunner
7f56cf1a65
Message parsing slightly refactored, allows parsing of unencrypted IKEv1 messages.
2012-03-20 17:30:40 +01:00
Tobias Brunner
4ed52db2bb
Allow creation of message_t objects for IKEv1 packets.
2012-03-20 17:30:40 +01:00
Tobias Brunner
8a2d079d78
Certificate request payloads can be sent in pretty much any IKEv1 message.
2012-03-20 17:30:40 +01:00
Martin Willi
1bf2971ff2
Implemented limited payload parsing for IKEv1 SA payloads
2012-03-20 17:30:40 +01:00
Martin Willi
3f6d1b13a7
Added additional IKEv1 payload and encoding identifiers
2012-03-20 17:30:40 +01:00
Martin Willi
b0b9d18593
Extend sa_payload for IKEv1 support
2012-03-20 17:30:40 +01:00
Tobias Brunner
8f3aea2f77
Message rules for IKEv1 INFORMATIONAL exchange added.
...
Since INFORMATIONAL "exchanges" are actually unidirectionally sent
message we don't have any responder rules.
2012-03-20 17:30:40 +01:00
Tobias Brunner
130c9a54c2
Message rules for IKEv1 AGGRESSIVE exchange added.
...
These are basically the same as for ID_PROT but no payloads are expected
to be encrypted (at least if using PSK or signatures for authentication).
2012-03-20 17:30:40 +01:00
Tobias Brunner
6ba70ba8dd
Message rules for IKEv1 ID_PROT exchange added.
...
These rules are quite broad and cover main mode with at least PSK and
signature based authentication.
2012-03-20 17:30:40 +01:00
Tobias Brunner
fdb8421f36
Typo fixed.
2012-03-20 17:30:40 +01:00
Martin Willi
837298c590
Use vendor id payload for IKEv1 payloads, too
2012-03-20 17:30:39 +01:00
Martin Willi
ecf854a00b
Added IKEv1 payload identifiers to "known" payload list
2012-03-20 17:30:39 +01:00
Martin Willi
2fc986182f
Handle IKEv1 messages in managers checkout_by_message
2012-03-20 17:30:39 +01:00
Martin Willi
e33b41e7b0
Added IKEv1 payload identifiers
2012-03-20 17:30:39 +01:00
Martin Willi
867701bc6d
Accept and process IKEv1 messages in receiver
2012-03-20 17:30:39 +01:00
Martin Willi
526b5afb45
Extended IKE header for IKEv1 support
2012-03-20 17:30:39 +01:00
Tobias Brunner
ccdd3a4cee
Added configure option for the IKEv1 implementation in charon.
2012-03-20 17:30:39 +01:00
Andreas Steffen
99246a4fc2
gcrypt does not support MD2
2011-11-09 06:48:55 +01:00
Andreas Steffen
4182d7a58d
added dummy libsimaka_init() function needed for integrity testing
2011-11-08 21:18:48 +01:00
Andreas Steffen
acb92cb44c
version bump to 4.6.1
2011-11-08 21:00:09 +01:00
Andreas Steffen
e7cb8f9b37
added dummy libtls_init() function needed for integrity testing
2011-11-08 20:27:17 +01:00
Tobias Brunner
856baca23e
Fixed monolithic build of libcharon with libtnccs enabled.
2011-11-08 18:35:11 +01:00
Tobias Brunner
59c5f048bb
Correctly refer to tnc-tnccs plugin when building monolithically.
2011-11-08 18:35:11 +01:00
Tobias Brunner
b12ad862c1
Calculate checksums for libsimaka and libtls.
...
These are currently not checked though. And because they don't define a
<libname>_init function an warning is reported when the checksum is
calculated.
2011-11-08 18:35:11 +01:00
Tobias Brunner
89bad63bac
Defer calculation of checksums until installation.
...
The checksum is now calculated from the installed libraries and plugins.
This allows to calculate checksums for plugins linking to libraries like
libtls as these are relinked during installation.
2011-11-08 18:35:11 +01:00
Tobias Brunner
4ad67fe7d5
Fixed formatting for longer plugin names in checksum_builder output.
2011-11-08 18:35:11 +01:00
Tobias Brunner
9192f78f70
Don't link libtnccs to checksum_builder.
...
Linking is only required for libraries defining global symbols used by
plugins to which the plugins do not link themselves.
2011-11-08 18:35:11 +01:00
Tobias Brunner
48e87e12ab
Revert "fixed integrity tests of plugins using libtls or libtnccs"
...
This reverts commit b597ac4a4c
(not
completely).
2011-11-08 18:35:11 +01:00
Tobias Brunner
e034cc9ca9
Revert "fixed integrity tests of plugins using libsimaka"
...
This reverts commit 8c42f16dee
.
Conflicts:
src/charon/Makefile.am
2011-11-08 18:35:11 +01:00
Tobias Brunner
9b6502ade8
maemo: New upstream release.
2011-11-08 18:35:11 +01:00
Andreas Steffen
bc0a4f7663
assign get_features method
2011-11-07 19:15:41 +01:00
Andreas Steffen
566311862f
moved random plugin in front of openssl in order to prefer gmp
2011-11-05 07:24:17 +01:00
Thomas Egerer
72a1b2e308
Allow support for CA-certificate retrieval in scepclient
...
I think somehow this functionality got lost in the way from
strongswan-2.7.0...
2011-11-04 15:13:32 +01:00
Tobias Brunner
866858527d
Fix 'ipsec pool --status' for empty pools.
2011-11-04 15:07:54 +01:00
Tobias Brunner
39b30518c2
Syntax error in sqlite.sql fixed.
2011-11-04 14:37:22 +01:00
Tobias Brunner
5fd8e53002
Some Android NEWS added.
2011-11-04 12:24:16 +01:00
Tobias Brunner
2e94a02115
Don't build pluto and starter by default on Android.
2011-11-04 12:20:21 +01:00
Andreas Steffen
ef4206b50e
if available link libsimaka to checksum_builder
2011-11-04 11:27:19 +01:00