1342bd3386
unit-tests: Created newhope unit-tests
2016-08-10 14:22:00 +02:00
393688aea0
Created newhope plugin implementing the New Hope key exchange algorithm
2016-08-10 14:22:00 +02:00
d305f251a5
Created libnttfft
...
This makes Number Theoretic Transforms (NTT) based on the efficient
Fast-Fourier-Transform (FFT) available to multiple plugins.
2016-07-29 12:36:15 +02:00
0274163674
libtpmtss: Use pkconfig to configure TSS 2.0 includes and libraries
2016-07-20 11:26:07 +02:00
74de8c3727
Version bump to 5.5.0
2016-07-13 13:26:16 +02:00
8fafbffdb7
Version bump to 5.5.0rc1
2016-06-30 16:28:28 +02:00
aaa37f590d
configure: Enable respective TSS if aikgen/-pub2 are enabled
2016-06-28 11:30:20 +02:00
6a24637dcb
Version bump to 5.5.0dr1
2016-06-26 20:11:30 +02:00
30d4989aec
libimcv: migrate pts to tpm_tss
2016-06-22 15:33:44 +02:00
c08753bdf4
Created libtpmtss library handling access to v1.2 and v2.0 TPMs
2016-06-22 15:33:43 +02:00
87d356dc47
aikpub2: Convert TSS 2.0 AIK public key blob into PKCS#1 format
2016-06-22 15:33:43 +02:00
a35ee9f402
Revert "configure: Cache result of pthread_condattr_setclock() check"
...
This reverts commit 8d79bfa831#1502 .
2016-06-17 15:04:17 +02:00
8d79bfa831
configure: Cache result of pthread_condattr_setclock() check
...
Even if not using caching when running the configure script (-C) this
allows pre-defining the result by setting the environment variable
ss_cv_func_pthread_condattr_setclock_monotonic=yes|no|unknown
before/while running the script.
As the check requires running a test program this might be helpful
when cross-compiling to disable using monotonic time if
pthread_condattr_setclock() is defined but not actually usable with
CLOCK_MONOTONIC.
References #1502 .
2016-06-17 11:36:48 +02:00
e827e78483
configure: Fix typo in pthread_condattr_setclock() check
2016-06-17 11:36:46 +02:00
518a5b2ece
configure: Check for and explicitly link against -latomic
...
Some C libraries, such as uClibc, require an explicit link for some atomic
functions. Check for any libatomic, and explcily link it.
2016-06-14 14:27:20 +02:00
989db1bf2f
configure: Check for a potential -lpthread by using -ldl
...
Some pthread library variants depend on libdl, hence we must pass such a
library to successfully build against libpthread.
2016-05-18 14:46:20 +02:00
1aeaccad11
Version bump to 5.4.1dr4
2016-05-13 12:49:52 +02:00
5d5ecd8e72
vici: Replace dr with dev in version numbers for the Python egg
...
The versioning scheme used by Python (PEP 440) supports the rcN suffix
but development releases have to be named devN, not drN, which are
not supported and considered legacy versions.
2016-05-10 12:16:13 +02:00
26aa9c638d
Version bump to 5.4.1dr3
2016-05-08 09:06:16 +02:00
ab1cebda3a
Version bump to 5.4.1dr2
2016-05-06 22:29:32 +02:00
e8c73c1cf0
configure: Replace two remaining usages of AC_HAVE_LIBRARY with AC_CHECK_LIB
2016-04-15 10:31:19 +02:00
c407f163e6
Version bump to 5.4.1dr1
2016-04-11 10:24:12 +02:00
7a117eeaec
Version bump to 5.4.0
2016-03-22 11:20:36 +01:00
12ac5fac1a
p-cscf: Add plugin stub
2016-03-10 11:57:38 +01:00
724f590711
Version bump to 5.4.0rc1
2016-03-05 18:18:12 +01:00
fe1f915b07
Version bump to 5.4.0dr8
2016-03-04 20:55:55 +01:00
8ea4cb3e5d
thread: Allow thread ID to be value returned by gettid()
...
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
2016-03-04 09:12:11 +01:00
28649f6d91
libhydra: Remove empty unused library
2016-03-03 17:36:11 +01:00
dec9e1957f
libhydra: Move all kernel plugins to libcharon
2016-03-03 17:36:11 +01:00
794cfbad71
Version bump to 5.4.0dr7
2016-02-28 15:56:06 +01:00
fc0f8466db
Version bump to 5.4.0dr6
2016-02-16 18:17:44 +01:00
927f733159
Version bump to 5.4.0dr5
2016-01-28 09:41:05 +01:00
9492e12e61
Version bump to 5.4.0dr4
2016-01-10 01:39:08 +01:00
1990eeebfe
Version bump to 5.4.0dr3
2016-01-03 06:28:49 +01:00
b15f987ddd
configure: Support systemd >= 209
...
libsystemd-journal and libsystemd-daemon are now just
part of libsystemd.
