Andreas Steffen
|
133accfcfd
|
differentiate between TLS messages and EAP-[T]TLS packets in the debug output
|
2010-08-10 19:02:05 +02:00 |
|
Martin Willi
|
07d2b39123
|
Parse important extendedKeyUsage flags in openssl plugin
|
2010-08-10 18:46:31 +02:00 |
|
Martin Willi
|
a0a8aaaf4f
|
Parse UPN subjectAltName in openssl plugin
|
2010-08-10 18:46:31 +02:00 |
|
Martin Willi
|
772cba39e4
|
Parse UPN subjectAltNames in x509 plugin
|
2010-08-10 18:46:31 +02:00 |
|
Martin Willi
|
82f62a7447
|
Added Microsoft OID for user principal name (UPN) subjectAltNames
|
2010-08-10 18:46:31 +02:00 |
|
Martin Willi
|
3d711a68fb
|
Added a stroke command to export cached x509 certificates to the console
|
2010-08-10 18:46:30 +02:00 |
|
Martin Willi
|
a944d2092b
|
Use bits instead of bytes for a private/public key
|
2010-08-10 18:46:30 +02:00 |
|
Martin Willi
|
33ddaaabec
|
Added support for different encryption schemes to private/public keys
|
2010-08-10 18:46:30 +02:00 |
|
Martin Willi
|
3547a9b87d
|
Migrated agent plugin to INIT/METHOD macros
|
2010-08-10 18:46:30 +02:00 |
|
Martin Willi
|
57202484e4
|
Migrated remaining classes in openssl plugin to INIT/METHOD macros
|
2010-08-10 18:46:30 +02:00 |
|
Martin Willi
|
646babd354
|
Migraded gcrypt plugin to INIT/METHOD macros
|
2010-08-10 18:46:30 +02:00 |
|
Martin Willi
|
876b61e132
|
Migrated gmp plugin to INIT/METHOD macros
|
2010-08-10 18:46:30 +02:00 |
|
Tobias Brunner
|
6432669fa2
|
Added support for early and late calls to Vstr wrappers.
That is, prevent a SIGSEGV if Vstr wrappers are called before printf_hook_t
is initialized and after it is destroyed.
|
2010-08-10 13:00:20 +02:00 |
|
Martin Willi
|
478eb66030
|
Fixed settings lookup if the section/key contains dots, second try
|
2010-08-09 14:30:16 +02:00 |
|
Andreas Steffen
|
3810afa9f9
|
log final TLS acknowledgement packet
|
2010-08-08 19:14:53 +02:00 |
|
Andreas Steffen
|
ded59df4fc
|
added level 2 debug info on sent TLS packets
|
2010-08-07 11:26:04 +02:00 |
|
Andreas Steffen
|
ab47a7924b
|
log EAP-TTLS version
|
2010-08-07 11:26:04 +02:00 |
|
Andreas Steffen
|
a622c6d019
|
fixed typo
|
2010-08-07 11:26:04 +02:00 |
|
Andreas Steffen
|
a6444fcdd4
|
EAP-TLS and EAP-TTLS use different constant MSK PRF label
|
2010-08-07 11:26:04 +02:00 |
|
Andreas Steffen
|
b4d30a425e
|
support server authentication only for EAP-TTLS
|
2010-08-07 11:26:04 +02:00 |
|
Andreas Steffen
|
26eb9b2d17
|
added eap_ttls plugin configuration
|
2010-08-07 11:26:04 +02:00 |
|
Tobias Brunner
|
fa9f101345
|
Properly initialize libstrongswan in _copyright.
