ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
5,395 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

5395 Commits

Author SHA1 Message Date
Martin Willi 6e862e2152 Added PKCS#11 token plugin stub 2010-08-04 09:26:18 +02:00
Andreas Steffen f8bb082f1f added ikev2/rw-eap-tls-only scenario 2010-08-04 08:36:27 +02:00
Andreas Steffen 9dffc26b73 --enable eap-tls and --disable-load-warning in uml build 2010-08-04 07:48:19 +02:00
Tobias Brunner f8029ca3f9 test_cert adapted to extended signature of get_encoding(). 2010-08-03 19:00:56 +02:00
Tobias Brunner 56bceda7b5 Fixed compiler warnings. 2010-08-03 19:00:46 +02:00
Martin Willi 0f82a47063 Moved TLS stack to its own library 2010-08-03 15:39:26 +02:00
Martin Willi 0b71bc7af0 Moved eap-tls plugin to libcharon, updated to 4.4.1 APIs 2010-08-03 15:39:25 +02:00
Martin Willi 400df4ca7c Implemented EAP-TLS server functionality 2010-08-03 15:39:25 +02:00
Martin Willi 97abf95412 TLS stack keeps a copy of server/peer identities 2010-08-03 15:39:25 +02:00
Martin Willi c8a2fca58c Limit the number of EAP-TLS packets allowed 2010-08-03 15:39:25 +02:00
Martin Willi 8fef06a683 Use stricter state handling while processing TLS messages 2010-08-03 15:39:25 +02:00
Martin Willi dc9f34be4d Cleaned up the public TLS interface 2010-08-03 15:39:25 +02:00
Martin Willi 84d67ead4e Refactored common used operations into TLS crypto helper 2010-08-03 15:39:25 +02:00
Martin Willi 3e7e777941 Properly send empty EAP-TLS messages 2010-08-03 15:39:25 +02:00
Martin Willi 51313a39d1 Derive MSK for EAP-TLS authentication 2010-08-03 15:39:25 +02:00
Martin Willi 110364b042 Verify Server Finished message 2010-08-03 15:39:25 +02:00
Martin Willi f139b5786f Implemented input record decryption and verification 2010-08-03 15:39:25 +02:00
Martin Willi 84543e6efa Implemented key derivation, output record signing and encryption 2010-08-03 15:39:25 +02:00
Martin Willi 18010de23d Derive master secret, create Finished message 2010-08-03 15:39:25 +02:00
Martin Willi 149b7e6d01 Implemented the TLS specific PRF in its TLSv1.0 and TLSv1.2 variants 2010-08-03 15:39:24 +02:00
Martin Willi 3ddd164e5e Implemented sending of Certificate, ClientKeyExchange, CertificateVerify and ChangeCipherSpec as peer 2010-08-03 15:39:24 +02:00
Martin Willi 3a1640dea1 Implemented a tls_writer class to simplify TLS data generation 2010-08-03 15:39:24 +02:00
Martin Willi 4ef946dd64 Implemented a tls_reader class to simplify TLS data parsing 2010-08-03 15:39:24 +02:00
Martin Willi 3e962b0843 Process ServerHello(Done), Certificate(Request) messages 2010-08-03 15:39:24 +02:00
Martin Willi 698674c7f3 Send a ClientHello to start TLS negotiation 2010-08-03 15:39:24 +02:00
Martin Willi 536dbc00b9 Added TLS crypto helper, currently supports cipher suite selection 2010-08-03 15:39:24 +02:00
Martin Willi 9dc73cd21c Added support for AUTH_HMAC_SHA2_256_256, used in TLS 2010-08-03 15:39:24 +02:00
Martin Willi 4c0c2283a5 Added stubs for handshake handling, server and peer variants 2010-08-03 15:39:24 +02:00
Martin Willi 4c0124a0a2 Accept follow-up fragments with a TLS message length 2010-08-03 15:39:24 +02:00
Martin Willi 40e384ea01 Added dummy/identity implementations of the different TLS record layers 2010-08-03 15:39:24 +02:00
Martin Willi dcbbeb2d09 Pass TLS records to newly introduced TLS stack 2010-08-03 15:39:24 +02:00
Martin Willi f7f63c52e1 Added some TLS constants 2010-08-03 15:39:24 +02:00
Martin Willi b173819e5d (De-)fragment EAP-TLS packets, pass TLS records to upper layer 2010-08-03 15:39:24 +02:00
Martin Willi 2107953804 Added EAP-TLS plugin stub 2010-08-03 15:39:24 +02:00
Thomas Egerer 86a73f16ab Do not touch child from collision if peer deleted it 2010-08-03 10:32:38 +02:00
Waldemar Brodkorb 45e962edef substitute obsolete function calls(bzero/index) 2010-08-01 21:20:15 +02:00
Andreas Steffen 50fb724ddd delete tarball files 2010-07-30 22:27:41 +02:00
Andreas Steffen b599b80013 version bump to 4.4.2 2010-07-30 22:26:14 +02:00
Martin Willi 63163cc340 The va_list trick does not seem to be portable, revert dots-in-section fix 
This reverts commit 8f50d06c35.
 2010-07-30 10:57:59 +02:00
Thomas Egerer 5d2e159b41 Fix segfault on 'ipsec stroke up ]' command 2010-07-29 14:03:11 +02:00
Martin Willi 8f50d06c35 Fixed settings lookup if the section/key contains dots 2010-07-29 12:14:32 +02:00
Martin Willi c5c921bfa3 Added NEWS for snprintf() fixes 2010-07-28 11:06:49 +02:00
Martin Willi b8aeaea80c Fix use of snprintf() in pluto subjectAltName enumeration 2010-07-28 10:54:48 +02:00
Martin Willi c118559afe Fix use of snprintf() in IETF attributes to string conversion 2010-07-28 10:54:48 +02:00
Martin Willi 018543f3a8 Fix use of snprintf() in identification DN to ASCII conversion 2010-07-28 10:54:47 +02:00
Martin Willi c8bd06c7cf More NEWS for HA functionality 2010-07-28 10:49:58 +02:00
Martin Willi 98d0343870 Implemented a HA enabled in-memory address pool 2010-07-28 10:06:19 +02:00
Martin Willi 7455ab063f Added a function to segmentate a generic integer 2010-07-28 10:06:19 +02:00
Andreas Steffen ff7b0dd289 added NETMAP rules for the reverse direction 2010-07-27 21:16:44 +02:00
Andreas Steffen c100dd6b5f fixed description of ikev2/net2net-same-nets scenario 2010-07-27 20:50:28 +02:00