0406ed7a16
Fixed a crash in source address lookup
2009-09-23 11:18:30 +02:00
a7f79ee9c1
Define ME for all charon plugins
2009-09-23 11:13:27 +02:00
e20b792108
Correctly handle --enable-mediation option
2009-09-23 10:50:00 +02:00
677322b1bf
enforce coding rules
2009-09-22 21:50:28 +02:00
b62ce860c1
enforce coding rules
2009-09-22 20:55:10 +02:00
b88bbe8aa1
set XFRM_STATE_AF_UNSPEC flag
2009-09-22 20:55:10 +02:00
b262680175
Emit a ALERT_SHUTDOWN_SIGNAL before shutting down the daemon
2009-09-22 17:00:00 +02:00
a28334720c
adding additional flags to loaded X.509 certificates
2009-09-22 12:55:25 +02:00
b80fa9ca38
readying NEWS for the strongswan-4.3.5dr2 release
2009-09-22 12:44:58 +02:00
4b15ee8cd9
shortened file loading debug output
2009-09-22 12:33:13 +02:00
1271983ab9
computed hash-and-url for new certificates
2009-09-22 12:05:37 +02:00
f1092e20f4
Fixed encoding of hash-and-url cert payload
2009-09-22 10:07:04 +02:00
cb64b21217
Do not assign SIM version to a volatile buffer on stack
2009-09-22 09:11:35 +02:00
91cb348cc2
CA certificates are looked up using the subjectPublicKeyInfo keyid
2009-09-21 18:13:25 +02:00
c84b139a87
Credential backends use has_fingerprint() methods to select keys/certificates
2009-09-21 17:03:00 +02:00
640ed4d5a5
Public/Private keys implement a has_fingerprint() method
2009-09-21 16:47:25 +02:00
fde7f5abf8
Correctly serve certificates if CERT_ANY requested
2009-09-21 15:34:29 +02:00
c6a8990bc5
Enforce a local address of the same family as remote address
2009-09-21 15:30:40 +02:00
c331bce51d
Return certificates of requested kind only
2009-09-21 14:43:57 +02:00
8153be823b
plugin has been renamed to resolve
2009-09-20 22:03:23 +02:00
399ce164ad
delete resolv_conf_* files
2009-09-20 21:59:36 +02:00
af784261f5
all arguments must be read
2009-09-20 21:56:22 +02:00
4819ec6a71
resolv_conf plugin renamed to resolve
2009-09-20 19:06:58 +02:00
03f096df7e
adapt evaltest.dat to changed debug output
2009-09-20 17:23:24 +02:00
d7f2ffcf11
renewed certs in dynamic-initiator/dynamic-responder scenarios
2009-09-19 08:18:42 +02:00
6aa8d2c8bb
use new certificates
2009-09-19 00:26:55 +02:00
05a6a77d85
eliminated double library_deinit()
2009-09-19 00:00:56 +02:00
309b8b3956
keyids of renewed keys
2009-09-18 21:44:57 +02:00
afcd0b9787
updated to renewed certs in SQL database
2009-09-18 21:22:37 +02:00
bdfe17c79b
renewal of end entity certificates
2009-09-18 21:17:03 +02:00
ddbb34093f
fixed --enable-eap-md5 and --enable-eap-gtc options
2009-09-18 18:23:26 +02:00
d78a0262d1
backwards compatibility with SQL format
2009-09-18 15:48:24 +02:00
c7a64d6f41
Use helper functions to handle (non-)skippable attributes
2009-09-18 15:08:43 +02:00
e466139c91
Clients can handle AKA-Identity requests by sending the full identity
2009-09-18 14:51:35 +02:00
85af7a89c6
nm uses the distributions trusted root CAs if none is explicitly specified
2009-09-18 14:34:27 +02:00
d245f5cf33
some reformulations
2009-09-17 22:21:14 +02:00
7aa495d9d0
get_private() in listcacerts requires a valid auth cfg
2009-09-17 12:47:03 +02:00
4a03e85b37
Fixed nexthop lookup, used by source route installation
2009-09-16 13:55:32 +02:00
36b7ba5ee3
Use continue to advance to next iteration
2009-09-16 13:32:47 +02:00
075448fbc8
Complain about missing %defaultroute support only if one is actually used
2009-09-16 13:27:49 +02:00
b538b606da
Use the default debug hook if possible
2009-09-16 13:16:00 +02:00
5289249449
Default logger implementation can be modified by dbg_default_set_level/stream
2009-09-16 13:06:16 +02:00
a474081f1f
Removed obsolete per-command debug level option
2009-09-16 12:52:56 +02:00
4e1cade52f
Fixed loading of DER encoded certificate files
2009-09-16 11:24:35 +02:00
934942dddb
corrected usage
2009-09-15 22:43:22 +02:00
c657492705
pki --req generates a PKCS#10 certificate request
2009-09-15 22:33:32 +02:00
edf30136b0
implemented ASN.1 encoding of PKCS#10 attributes
2009-09-15 21:55:44 +02:00
8101695b32
fixed typo
2009-09-15 16:48:13 +02:00
88fdf88a1f
Disable rtnetlink defaultroute lookup if pluto is disabled
...
As we do not support Pluto on BSD/Mac, exclude the Linux specific
rtnetlink routing lookup; Charon doesn't require it anyway.
2009-09-15 13:16:39 +02:00
aa5d446939
Get starter default route via rtnetlink
...
This patch changes the way routes are fetched from the kernel by starter.
The way it's currently done (via /proc) is limited to routes in the
"main" routing table. Routes from the "default" table are never seen by
starter. Starter may miss the default route even if it's set. Thus, default
routes are now read from the "main" and the "default" table.
The way this code behaves if more than one default route is found is slightly
different to before. Instead of bailing out it just chooses the one with the best
metric. I thought this was be a reasonable change.
2009-09-15 12:55:25 +02:00
Martin Willi