Martin Willi
432b298e40
documentation fixes and updates
2007-06-11 12:11:41 +00:00
Martin Willi
9fe1a1ca76
introduced callback_job:
...
simple asynchronous method invocation
use daemons thread pool for all threads
proper cancellation and cleanups
cancellation mechanism to dynamically unload multithreaded code
unified event_queue and scheduler => scheduler
unified job_queue and thread_pool => processor
removed job_type_t, not really needed
fixes here, there and everywhere
2007-06-11 10:57:19 +00:00
Martin Willi
9cc7a29786
disabling leak detective at runtime by setting LEAK_DETECTIVE_DISABLE env var
2007-06-08 07:21:03 +00:00
Andreas Steffen
7a1f49c314
do not delete existing routes with NETKEY
2007-06-08 07:01:17 +00:00
Andreas Steffen
ef01451916
insert route only in case of sourceip
2007-06-06 13:30:27 +00:00
Andreas Steffen
9bac1d6640
do not print nexthop in ipsec status[all]
2007-06-06 13:16:48 +00:00
Martin Willi
8e481be97a
included patch from Rene Mayrhofer to respect DESTDIR in make install
2007-06-06 05:55:18 +00:00
Andreas Steffen
d0a6ed9a3c
version bump to 4.1.4
2007-05-26 19:07:39 +00:00
Andreas Steffen
ad8c6c60dc
moved assignment of CERT_UNKNOWN
2007-05-25 14:04:39 +00:00
Andreas Steffen
3f9834a491
log trust pathlen
2007-05-25 11:41:06 +00:00
Andreas Steffen
89eeedc243
included a certificate label in the is_trusted() method
2007-05-25 11:10:35 +00:00
Andreas Steffen
f44dbc639b
DBG1 level now shows stepping up through the certifiate hierarchy up to the trust anchor
2007-05-25 08:29:35 +00:00
Andreas Steffen
13b872ebd2
set certinfo status to CERT_UNKNOWN before crl and|or ocsp verification
2007-05-25 08:21:27 +00:00
Andreas Steffen
f2566a3bac
x509_t* argument in get_issuer() method is not constant any more because a short cut to the ca might be set
2007-05-25 08:17:29 +00:00
Andreas Steffen
64bf6e564b
added parsing of charging and group attributes
2007-05-25 07:26:33 +00:00
Andreas Steffen
babb69109f
version bump to 4.1.3
2007-05-25 07:25:38 +00:00
Martin Willi
532137e70f
fixed man page
2007-05-25 07:19:49 +00:00
Martin Willi
8e79d8d3de
updated man-page for left/rightsourceip
2007-05-25 07:15:18 +00:00
Martin Willi
1f2a0f8098
removed paranoid module checking
2007-05-25 05:45:41 +00:00
Martin Willi
1fa9bdc4fb
added compatibility names (pluto) for sha2 algorithms (sha2_256, ...)
2007-05-25 05:44:53 +00:00
Andreas Steffen
8c06e9c0ed
added #define LDAP_DEPRECATED in order to use old ldap_init() function
2007-05-24 12:09:48 +00:00
Andreas Steffen
3e4eac0b63
removed unneeded libdes files speed.c and des_opts.c
2007-05-24 12:08:44 +00:00
Andreas Steffen
02ee40ad6a
defined ietfAttr_t type and its destroy function
2007-05-23 19:43:24 +00:00
Andreas Steffen
8fbac48e26
removed old FreeS/WAN cvs revision entries
2007-05-23 19:27:48 +00:00
Andreas Steffen
2911f4ee37
added #include <linux/types.h> required by 2.6.21 linux headers
2007-05-23 19:27:02 +00:00
Martin Willi
76042f8471
proper thread cancellation when using the charon->interfaces
2007-05-23 09:08:13 +00:00
Martin Willi
0f6b068259
fixed crash when using 0.0.0.0/0 subnets
2007-05-23 06:33:22 +00:00
Martin Willi
b1450b48a0
removed misleading warning when rekeying
2007-05-23 06:32:41 +00:00
Martin Willi
16878f6823
support for virtual IP definition on client side:
...
if leftsourceip is defined, it is requested.
server may define rightsourceip=%config to accept any,
or it may overwrite it using rightsourceip.
if server does not return an IP, client enforces its configured leftsourceip.
2007-05-22 13:49:31 +00:00
Martin Willi
a06c068191
fixed memleak
2007-05-22 09:38:42 +00:00
Martin Willi
905438735a
using local address as gateway in installed routes
2007-05-22 07:47:16 +00:00
Andreas Steffen
3eb9630071
support of left|rightgroups parameter
2007-05-20 15:38:36 +00:00
Andreas Steffen
3388e7674d
fixed nextUpdate and until behaviour in the non-strict case
2007-05-19 19:46:13 +00:00
Andreas Steffen
6e04f25313
support of CA-based ipsec policies
2007-05-18 12:25:37 +00:00
Andreas Steffen
89665b3866
add is_ca() method
2007-05-18 10:16:10 +00:00
Andreas Steffen
27432db603
added set_ca_info() and get_ca_info() methods
2007-05-18 10:15:23 +00:00
Andreas Steffen
889c2ded1c
output of eap_type_names requires %N format
2007-05-18 10:14:01 +00:00
Andreas Steffen
ec3c02a303
added set_other_ca() and get_other_ca()
2007-05-17 17:55:29 +00:00
Andreas Steffen
7d26a0ee03
added set_other_ca() and get_other_ca()
2007-05-17 17:55:02 +00:00
Andreas Steffen
13de65882b
export MAX_CA_PATH_LEN
2007-05-17 17:19:09 +00:00
Andreas Steffen
45156cc791
check self-signedness of certificate at creation time
2007-05-17 17:18:38 +00:00
Martin Willi
bcd887781a
removed route_job, handled all in interface_manager
2007-05-16 08:49:10 +00:00
Martin Willi
ce27ac8012
routing/unrouting through interface
2007-05-16 08:32:15 +00:00
Andreas Steffen
9b6591e796
authentication failure is handled in ike_auth.c
2007-05-15 19:05:26 +00:00
Andreas Steffen
16c72c0c4f
cosmetics
2007-05-15 19:04:15 +00:00
Andreas Steffen
8a664830d0
cosmetics
2007-05-15 19:03:23 +00:00
Andreas Steffen
df9fbd2c64
adapted authentication failure text to those in the authenticators
2007-05-15 14:52:44 +00:00
Andreas Steffen
ca78602304
verification of locally loaded peer certificates
2007-05-15 14:51:04 +00:00
Andreas Steffen
2e324229c0
support of multiple certificates with same peer id
2007-05-15 12:46:05 +00:00
Andreas Steffen
b17e0db372
cosmetics
2007-05-15 12:45:19 +00:00