2e897fe30a
Handle first exchange in IKEv1 main mode as responder
2012-03-20 17:30:41 +01:00
3a470f3035
Added limiting encoding of IKEv1 SA payloads
2012-03-20 17:30:41 +01:00
2bcd51b389
Added SA payload IKEv1 encoding types to generator
2012-03-20 17:30:41 +01:00
bce8d3be11
Don't set IKEv2 only header flags when using IKEv1
2012-03-20 17:30:41 +01:00
da8cadbd93
Set default IKE header initiator flag in IKEv2 only
2012-03-20 17:30:41 +01:00
c73c832c5a
Added an IKEv1 main mode task stub
2012-03-20 17:30:41 +01:00
4a09d9ee7f
Added a stub for a IKEv1 task manager
2012-03-20 17:30:41 +01:00
e69f7dcddf
Use task manager as generic interface, renamed implementation to _v2.
2012-03-20 17:30:41 +01:00
4ac22be0ec
Fix unaligned aliasing warning in raw socket
2012-03-20 17:30:41 +01:00
f7a8fcedc0
Use enum to define IKE version on peer_cfg_t.
...
Replaced all those magic numbers.
2012-03-20 17:30:41 +01:00
3238faf8e6
Fix init message arrival check.
2012-03-20 17:30:41 +01:00
354ac9579f
Compile error fixed.
2012-03-20 17:30:41 +01:00
7f56cf1a65
Message parsing slightly refactored, allows parsing of unencrypted IKEv1 messages.
2012-03-20 17:30:40 +01:00
4ed52db2bb
Allow creation of message_t objects for IKEv1 packets.
2012-03-20 17:30:40 +01:00
8a2d079d78
Certificate request payloads can be sent in pretty much any IKEv1 message.
2012-03-20 17:30:40 +01:00
1bf2971ff2
Implemented limited payload parsing for IKEv1 SA payloads
2012-03-20 17:30:40 +01:00
3f6d1b13a7
Added additional IKEv1 payload and encoding identifiers
2012-03-20 17:30:40 +01:00
b0b9d18593
Extend sa_payload for IKEv1 support
2012-03-20 17:30:40 +01:00
8f3aea2f77
Message rules for IKEv1 INFORMATIONAL exchange added.
...
Since INFORMATIONAL "exchanges" are actually unidirectionally sent
message we don't have any responder rules.
2012-03-20 17:30:40 +01:00
130c9a54c2
Message rules for IKEv1 AGGRESSIVE exchange added.
...
These are basically the same as for ID_PROT but no payloads are expected
to be encrypted (at least if using PSK or signatures for authentication).
2012-03-20 17:30:40 +01:00
6ba70ba8dd
Message rules for IKEv1 ID_PROT exchange added.
...
These rules are quite broad and cover main mode with at least PSK and
signature based authentication.
2012-03-20 17:30:40 +01:00
fdb8421f36
Typo fixed.
2012-03-20 17:30:40 +01:00
837298c590
Use vendor id payload for IKEv1 payloads, too
2012-03-20 17:30:39 +01:00
ecf854a00b
Added IKEv1 payload identifiers to "known" payload list
2012-03-20 17:30:39 +01:00
2fc986182f
Handle IKEv1 messages in managers checkout_by_message
2012-03-20 17:30:39 +01:00
e33b41e7b0
Added IKEv1 payload identifiers
2012-03-20 17:30:39 +01:00
867701bc6d
Accept and process IKEv1 messages in receiver
2012-03-20 17:30:39 +01:00
526b5afb45
Extended IKE header for IKEv1 support
2012-03-20 17:30:39 +01:00
ccdd3a4cee
Added configure option for the IKEv1 implementation in charon.
2012-03-20 17:30:39 +01:00
99246a4fc2
gcrypt does not support MD2
2011-11-09 06:48:55 +01:00
4182d7a58d
added dummy libsimaka_init() function needed for integrity testing
2011-11-08 21:18:48 +01:00
acb92cb44c
version bump to 4.6.1
2011-11-08 21:00:09 +01:00
e7cb8f9b37
added dummy libtls_init() function needed for integrity testing
2011-11-08 20:27:17 +01:00
856baca23e
Fixed monolithic build of libcharon with libtnccs enabled.
2011-11-08 18:35:11 +01:00
59c5f048bb
Correctly refer to tnc-tnccs plugin when building monolithically.
2011-11-08 18:35:11 +01:00
b12ad862c1
Calculate checksums for libsimaka and libtls.
...
These are currently not checked though. And because they don't define a
<libname>_init function an warning is reported when the checksum is
calculated.
2011-11-08 18:35:11 +01:00
89bad63bac
Defer calculation of checksums until installation.
...
The checksum is now calculated from the installed libraries and plugins.
This allows to calculate checksums for plugins linking to libraries like
libtls as these are relinked during installation.
2011-11-08 18:35:11 +01:00
4ad67fe7d5
Fixed formatting for longer plugin names in checksum_builder output.
2011-11-08 18:35:11 +01:00
9192f78f70
Don't link libtnccs to checksum_builder.
...
Linking is only required for libraries defining global symbols used by
plugins to which the plugins do not link themselves.
2011-11-08 18:35:11 +01:00
48e87e12ab
Revert "fixed integrity tests of plugins using libtls or libtnccs"
...
This reverts commit b597ac4a4c
2011-11-08 18:35:11 +01:00
e034cc9ca9
Revert "fixed integrity tests of plugins using libsimaka"
...
This reverts commit 8c42f16dee
2011-11-08 18:35:11 +01:00
9b6502ade8
maemo: New upstream release.
2011-11-08 18:35:11 +01:00
bc0a4f7663
assign get_features method
2011-11-07 19:15:41 +01:00
566311862f
moved random plugin in front of openssl in order to prefer gmp
2011-11-05 07:24:17 +01:00
72a1b2e308
Allow support for CA-certificate retrieval in scepclient
...
I think somehow this functionality got lost in the way from
strongswan-2.7.0...
2011-11-04 15:13:32 +01:00
866858527d
Fix 'ipsec pool --status' for empty pools.
2011-11-04 15:07:54 +01:00
39b30518c2
Syntax error in sqlite.sql fixed.
2011-11-04 14:37:22 +01:00
5fd8e53002
Some Android NEWS added.
2011-11-04 12:24:16 +01:00
2e94a02115
Don't build pluto and starter by default on Android.
2011-11-04 12:20:21 +01:00
ef4206b50e
if available link libsimaka to checksum_builder
2011-11-04 11:27:19 +01:00
Martin Willi