Martin Willi
6150efa885
Added charon to .gitignore
2010-03-19 17:17:54 +01:00
Tobias Brunner
d92b337fe9
Do not indent the source file lists in Android.mk files so we can easily compare them to the lists in the Makefile.am files.
2010-03-19 13:34:53 +01:00
Tobias Brunner
0f5a043989
Use wildcards to gather plugin source files.
2010-03-19 13:34:53 +01:00
Tobias Brunner
52c7257366
Adding support for the build of libcharon (and charon) on Android.
2010-03-19 13:34:53 +01:00
Tobias Brunner
78060ba063
Do not link libcharon to libstrongswan.
...
Linking to libstrongswan breaks the integrity-tests because libtool
relinks libcharon to libstrongswan on install, thus changing the
checksum.
2010-03-19 13:34:53 +01:00
Tobias Brunner
ef87a61efd
Explicitly link charon to libstrongswan.
...
Also fixed the reference to the pthread library.
2010-03-19 13:34:53 +01:00
Gerd von Egidy
454faa47de
Don't indirectly link dependent libraries.
...
The default behaviour for ld allows users to 'indirectly' link to required
objects/libraries through intermediate objects/libraries. While this is
convenient, it can also be dangerous because it makes your program's
dependencies tied to the dependencies of other objects.
Beginning with Fedora 13 this will be changed and you need to explicitly
link all dependent libraries.
More details can be found here:
http://fedoraproject.org/wiki/UnderstandingDSOLinkChange
This patch fixes all such cases in strongSwan.
2010-03-19 13:34:53 +01:00
Tobias Brunner
02222dfa65
Make integrity tests compatible with libcharon.
...
This does currently not work because libtool relinks libcharon on
install, thus changing the checksum.
2010-03-19 13:34:53 +01:00
Tobias Brunner
349fa52852
Replacing the original charon with a small wrapper around libcharon.
2010-03-19 13:34:52 +01:00
Tobias Brunner
bd3f8ea30b
Convert charon into libcharon.
2010-03-19 13:34:52 +01:00
Tobias Brunner
08c5572602
Moving charon to libcharon.
2010-03-19 13:34:52 +01:00
Martin Willi
7c11d10eb8
Removed strayed code fragment
2010-03-19 10:25:12 +01:00
Heiko Hund
437690f897
ipsec pool --batch command
...
Introduce the --batch command which reads several ipsec pool commands
and their arguments from a file or STDIN. Useful if you need to run
serveral commands atomically from a configuration daemon or likewise.
Signed-off-by: Heiko Hund <hhund@astaro.com>
2010-03-19 10:23:40 +01:00
Heiko Hund
a90ed06f8a
ipsec pool error return status
...
Fix the error return status of the ipsec pool command. Also make --del for
attributes succeed if no --server option was given.
Signed-off-by: Heiko Hund <hhund@astaro.com>
2010-03-19 10:23:35 +01:00
Heiko Hund
ef9f69a2b9
ipsec pool --replace command
...
Introduce the pool --replace command as an alternative to --add. Also change
the current behavior of allowing duplicate pool names so that, --add with
an existing name fails and --replace removes the existing pool before
adding the new one.
Signed-off-by: Heiko Hund <hhund@astaro.com>
2010-03-19 10:23:29 +01:00
Heiko Hund
49a452e3a2
--addresses option for ipsec pool --add command
...
Introduce the --addresses option for --add that can be used to add a pool
containing non-contiguous addresses. Additionally it allows to preclaim
certain addresses for certain roadwarrior IDs. See the second chunk of
the patch for a more detailed description.
Signed-off-by: Heiko Hund <hhund@astaro.com>
2010-03-19 10:23:26 +01:00
Martin Willi
f0da32c58d
Introduced ipsec.conf NTLM keyword for NT hashes
2010-03-17 18:51:00 +01:00
Martin Willi
a7fb418edd
EAP-MSCHAPv2 can use stored NT hashes in addition to plaintext passwords
2010-03-17 18:50:53 +01:00
Thomas Egerer
d266e8953e
lookup exclusion for several arbitrary routing tables
2010-03-17 10:08:02 +01:00
Tobias Brunner
7b1fc2f7cf
Fixing a compiler warning when building with -Wextra.
