Martin Willi
eb8ed130af
added a trap-manager to handle routed policies outside of IKE_SAs
2009-05-08 10:03:58 +02:00
Tobias Brunner
d24a74c5b4
merging changes from portability branch back to trunk
...
important change for developers: %Y replaces %D to print identities!
2009-04-30 11:37:54 +00:00
Martin Willi
be0a03be64
set default CFLAGS globally, including -Wno-format
2009-04-27 11:34:07 +00:00
Martin Willi
568ced956c
prefer nm plugin over resolv-conf
2009-04-27 10:46:51 +00:00
Martin Willi
7f56b49461
attribute_manager supports attribute_handler's to handle configuration attributes via plugins
...
moved resolv.conf editing to a separate plugin (resolv_conf)
extended attribute_provider interface to hand out arbitrary attributes
moved strongswan.conf based dns/nbns configuration to a plugin (attr)
2009-04-24 14:13:52 +00:00
Andreas Steffen
08b2d288a1
scepclient and pluto use asn1 from libstrongswan
2009-04-20 20:53:38 +00:00
Martin Willi
e8a0be4895
fixed proposal_keywords.c generation in out-of-tree builds
2009-04-14 10:49:12 +00:00
Martin Willi
a44bb9345f
merged multi-auth branch back into trunk
2009-04-14 10:34:24 +00:00
Martin Willi
4a6b84a934
reintegrated eap-radius branch into trunk
2009-03-24 10:24:58 +00:00
Tobias Brunner
f98cdf7a47
adding plugin for EAP-MS-CHAPv2
2009-02-18 19:57:15 +00:00
Tobias Brunner
ea625fabf9
merging kernel_klips plugin back into trunk
2008-11-11 09:22:00 +00:00
Andreas Steffen
ef6d339c09
migrate_job() finds a matching child_cfg
2008-11-03 02:05:41 +00:00
Martin Willi
6a4ff35cc4
moved key derivation and management into keymat object
...
allows secured implementation of key management (e.g. in kernel or HW)
only IKE keys for now
2008-10-28 16:07:06 +00:00
Martin Willi
0fd6e95562
a load testing plugin, to:
...
find multi-threading issues
do performance profiling
2008-10-21 13:00:38 +00:00
Martin Willi
ad3af574a4
moved updown script invocation to an optional plugin
2008-10-16 11:48:18 +00:00
Tobias Brunner
1adaa02bb2
merging kernel_pfkey plugin back from kernel-interface branch
2008-10-14 08:46:31 +00:00
Martin Willi
79a878466c
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
Martin Willi
aa9a300677
userland support to process notifies for new NAT mappings detected in UDP encapsulation
2008-10-07 07:55:28 +00:00
Andreas Steffen
09d7ef2614
added --disable-kernel-netlink configure option
2008-10-03 03:27:42 +00:00
Tobias Brunner
a341a68fac
merging renaming of mode_t to ipsec_mode_t back to trunk
2008-09-25 13:56:23 +00:00
Tobias Brunner
507f26f685
merging modularized kernel interface back to trunk
2008-09-25 07:56:58 +00:00
Martin Willi
eb3e27059b
use libcap for capability dropping
...
optional, must be enabled --with-capabilities=libcap
will be extended to support --with-capabilities=libcap2
2008-08-29 09:24:14 +00:00
Martin Willi
1caa265c61
a (incomplete) implementation of draft-sheffer-ikev2-gtc-00.txt using PAM
2008-08-21 12:10:07 +00:00
Martin Willi
6dbce9c803
reimplemented dbus plugin for NetworkManager 0.7, renamed to nm
2008-07-31 11:16:14 +00:00
Martin Willi
6b64fe2684
loading unit-tester plugin as the last one
2008-07-21 11:16:07 +00:00
Martin Willi
364fca2cee
fixed identation
2008-06-19 11:50:13 +00:00
Martin Willi
61c4638646
first simple prototype of a UCI configuration plugin for OpenWRT
2008-06-17 14:17:51 +00:00
Tobias Brunner
ea0823dffd
ECDSA with OpenSSL
2008-06-10 09:08:27 +00:00
Andreas Steffen
eaa1399812
fixed the strongswan.conf path
2008-05-22 21:59:30 +00:00
Martin Willi
da1bc5e860
fixed loading of smp plugin
2008-05-19 14:20:07 +00:00
Martin Willi
99968bf0a0
fixed plugin names of EAP modules
2008-05-16 12:14:48 +00:00
Martin Willi
1ba62b5562
loading default modules depending on configure options
2008-05-16 08:52:32 +00:00
Martin Willi
782db7edd1
prototype of mediation client database plugin
2008-05-14 07:26:19 +00:00
Martin Willi
5b7ec6d4e0
renamed med_db plugin to medsrv, as we will introduce an additional medcli client plugin
2008-05-08 12:11:30 +00:00
Martin Willi
82d8368bd7
build plugins after daemon/libstrongswan
2008-04-15 07:57:01 +00:00
Martin Willi
cdcfe777f4
implementation of an CFG attribute framework, currently supporting virtual IPs
...
updated ipsec.conf sourceip parameter to support
CIDR notatation to serve from a pool
%poolname to query a separate (database?) pool
2008-04-09 12:54:47 +00:00
Martin Willi
9e72d3bcaf
defining ME globally, as we need it in plugins
2008-03-31 15:01:43 +00:00
Martin Willi
6b9290ff12
renamed xml plugin to smp to avoid confusion
...
added some dependency checks to configure
configure checks ClearSilver and fastcgi
cleanups in the build system here and there
2008-03-28 12:44:01 +00:00
Tobias Brunner
dc04b7c743
mediation extension adapted to the naming convention of the current version of the draft. note: the external interface (config, autotools) has not yet been changed
2008-03-26 18:40:19 +00:00
Martin Willi
dfd5cdcb88
cert_cache_t caches subject-issuer relations and subject certificates
...
ocsp/crl do not benefit yet due missing lookup function
2008-03-20 14:31:36 +00:00
Martin Willi
48acfe98ae
refactored trustchain verification, this should fix #33
...
moved auth_info/ocsp_response credset wrapper to separate files
2008-03-19 17:54:54 +00:00
Martin Willi
552cc11b1f
merged the modularization branch (credentials) back to trunk
2008-03-13 14:14:44 +00:00
Andreas Steffen
663fedbe44
implemented IKEV2 EAP-SIM server and client test module that use triplets stored in a file. For details see the scenario 'ikev2/rw-eap-sim-rsa'
2008-02-04 14:52:06 +00:00
Martin Willi
26e2467692
ported EAP-AKA branch into trunk
2007-12-13 10:54:29 +00:00
Martin Willi
4b403e7672
merged EAP-MD5 into trunk
2007-12-12 14:29:10 +00:00
Martin Willi
cbfb2aff50
added more ./configure build options for
...
EAP-Identity module
ipsec tools (openac, scepclient)
optional charon/pluto build
charon stroke interface
2007-12-03 14:47:15 +00:00
Martin Willi
7805ad302d
moved AUTH_LIFETIME handling in its own task (cleaner separation, proper payload order)
2007-12-03 10:52:18 +00:00
Martin Willi
8e78e43220
added a "libcharon-" prefix to plugins to avoid conflicts
2007-12-03 09:03:22 +00:00
Martin Willi
733f336ad3
socket_t implementation withouth raw sockets
...
--disable-raw-socket configure option
prevents charon/pluto to run in parallel
2007-11-26 11:20:00 +00:00
Tobias Brunner
d5cc175833
experimental P2P-NAT-T for IKEv2 merged back from branch
2007-10-03 15:10:41 +00:00