This is required if libvstr is used.
|
2010-08-06 19:56:42 +02:00 |
|
Tobias Brunner
|
7c3dd613d7
|
Added missing Vstr wrappers for asprintf.
|
2010-08-06 19:56:42 +02:00 |
|
Martin Willi
|
7c03d707a5
|
Create a PKCS#11 session public key if we don't find one
|
2010-08-06 17:32:32 +02:00 |
|
Martin Willi
|
fed9407bb1
|
Implemented PKCS#11 RSA public key for keys found on a token
|
2010-08-06 17:02:41 +02:00 |
|
Martin Willi
|
babed73257
|
Export scheme_to_mechanism conversion function
|
2010-08-06 17:02:01 +02:00 |
|
Martin Willi
|
a02784da5d
|
Load certificate after enumeration
|
2010-08-06 17:00:23 +02:00 |
|
Jiri Bohac
|
30d8e8d04d
|
fix error-type range in parsing of NOTIFY payloads
|
2010-08-06 11:47:35 +02:00 |
|
Andreas Steffen
|
fd8ad4198d
|
added TTLS to EAP short names, too
|
2010-08-06 06:06:40 +02:00 |
|
Andreas Steffen
|
f32e56bbce
|
added EAP_TTLS method
|
2010-08-05 21:01:39 +02:00 |
|
Andreas Steffen
|
6ac797ad3a
|
added ikev2/rw-eap-tls-radius
|
2010-08-05 19:28:06 +02:00 |
|
Martin Willi
|
37d2d7e158
|
Whitespace cleanups
|
2010-08-05 13:58:49 +02:00 |
|
Martin Willi
|
e85bca7f22
|
Use certificate subject to get a public key of the TLS server
|
2010-08-05 13:13:45 +02:00 |
|
Andreas Steffen
|
6b717cc28d
|
no need for strongSwan VID since the EAP_ONLY notification has been officially registered with IANA
|
2010-08-05 12:47:09 +02:00 |
|
Tobias Brunner
|
edb82ab8ae
|
Some Doxygen fixes.
|
2010-08-05 11:53:53 +02:00 |
|
Andreas Steffen
|
7ea87db00d
|
added some more TLS debug output
|
2010-08-05 09:51:05 +02:00 |
|
Andreas Steffen
|
7030e3950a
|
fixed type in cipher suite list build
|
2010-08-05 01:26:10 +02:00 |
|
Andreas Steffen
|
4657b3a42a
|
log selected TLS version and cipher suite
|
2010-08-05 01:21:59 +02:00 |
|
Andreas Steffen
|
289c9ac3d7
|
log TLS handshake messages in debug level 2
|
2010-08-04 16:55:55 +02:00 |
|
Tobias Brunner
|
744b83c7c9
|
Fixed loading of secrets with IDs.
Since the ID string is manually terminated by a null character, write
permission is required for the mmapped ipsec.secrets.
|
2010-08-04 16:03:46 +02:00 |
|
Tobias Brunner
|
dca2d89209
|
Fixed loading of private keys without password.
The chunk storing the password was not correctly initialized, resulting
in a segmentation fault when no password was specified in ipsec.secrets.
|
2010-08-04 14:22:48 +02:00 |
|
Tobias Brunner
|
83628fd600
|
Accept EAP_ONLY_AUTHENTICATION notifies from any client, now that IANA allocated an ID.
|
2010-08-04 12:58:53 +02:00 |
|
Andreas Steffen
|
8e7920eea1
|
generated aaa certificate
|
2010-08-04 12:44:47 +02:00 |
|
Tobias Brunner
|
12549bedea
|
IKEv2 notification types updated.
|
2010-08-04 10:06:00 +02:00 |
|
Martin Willi
|
e82186fb5a
|
Reimplemented mem pool to support multiple leases for a single identity
|
2010-08-04 09:49:59 +02:00 |
|
Martin Willi
|
6e4f4d2fdf
|
Save/Load state of PKCS#11 hasher
|
2010-08-04 09:26:22 +02:00 |
|
Martin Willi
|
83e52fd12d
|
Register hmac/xcbc algorithms after potentially underlying PKCS#11
|
2010-08-04 09:26:22 +02:00 |
|
Martin Willi
|
a3aeb89227
|
Do initial slot enumeration manually
|
2010-08-04 09:26:22 +02:00 |
|
Martin Willi
|
0f0fc891d8
|
Implemented hasher_t using PKCS#11
|
2010-08-04 09:26:22 +02:00 |
|
Martin Willi
|
66267ea515
|
Defer certificate loading until all PKCS#11 modules are loaded
|
2010-08-04 09:26:21 +02:00 |