2010-03-16 12:42:58 +01:00
Andreas Steffen
a3316c2b9f
setting the two most significant bits assures an RSA modulus of maximum bit size
2010-03-15 15:13:26 +01:00
Andreas Steffen
c0df187cb4
we don't accept a serial number with leading zeroes
2010-03-14 19:41:40 +01:00
Tobias Brunner
d5f1b9b3c1
Reordered the name and sname construction.
2010-03-12 17:34:32 +01:00
Tobias Brunner
01b87c2bc1
Fixed a bug in pluto's x509 handling.
...
This bug would have lead to a segmentation fault, if no public key could
have been extracted from a certificate.
2010-03-12 17:28:20 +01:00
Andreas Steffen
4cedab5ad7
deleted old strongSwan VIDs
2010-03-12 03:29:18 +01:00
Andreas Steffen
0ef84e5e4d
enable build of socket-default plugin
2010-03-11 21:53:18 +01:00
Andreas Steffen
44f1024705
mixed IKEv1/IKEv2 scenarios require socket-raw
2010-03-11 21:32:36 +01:00
Martin Willi
520f6b846a
Added a very minimalistic SMTP client to send mails via a local Exim
2010-03-11 10:51:16 +01:00
Martin Willi
0fa7d1abb3
Do not disable the default-socket if it was enabled explicitly
2010-03-11 08:52:48 +01:00
Martin Willi
81e9e75940
Set a xy_given variable for a --enable/disable-xy option
...
This additional variable allows a check if an option was
explicitly given or implicitly set using the default.
2010-03-11 08:50:12 +01:00
Martin Willi
a3920abb76
Add a getter for the HTTP referer
2010-03-10 15:09:12 +01:00
Andreas Steffen
d12ad4748a
fix 64bit issue with time_t from database
2010-03-10 10:46:49 +01:00
Tobias Brunner
a5166b16a1
Adding socket-default to the plugin list in all test cases.
2010-03-09 17:43:21 +01:00
Tobias Brunner
908d571796
Provide the Diffie Hellman parameters from a central location, so that we do not have to replicate them in every plugin that implements the DH interface.
...
The main reason for this change is that Android's libcrypto does not
include the get_rfcX_prime_Y functions by default. Therefore we would
have had to replicate the primes a third time.
2010-03-09 17:15:16 +01:00
Tobias Brunner
38031382dc
Adding the OpenSSL plugin to the Android build.
2010-03-08 17:21:46 +01:00
Tobias Brunner
16c8442a3e
Fixing integrity tests after renaming the plugin constructors.
2010-03-08 15:34:38 +01:00
Tobias Brunner
d543d9cadf
Adding a helper function that translates single characters in a string.
2010-03-08 15:34:38 +01:00
Tobias Brunner
d14203b009
Replaced the deprecated RSA_generate_key with RSA_generate_key_ex.
2010-03-08 15:34:38 +01:00
Martin Willi
40f130dab3
Implemented the PRF_KEYED_SHA1 algorithm in the openssl plugin
2010-03-08 13:16:12 +01:00
Martin Willi
33e4ee59ed
Removed accidentally commited files from tree, ignore tarballs and patches
2010-03-08 09:36:46 +01:00
Andreas Steffen
31bd75ec64
removed unwanted commits
2010-03-07 21:11:57 +01:00
Andreas Steffen
ceeb9bac8b
critical keyUsage extension must be parsed
2010-03-07 20:51:34 +01:00
Andreas Steffen
469d448333
recognize strongSwan VID
2010-03-07 17:52:04 +01:00
Andreas Steffen
1ec8f22de2
set Certificate Sign and CRL Sign flags in keyUsage extension if CA is true
2010-03-07 17:27:53 +01:00
Tobias Brunner
3bcfb271a3
Make Android.mk depend on configure.in, so it gets rebuilt if the version number got changed.
2010-03-05 14:59:29 +01:00
Tobias Brunner
d6731a0f26
parser.l includes y.tab.h, so it must be built first
2010-03-05 14:59:22 +01:00
Tobias Brunner
73f5940b1c
Ignore the generated y.output.
2010-03-05 14:47:08 +01:00
Tobias Brunner
551b02029e
Do not hardcode the path to the strongSwan sources.
2010-03-05 14:47:08 +01:00
Tobias Brunner
de64e2166d
Ignore the generated Android.mk
2010-03-05 14:47:08 +01:00
Tobias Brunner
807c12ce66
Generate the main Android.mk, so the version number is not hardcoded.
...
We include the generated file in the distribution, so users won't
have run configure if they are building for Android.
2010-03-05 14:46:59 +01:00