Keep original systemd checks as a fallback.
Updates charon-systemd/Makefile.am accordingly.
Tested on:
- debian wheezy (systemd v44)
- ubuntu 15.10 (systemd v255).
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
Closes strongswan/strongswan#24 .
2015-12-21 11:53:31 +01:00
6943db5679
Version bump to 5.4.0dr2
2015-12-18 15:25:50 +01:00
2d9c68b8a8
configure: Enable vici plugin and swanctl by default
2015-12-17 17:49:48 +01:00
020d8c8f26
configure: Fix typo when enabling CPAN modules as dependency
...
Fixes: a17b6d469c
2015-12-14 11:49:51 +01:00
5e2b740a00
128 bit default security strength requires 3072 bit prime DH group
2015-12-14 10:39:40 +01:00
2b39da2634
configure: Link against potential -ldl when checking for OpenSSL libcrypto
2015-12-04 08:02:03 +01:00
fc235f90fe
Version bump to 5.4.0dr1
2015-12-01 15:06:23 +01:00
a17b6d469c
Built the CPAN file structure for the Vici::Session perl module
2015-12-01 14:52:43 +01:00
a101bce862
Implement vici Perl binding
2015-12-01 14:52:43 +01:00
66021f7263
Version bump to 5.3.5
2015-11-26 09:56:10 +01:00
8e9adf3d09
Version bump to 5.4.0dr1
2015-11-16 16:36:50 +01:00
722714bdfe
Version bump to 5.3.4
2015-11-16 13:22:25 +01:00
ef4279f2e5
utils: Provide a fallback for sigwaitinfo() if needed
...
Apparently, not available on Mac OS X 10.10 Yosemite. We don't provide
this on Windows.
2015-11-13 18:24:45 +01:00
bec682e1da
Version bump to 5.3.4rc1
2015-11-13 12:18:28 +01:00
0748517582
Version bump to 5.3.4dr3
2015-11-10 16:54:38 +01:00
32ebb56c5b
configure: Load sha1 and random plugins in manager by default
...
If the openssl plugin is not enabled we need these to generate session
IDs and to authenticate the users.
The md4 plugin is not needed in the manager.
Fixes #1168 .
2015-11-09 11:03:47 +01:00
f1f7134ecb
Version bump to 5.3.4dr2
2015-11-06 16:07:04 +01:00
6590298dad
Version bump to 5.3.4dr1
2015-11-04 19:42:17 +01:00
a488584b5f
Implemented SHA-3 hash algorithm including test vectors
2015-11-03 21:35:09 +01:00
a215008c11
Version bump to 5.3.3
2015-09-06 15:05:36 +02:00
01604016f7
Version bump to 5.3.3rc2
2015-09-01 13:16:43 +02:00
5de8703ee0
Version bump to 5.3.3rc1
2015-08-25 15:10:13 +02:00
46686372c6
Version bump to 5.3.3dr6
2015-08-19 07:18:30 +02:00
b48ffcb1b3
Implemented HCD IMC and IMV
2015-08-18 21:25:38 +02:00
6ef4668626
pki: Add --dn command to extract the subject DN of a certificate
2015-08-17 11:34:01 +02:00
6d9cd1d66b
utils: Check for dirfd(3)
...
Not all POSIX compatible systems might provide it yet. If not, we close
the lowest FD to close and hope it gets reused by opendir().
2015-08-17 11:19:48 +02:00
f25f4192c7
utils: Directly use syscall() to close open FDs in closefrom()
...
This avoids any allocations, since calling malloc() after fork() is
potentially unsafe.
Fixes #990 .
2015-08-17 11:19:44 +02:00
cdd7d2b197
Version bump to 5.3.3dr5
2015-08-16 09:04:42 +02:00
16c4dd8f26
Version bump to 5.3.3dr4
2015-08-10 07:48:14 +02:00
3103c68210
configure: Explicitly disable unused parameter warnings in qsort_r test
...
When compiling with -Wextra (and without disabling these warnings
globally) the tests would otherwise fail due to the unused arguments in
the cmp() functions.
Fixes #1053 .
2015-08-04 19:08:30 +02:00
e0d3a2a873
Version bump to 5.3.3dr3
2015-07-31 17:47:14 +02:00
41458e3362
Version bump to 5.3.3dr2
2015-07-28 14:28:58 +02:00
41aa7eb531
Version bump to 5.3.3dr1
2015-07-21 23:15:36 +02:00
29e3544f1f
libipsec: Add a unit-test test runner
2015-07-12 13:54:08 +02:00
42459b41f0
configure: Check if building against a x86/x64 architecture
...
This allows us to include compiler flags specific for them, such as MMX/SSE.
