Tobias Brunner
5ee0747cfd
autoconf: Split PACKAGE_VERSION in four parts
...
The parts can be accessed with the variables:
PACKAGE_VERSION_MAJOR
PACKAGE_VERSION_MINOR
PACKAGE_VERSION_BUILD
PACKAGE_VERSION_REVIEW
The last part will be empty for regular releases.
2013-09-02 11:30:24 +02:00
Tobias Brunner
10a69c32c2
conftest: Fix hook constructor resolution via dlsym()
...
AM_CPPFLAGS only takes preprocessor flags like -I or -D, so it did not
forward -rdynamic to the linker (--export-dynamic), which meant that the
symbols defined in the executable itself were not resolvable via dlsym().
Fixes #394 .
2013-08-30 19:45:51 +02:00
Andreas Steffen
4e2a176229
SWID IMC implements recursive tag collection in /usr/share
2013-08-30 16:25:55 +02:00
Tobias Brunner
2a7a9471dd
aes-test: Rename crypt() as it conflicts with a library function on Mac OS X
...
unistd.h on Linux defines this only if _XOPEN_SOURCE is defined.
2013-08-30 08:51:09 +02:00
Mathias Krause
45b80880f8
kernel-pfroute: Fix mixed up memset() call in get_route()
...
The retry code introduced in dc8b083
got the memset() arguments wrong.
Fix this to ensure the buffer gets zeroed, for real.
It probably doesn't matter as we do reset the message length on retry, so
the stale data shouldn't be seen by anyone.
Found-by: git grep 'memset\s*\([^,]*,\s*[^,]*,\s*0\s*\)'
2013-08-29 18:56:39 +02:00
Martin Willi
b656f63efe
testing: support a .gitignored testing.conf.local for site-local configurations
2013-08-29 15:55:23 +02:00
Martin Willi
a0cd955f42
charon-xpc: add a note how to build the source tarball
2013-08-29 12:28:54 +02:00
Martin Willi
74ee1120d7
charon-xpc: include and prefer AES-GCM algorithms in ESP proposal
2013-08-29 11:37:07 +02:00
Andreas Steffen
ee2d6f8618
Version bump to 5.1.1dr2
2013-08-28 23:00:47 +02:00
Andreas Steffen
1e82e27ac5
Added TCG-SWID error handling
2013-08-28 22:53:57 +02:00
Andreas Steffen
db4a072ca9
Added scripts/aes-test to .gitignore
2013-08-28 22:52:30 +02:00
Andreas Steffen
7bda0f0c8b
Added tzset memory leak to whitelist
2013-08-28 22:51:17 +02:00
Andreas Steffen
0d9e375193
Selectively enable PT-TLS and/or RADIUS sockets in tnc-pdp plugin
2013-08-26 20:36:07 +02:00
Tobias Brunner
9455f8b386
aes-test: Support test vectors at the end of a file
2013-08-24 16:22:51 +02:00
Tobias Brunner
8972c72237
aes-test: Add script to test AES implementations according to AESAVS/GCMVS
2013-08-24 16:22:51 +02:00
Tobias Brunner
f0c54e8c15
chunk: Print chunks without separator if + modifier is used
2013-08-24 16:22:51 +02:00
Tobias Brunner
32a145fdbd
utils: Add case-insensitive version of strpfx()
2013-08-24 16:22:51 +02:00
Martin Willi
49032d15be
stroke: stop enumerating IKE_SAs in statusall if output stream gets closed
...
If the output stream is not interested in more information, it can close the
the stream. Checking for stream errors avoids useless enumeration of IKE_SAs,
saving resources. This allows to use "ipsec statusall | head" to monitor the
daemon, or stop enumerating IKE_SAs after a specific entry has been found.
2013-08-23 14:27:17 +02:00
Andreas Steffen
03d673620d
Cleaned configuration files in PT-TLS client scenario
2013-08-22 17:24:20 +02:00
Tobias Brunner
d7ae0b254d
kernel: Restore enumeration of all addresses when searching for address in TS
...
Since f52cf07532
addresses on ignored, down or loopback interfaces were
not considered as valid addresses anymore when searching for an address
contained in the local traffic selector. This meant that route
installation failed, for instance, if charon.install_virtual_ip_on was
set to 'lo', or, on gateways, if internal interfaces were ignored with
the charon.interfaces_* options.
