Andreas Steffen
676e862487
fixed another printf statement
2013-04-09 15:16:49 +02:00
Andreas Steffen
1a185ae14b
fixed printf statements
2013-04-08 22:21:14 +02:00
Andreas Steffen
12fa1784d0
emit a single assig_vips bus message for all VIPs
2013-04-06 14:16:30 +02:00
Andreas Steffen
ba2880d569
ifmap plugin subscribes to assing_vip bus signal
2013-04-06 11:09:41 +02:00
Tobias Brunner
5cb4f5519b
Added missing sasl Doxygen group
2013-04-05 16:03:39 +02:00
Tobias Brunner
14edee56bf
unity: Check IKE_SA in only after enumerating virtual IPs
2013-04-05 16:03:10 +02:00
Andreas Steffen
8dade2d146
fixed configure options
2013-04-04 21:09:07 +02:00
Andreas Steffen
2a4915e87a
cleaned up XML code in tnccs-11 plugin
2013-04-04 17:12:07 +02:00
Martin Willi
9c84bbcbc0
duplicheck: track multiple IKE_SAs in checking state to avoid any races
...
When two consequent duplicates have been detected, track state of each checking
IKE_SA separately, avoiding potential race conditions between the active SA
and the different SAs in checking state.
2013-04-04 15:51:48 +02:00
Andreas Steffen
93f53a78b5
fixed memory leak
2013-04-03 21:38:04 +02:00
Andreas Steffen
3ea6fcb593
properly handle orphaned renewSession jobs
2013-04-03 21:38:04 +02:00
Andreas Steffen
91503c2112
support chunked HTTP responses
2013-04-03 21:38:04 +02:00
Andreas Steffen
1044710b04
implemented periodic IF-MAP RenewSession request
2013-04-03 21:38:04 +02:00
Martin Willi
bee8b5e385
Refactor check_for_rekeyed_child() in quick_mode task
2013-04-03 17:08:00 +02:00
Martin Willi
ac48d9e458
Reuse reqid of an existing Quick Mode, even if it has been rekeyed
...
If two peers rekey Quick Modes at the same time, the original Quick Mode is
in REKEYING state and hence the requid is not reused. This is required though,
as two identical policies won't work if they have different requids.
2013-04-03 15:56:26 +02:00
Martin Willi
7f4f1e8249
List all stroke counters when "all" is given, and report if connection not known
2013-04-03 14:58:08 +02:00
Martin Willi
bee6515a28
Defer CHILD_SA rekeying if allocating an SPI fails
2013-04-03 12:25:27 +02:00
Martin Willi
3f4300ed1e
Accept a certificate/key pair to use client authentication in tls_test
2013-04-02 16:09:17 +02:00
Andreas Steffen
e019fa60b7
version bump to 5.0.3
2013-04-02 08:55:40 +02:00
Andreas Steffen
d4a1ae3af1
allow retrieval of private keys from other credential sets
2013-04-02 08:55:40 +02:00
Andreas Steffen
c2c4125cde
improve checking of sent and received http messages
2013-04-02 08:55:40 +02:00
Tobias Brunner
96ad2b17b0
Updated strongswan.conf(5) man page
2013-04-01 16:56:47 +02:00
Tobias Brunner
eca499f3d9
Load raw keys before possibly destroying the identity
...
If no identity (or %any) is configured the identification_t object is
destroyed and an invalid object was associated with the created pubkey
certificate.
Actually using %any does not work as the certificate would not match
when the client later provides an identity.
2013-04-01 13:48:34 +02:00
Tobias Brunner
a009aedb0b
ipseckey: Use proper daemon name for enable option
2013-04-01 13:46:09 +02:00
Tobias Brunner
53ac177cde
Properly handle situation if no resolver plugins are loaded
2013-04-01 13:44:04 +02:00
Andreas Steffen
5a516a83da
fixed capability metadata
2013-03-31 22:15:42 +02:00
Andreas Steffen
fec7c824b8
fix start of wpa_supplicant
2013-03-31 19:48:07 +02:00
Andreas Steffen
0cf4dc53c7
updated strongswan.conf man page for tn_ifmap plugin
2013-03-31 19:05:53 +02:00
Andreas Steffen
45e2be2399
renamed tnc_ifmap2 plugin to tnc_ifmap
2013-03-31 16:37:30 +02:00
Andreas Steffen
bde8e287d9
removed obsoleted tnc_ifmap plugin
2013-03-31 16:07:08 +02:00
Andreas Steffen
4581767493
implemented http basic authentication
2013-03-31 15:59:32 +02:00
Andreas Steffen
e8675cb35d
parse IF-MAP server URI
2013-03-31 11:39:06 +02:00
Andreas Steffen
4f4875ff13
implemented publish_enforcement_report and endSession methods
2013-03-30 13:19:27 +01:00
Andreas Steffen
628fee4563
implemented publish_ike_sa method
2013-03-30 09:15:16 +01:00
Andreas Steffen
c6f9b1fb1f
ifmap message type is known
2013-03-30 08:22:33 +01:00
Andreas Steffen
b02bdc1e06
implemented publish_device_ip method
2013-03-30 08:11:10 +01:00
Andreas Steffen
14bf3cc1bd
added IF-MAP SOAP error handling
2013-03-30 08:10:39 +01:00
Andreas Steffen
cd13c9a90f
created tnc_ifmap2_soap_msg class
2013-03-29 23:09:11 +01:00
Andreas Steffen
b885c3cde6
implement NewSession and PurgePublisher messages using the libxml2 library
2013-03-29 22:29:12 +01:00
Andreas Steffen
e99aab35de
set up a new IF-MAP session
2013-03-29 09:42:06 +01:00
Andreas Steffen
5a8dd63433
fixed typo
2013-03-27 22:56:37 +01:00
Tobias Brunner
54781f5f34
Fixed Doxygen comment in eap_radius plugin
2013-03-27 11:08:55 +01:00
Tobias Brunner
ae8ac58c45
Fix detection and use of netinet/ip6.h on FreeBSD
2013-03-27 09:56:48 +01:00
Tobias Brunner
613fb0b494
Don't set USE_ATTR_SQL when the sql plugin is enabled only
2013-03-27 07:47:53 +01:00
Tobias Brunner
419a9a4fcd
Make some private functions in plugins static
...
Fixes monolithic build.
2013-03-27 07:32:55 +01:00
Martin Willi
c59f3dcb68
Use new strongSwan HA kernel patchset keeping iptables ABI
...
Allows us to install stock debian iptables without the need for patching and
compiling our own.
2013-03-26 10:31:29 +01:00
Martin Willi
b5f3c1f785
Define SSHCONF from strongswan testing directory, not TESTDIR
...
This fixes the use of SSHCONF in the ssh wrapper script before ./do-tests
had a chance to create the required symlinks.
2013-03-26 10:31:29 +01:00
Martin Willi
0ba8842348
Lazy unmount guest filesystem after building image, as it still might be busy
2013-03-26 10:31:29 +01:00
Tobias Brunner
51caeeb161
crypt_burn: Proper cleanup
2013-03-25 18:40:32 +01:00
Tobias Brunner
d4f2f3dd7f
crypt_burn: Fix loop condition for regular crypters
2013-03-25 18:40:31 +01:00