Andreas Steffen
5b6200888b
remove x509 plugin from openssl-ikev1 scenarios
2010-05-28 23:22:15 +02:00
Tobias Brunner
d070e0a6d1
Do not install trap policy if remote host is %any.
2010-05-28 15:43:12 +02:00
Andreas Steffen
e8960c2a99
be lenient towards wrong attribute encodings
2010-05-28 15:07:21 +02:00
Martin Willi
2e08be79a3
Send empty SIM/AKA-NOTIFICATION response for non-success codes, too
2010-05-27 15:04:25 +02:00
Martin Willi
ddf29f5b07
Added support for reading raw PUT/POST data from HTTP request
2010-05-27 09:30:14 +02:00
Martin Willi
f00a101590
Unwrap subjectKeyIdentifier from OCTET_STRING
2010-05-26 16:09:50 +02:00
Andreas Steffen
bd371ccac7
remove x509 plugin from remaining openssl-ikev2 scenarios
2010-05-25 15:49:58 +02:00
Andreas Steffen
2996cb3163
openssl-ikev2/rw-cert scenario doesn't need x509 plugin any more
2010-05-25 15:26:46 +02:00
Andreas Steffen
e2bd6b616e
several subnets can be concatenated
2010-05-22 22:53:24 +02:00
Andreas Steffen
2111dc1b84
added --showattr command to usage()
2010-05-22 10:46:15 +02:00
Martin Willi
24632bc0e8
Fixed compiler warning in invocation of crl_is_newer()
2010-05-21 16:41:13 +02:00
Martin Willi
09f38ebe54
Use CAs subjectKeyIdentifier as CRLs authorityKeyIdentifier
2010-05-21 16:38:19 +02:00
Martin Willi
0c73ceff0a
Added a --signcrl command to the pki utility
2010-05-21 16:25:51 +02:00
Martin Willi
13c593f126
Added support for CRL generation to x509 plugin
2010-05-21 16:25:51 +02:00
Martin Willi
aab861608a
Removed is_newer() from certificate_t, obsoleting all implementations
2010-05-21 16:25:51 +02:00
Martin Willi
8029e5efd2
Added generic implementations for crl_is_newer/certificate_is_newer
2010-05-21 16:25:51 +02:00
Martin Willi
654218a31b
Migrated x509_crl_t to INIT/METHOD macros
2010-05-21 16:25:51 +02:00
Martin Willi
6d7eed9a37
Implemented X.509 CRL reading using OpenSSL
2010-05-21 16:25:51 +02:00
Martin Willi
5728c6aa7e
Implemented X.509 certificate reading using OpenSSL
2010-05-21 16:25:51 +02:00
Andreas Steffen
3e3059ba7c
oops, removed stray parenthesis
2010-05-20 17:39:10 +02:00
Martin Willi
9806381322
Fixed doxygen group
2010-05-20 17:37:18 +02:00
Martin Willi
40b2be16e3
Whitelist OpenSSLs ERR_put_error() in leak-detective
...
As we do not invoke ERR_get/clear_error() in all error cases, the
error codes are not removed from the error queue. But it is save
to whitelist the put function, as it uses a circular buffer that
does not grow beyond ERR_NUM_ERRORS errors (16 by default).
2010-05-20 17:37:18 +02:00
Martin Willi
2e57b21252
Added a --print command to pki that dumps different credentials
2010-05-20 17:37:18 +02:00
Martin Willi
091d178060
Option to skip slow addr2line resolution in leak-detective
2010-05-20 17:37:18 +02:00
Andreas Steffen
36c1650b19
range check for configuration attribute types
2010-05-20 17:35:10 +02:00
Andreas Steffen
c2d10df6e7
implement ipsec pool -showattr function
2010-05-20 17:24:43 +02:00
Andreas Steffen
05f1096cd8
removed deprecated use of ipsec pool --attr|del dns|nbns from usage()
2010-05-20 16:30:15 +02:00
Tobias Brunner
e3dd6b1475
Only include C files that start with the plugin name when building for Android.
2010-05-20 12:01:12 +02:00
Andreas Steffen
c5c6f9b6da
added ipsec pool attribute support to NEWS
2010-05-19 21:53:55 +02:00
Andreas Steffen
ad6dbc41e5
management of any attribute by ipsec pool
2010-05-19 21:51:21 +02:00
Andreas Steffen
b596f4f260
updated ikev1/rw-cert scenario to support xauth integrity test
2010-05-19 08:31:39 +02:00
Andreas Steffen
f71cb4777e
checksum_builder() needs the pluto symbol
2010-05-19 08:02:22 +02:00
Andreas Steffen
73434ce9eb
updated ikev1/xauth-rsa-mode-config scenario to support xauth plugin
2010-05-18 22:57:12 +02:00
Andreas Steffen
1fe5d973cb
updated ikev1/xauth-psk-mode-config scenario to support xauth plugin
2010-05-18 22:56:42 +02:00
Andreas Steffen
17adc8d074
updated ikev1/xauth-psk-mode-config scenario to support xauth plugin
2010-05-18 22:48:37 +02:00
Andreas Steffen
ab0ecb7dd9
register virtual IPs under the XAUTH identity
2010-05-18 22:41:22 +02:00
Andreas Steffen
efde96b38e
updated ikev1/xauth-rsa-nosecret scenario to support xauth plugin
2010-05-18 20:20:55 +02:00
Andreas Steffen
4f1110ab7b
created ikev1/xauth-id-psk scenario
2010-05-18 20:04:52 +02:00
Andreas Steffen
dc5d63a599
updated ikev1/xauth-psk scenario to support xauth plugin
2010-05-18 20:04:02 +02:00
Andreas Steffen
8d7fffc942
clarified secret loading debug output
2010-05-18 16:54:25 +02:00
Andreas Steffen
8ebc3da64c
updated ikev1/xauth-rsa-fail scenario to xauth plugin
2010-05-18 16:54:25 +02:00
Andreas Steffen
2549ff7849
created ikev1/xauth-id-rsa scenario using XAUTH identities
2010-05-18 16:54:25 +02:00
Andreas Steffen
0a6085b13e
updated ikev1/xauth-rsa scenario to xauth plugin
2010-05-18 16:54:25 +02:00
Tobias Brunner
9ffb475e5d
Typo fixed.
2010-05-18 13:59:23 +02:00
Andreas Steffen
26ec52a405
implemented xauth as a pluto plugin
2010-05-18 13:51:27 +02:00
Martin Willi
ea409980b9
Handle collisions between rekey and the following delete properly
2010-05-18 12:21:38 +02:00
Martin Willi
d235274486
Added simple conditional packet receive delay
2010-05-18 12:21:05 +02:00
Martin Willi
45def2147b
Added simple conditional packet send delay
2010-05-18 12:20:32 +02:00
Martin Willi
42df8beeb6
Explicitly link gpg-error to gcrypt plugin
2010-05-17 12:36:30 +02:00
Martin Willi
322226c0ce
Link to libgpg-error to resolve additional symbols when testing for libgcrypt
2010-05-17 11:08:13 +02:00