2015-06-29 17:32:14 +02:00
370fb3feb0
chapoly: Provide a generic ChaCha20/Poly1305 AEAD supporting driver backends
2015-06-29 17:32:14 +02:00
3ea5d437fb
Version bump to 5.3.2
2015-06-08 09:56:34 +02:00
f284c17890
Version bump to 5.3.1
2015-06-01 09:50:48 +02:00
d6b75c9563
List attribute request entries also during build
2015-05-24 09:17:29 +02:00
f16f792e17
vici: Make installation of Ruby Gem and Python Egg optional
...
Installing them might not work well when building distro packages (e.g.
with DESTDIR installs). It might be easier to install them later with a
script in the distro package.
When building from source on the local system it could still be useful to
install the packages directly, which can be enabled with separate configure
options.
The main problem with DESTDIR installations of the Python Egg is that
easy_install creates or modifies a file called easy-install.pth in the
installation directory. So it's not actually possible to simply copy
the results in DESTDIR over to the actual system as that file would have
to be merged with any existing one.
Fixes #914 .
2015-05-21 17:22:01 +02:00
17a2e00a31
Version bump to 5.3.1dr1
2015-04-24 11:35:42 +02:00
78c04b5d4d
aesni: Provide a plugin stub for AES-NI instruction based crypto primitives
2015-04-15 11:35:26 +02:00
036c7b63c0
configure: Check for __int128 type support
2015-04-14 12:03:40 +02:00
ef5f96366e
Version bump to 5.3.0
2015-03-27 20:56:44 +01:00
cf9befcba4
Version bump to 5.3.0rc1
2015-03-23 23:15:31 +01:00
07302b2f7c
configure: Check optional py.test availability when building with python eggs
2015-03-18 13:59:15 +01:00
2c8c52c4e2
vici: Include python package in distribution
2015-03-18 13:59:14 +01:00
374b3db191
configure: Add --enable-python-eggs and --with-pythoneggdir options
...
Detect easy_install for Python egg installation to install any egg we provide
in strongSwan.
2015-03-18 13:59:13 +01:00
afc1b67344
Version bump to 5.3.0dr2
2015-03-16 17:15:58 +01:00
1735d80f38
files: Add simple plugin to load files from file:// URIs
2015-03-09 16:08:52 +01:00
4e92441d0c
Remove obsolete _updown_espmark script
...
According to NEWS it was created to support kernels < 2.6.16.
2015-03-06 16:51:50 +01:00
c6595222d6
Version bump to 5.3.0dr1
2015-02-26 09:12:54 +01:00
89b60e9fd7
configure: Use pkg-config to detect libiptc used by connmark/forecast
...
This ensures the library is available. On Debian/Ubuntu it is a dynamic
library provided by the iptables-dev package.
2015-02-23 12:35:28 +01:00
e5ad2e6614
forecast: Add the broadcast/multicast forwarding plugin called forecast
2015-02-20 16:34:55 +01:00
8c2290dcf9
connmark: Add a plugin stub
2015-02-20 15:33:59 +01:00
124490a8e0
unit-tester: Drop the old unit-tester libcharon plugin
...
While it has some tests that we don't directly cover with the new unit tests,
most of them require special infrastructure and therefore have not been used
for a long time.
2015-02-20 13:34:55 +01:00
1f29cd2c5d
libcharon: Add a test runner
2015-02-20 13:34:55 +01:00
82e4b83378
attr-sql: Move plugin to libcharon
2015-02-20 13:34:55 +01:00
c6c7f97a1d
attr: Move plugin to libcharon
2015-02-20 13:34:54 +01:00
6bfd1fbb71
resolve: Move plugin back to libcharon
...
Since pluto is gone, all existing users build upon libcharon.
2015-02-20 13:34:54 +01:00
482810141c
configure: Load SQL backends after crypto plugins
...
If the MySQL client library is linked against OpenSSL the mysql plugin
will cause a segmentation fault when it is unloaded after the openssl
plugin has already been deinitialized. This is very similar to the issues
with curl (see 44b6a34d43Fixes #814 .
2015-02-10 16:08:09 +01:00
e9878d72db
Version bump to 5.2.2
2014-12-23 15:40:02 +01:00
374b569ed0
pki: Add simple PKCS#12 display command
2014-12-12 13:11:29 +01:00
a23d3073e3
pki: Load hmac plugin which is required to decrypt PKCS#12 containers
2014-12-12 13:11:29 +01:00
dce6f69546
Version bump to 5.2.2rc1
2014-12-12 12:00:20 +01:00
700df23886
bliss: Fix monolithic build
...
This requires moving test files so that the Makefile for the tests can be
included after building libstrongswan, which requires the plugin when
building monolithically. Due to this a static helper library is required
as directly referring to object files (or source files) is not possible.
It's also necessary to avoid any link-time dependency on libstrongswan in
bliss_huffman, to avoid circular dependencies (bliss_huffman -> libstrongswan
-> bliss -> bliss_huffman).
2014-12-12 12:00:20 +01:00
Andreas Steffen