2013-08-21 17:01:03 +02:00
Tobias Brunner
85ca2f7441
conftest: Disable reset_seq hook on systems other than Linux
...
Fixes #386 .
2013-08-21 11:27:28 +02:00
Tobias Brunner
e001cc2b07
kernel-netlink: Fix calculation of ESN bitmap length
...
While bmp_len stores the number of u_int32_t the allocated bitmap
actually consists of those integers.
2013-08-21 08:28:12 +02:00
Andreas Steffen
2b32884d39
Added stand-alone pt-tls-client to NEWS
2013-08-19 12:28:12 +02:00
Andreas Steffen
aff4367907
Flush iptables rules on alice
2013-08-19 12:20:57 +02:00
Andreas Steffen
f859645b12
Fixes in tnc scenarios
2013-08-19 11:44:51 +02:00
Andreas Steffen
10c7ca2399
Added tnc/tnccs-20-pt-tls scenario
2013-08-19 11:36:23 +02:00
Andreas Steffen
e626821677
Version bump to 5.1.1dr1
2013-08-19 10:03:23 +02:00
Andreas Steffen
1e92d5f114
Process PB-TNC batches received via PT-TLS asynchronously
2013-08-19 09:52:12 +02:00
Andreas Steffen
9dc3b2053d
Optimize TLS socket buffer for TLS_MAX_FRAGMENT_LEN
2013-08-19 09:50:57 +02:00
Andreas Steffen
70a80ef5d4
Output handler of a given workitem
2013-08-16 14:14:13 +02:00
Andreas Steffen
4d2bac37c4
Implemented SWID Tag Inventory attribute
2013-08-16 14:13:35 +02:00
Andreas Steffen
f405c15a59
deleted moved files
2013-08-15 23:34:23 +02:00
Andreas Steffen
b38d9d5a54
Implemented SWID prototype IMC/IMV pair
2013-08-15 23:34:23 +02:00
Andreas Steffen
0bd29a438e
Updated the SWID attributes
2013-08-15 23:34:23 +02:00
Andreas Steffen
e689de6b8c
Optimized PT-TLS data transfer
2013-08-15 23:34:23 +02:00
Andreas Steffen
6aff4b5ce8
Show host address of peer connecting to PT-TLS socket
2013-08-15 23:34:23 +02:00
Andreas Steffen
0a09b02dcf
Set client identity with TLS certificate authentication
2013-08-15 23:34:23 +02:00
Andreas Steffen
9cc606d22a
Fixed memory leak in SASL PLAIN
2013-08-15 23:34:23 +02:00
Andreas Steffen
663ea1407d
added --optionsfrom capability
2013-08-15 23:34:23 +02:00
Andreas Steffen
7c027f7983
Use client identities from successful authentications, only
2013-08-15 23:34:23 +02:00
Andreas Steffen
d6719c974c
Add pt-tls-client to .gitignore
2013-08-15 23:34:23 +02:00
Andreas Steffen
97b1d39de5
Extract client identity and authentication type from SASL authentication
2013-08-15 23:34:22 +02:00
Andreas Steffen
6d6100c2bc
Added some debug statements
2013-08-15 23:34:22 +02:00
Andreas Steffen
f420d5f380
enabled SASL PLAIN authentication
2013-08-15 23:34:22 +02:00
Andreas Steffen
8327c44b74
PT-TLS connection is properly terminated
2013-08-15 23:34:22 +02:00
Andreas Steffen
12b3db5006
moved tnc_imv plugin to libtnccs thanks to recommendation callback function
2013-08-15 23:34:22 +02:00
Andreas Steffen
9d8c28e2f5
Documented plugin move from libcharon to libtnccs in strongswan.conf
2013-08-15 23:34:22 +02:00
Andreas Steffen
e8f65c5cde
Moved tnc-tnccs, tnc-imc, tnccs-11, tnccs-20 and tnccs-dynamic libcharon plugins to libtnccs
2013-08-15 23:34:22 +02:00
Andreas Steffen
180a2f2642
rapid PT-TLS AR/PDP prototype
2013-08-15 23:34:22 +02:00
Andreas Steffen
f5b5d262e8
Add PT-TLS interface to strongSwan PDP
2013-08-15 23:34:22 +02:00