7240914955
Use eap_vendor_type_from_string() in stroke
2012-08-31 11:40:28 +02:00
db409006e4
Function added that parses EAP method strings ([eap-]type[-vendor])
2012-08-31 11:40:28 +02:00
576490ab09
Added method to enumerate EAP types contained in an EAP-Nak
2012-08-31 11:40:28 +02:00
cc4eec56f7
Encode EAP-Naks in expanded format if we got an expanded type request
...
Since methods defined by the IETF (vendor ID 0) could also be encoded in
expanded type format the previous check was insufficient.
2012-08-31 11:40:27 +02:00
78e8dca94f
Allow clients to request a configured EAP method via EAP-Nak
2012-08-31 11:40:27 +02:00
34742f1bf8
Virtual EAP methods handle EAP-Naks themselves
2012-08-31 11:40:27 +02:00
af04233e14
Send EAP-Nak with supported types if requested type is unsupported
2012-08-31 11:40:27 +02:00
7cad171da8
Filter invalid EAP authentication types when enumerating them
...
Valid authentication types defined by the IETF are 4-253 and 255.
2012-08-31 11:37:45 +02:00
eae5616ae6
Move our pseudo EAP types out of the range of valid EAP methods
2012-08-31 11:31:48 +02:00
078755d099
Added a method to enumerate registered EAP methods
2012-08-21 16:48:47 +02:00
f26796deb5
Remove unused src/dst variables in send_no_marker()
2012-08-21 09:34:32 +02:00
ba922f99cb
use pen_type_t for attribute request entries
2012-08-21 00:22:02 +02:00
dbb7859f9f
define pen_type_t as a vendor-specific type
2012-08-20 22:37:08 +02:00
88a5abf5e2
Don't use POSIX semaphores if a MONOTONIC clock is available
...
POSIX semaphores use CLOCK_REALTIME, but our semaphore_t abstraction
expects CLOCK_MONOTONIC based times. Use the mutex/condvar based
fallback if time_monotonic() actuall returns monotonic times.
2012-08-20 18:01:20 +02:00
10bdc7a968
Remove the unused second IKE_SA entry match function argument
...
LLVMs clang complains about this parameter, so remove it.
2012-08-20 17:42:14 +02:00
907d3d0f1d
Add a mutex/condvar based semaphore implementation if sem_timedwait is unavailable
...
Fixes #214 .
2012-08-20 17:20:26 +02:00
f39b3915cd
added IBM and OpenPTS Private Enterprise Numbers
2012-08-20 15:02:25 +02:00
acf27437cd
Add keymat_t constructor registration function
...
Using the register_constructor function enables custom keymat_t
implementations per IKE version. If no constructor is registered the
default behavior is preserved.
2012-08-20 13:02:47 +02:00
0810286269
fixed caption
2012-08-20 12:56:13 +02:00
c60310e62c
implemented IETF Attribute Request attribute
2012-08-20 12:27:14 +02:00
5ff8309889
version bump to 5.0.1dr3
2012-08-20 12:25:53 +02:00
3570c43968
openssl: Fix registration of the PUBKEY builder
...
libtls drops support for RSA suites if it does not find an RSA backend
(final builder for RSA public keys).
2012-08-18 17:49:57 +02:00
ef73bb52b1
Without the ties to PAM we can build eap-gtc on Android
2012-08-17 14:24:48 +02:00
ba27bf2af0
CAP_AUDIT_WRITE is now required by xauth-pam not eap-gtc plugin
2012-08-17 14:24:48 +02:00
113d2a6b99
Removed manual EAP method registration in eap-gtc plugin
2012-08-17 14:24:37 +02:00
91c0e0e3d9
Enable build of eap-tls, eap-ttls and eap-peap on Android
2012-08-17 13:55:44 +02:00
7ab348370c
Add a wrapper around vstr_add_fmt() to avoid having to link libcharon against libvstr
...
At least on Android the latter would be required.
2012-08-17 11:47:52 +02:00
21d8392041
starter: Restore original config in case also= is used (which reads the same values)
2012-08-16 16:45:11 +02:00
31a0e24b0f
Increased log level when listing interfaces and IP addresses during startup
...
This avoids confusing log messages in starter and ipsec statusall
already lists the available addresses anyway.
2012-08-16 16:14:15 +02:00
71b89d6722
Only load kernel plugins in starter when flushing SAD/SPD entries
...
This avoids keeping the kernel sockets open when they are not actually
needed, which could lead to resource problems (in particular with PF_KEY
where all open sockets receive all messages).
Fixes #217 .
2012-08-16 16:14:15 +02:00
aaefeafb49
Enable UDP decapsulation for both address families
...
Since the 3.5 Linux kernel both UDP implementations have a separate static
flag to indicate whether ANY sockets enabled UDP decapsulation.
As we only ever enabled it for one address family (in earlier versions IPv4
only, now for IPv6, if supported, and for IPv4 otherwise) UDP decapsulation
wouldn't work anymore (at least for one address family).
2012-08-16 15:26:37 +02:00
11b514bff6
Correctly transmit EAP-MSCHAPv2 user name if it contains a domain part
2012-08-16 10:03:49 +02:00
b8a4135dcb
fall through to evidence measurements if no file measurements must be done
2012-08-16 09:15:36 +02:00
81fbbc5381
upgraded to Ubuntu 12.04.1 LTS
2012-08-16 09:14:46 +02:00
52c0f181d4
added deletion of product/file entries to usage
2012-08-16 09:14:13 +02:00
f0b8d8c2c4
New Android release after adding error dialog
...
Skipped one version due to a rebasing mishap.
2012-08-15 11:23:06 +02:00
8df118f733
Show an error message if VPN is not supported
...
Some devices have Android 4 installed but the system images still seem to
lack the components that are required for VPN support. One such
component is the dialog used to grant permission to create .
2012-08-15 11:19:43 +02:00
c8d0c3b03d
Enable search for certificate lists (via SearchView in ActionBar)
2012-08-14 12:01:41 +02:00
4db2d6336e
Added new UI to select a specific CA certificate
...
With this change there is no need to wait for all certificates being loaded
anymore (this happens only when the user opens the selection activity).
2012-08-14 12:01:41 +02:00
cb431e12da
Don't try to save profile ID if there is none
2012-08-14 12:01:41 +02:00
7546735fec
List fragment for trusted certificates can notify listeners about clicks
2012-08-14 12:01:41 +02:00
b0b0eac6eb
Added an activity that shows lists of CA certificates in two tabs
2012-08-14 12:01:41 +02:00
caf85c872f
Added a ListFragment that lists trusted certificates (loaded via a custom Loader)
2012-08-14 12:01:41 +02:00
db8bea8311
Changed TrustedCertificateAdapter for use with ListViews and TrustedCertificateEntry
2012-08-14 12:01:41 +02:00
af46e950b1
Remove certificate spinner from edit view
2012-08-14 12:01:41 +02:00
f075536ebe
Function to get only system-wide CA certificates added to TrustedCertificateManager
2012-08-14 12:01:40 +02:00
2dc8998419
Added class to store trusted certificate entries for lists
2012-08-14 12:01:40 +02:00
17f806d8d0
fixed Makefile for libstrongswan dev headers
2012-08-14 10:21:28 +02:00
81d7e9bbaf
version bump to 5.0.1dr2
2012-08-14 10:05:57 +02:00
8b865d3b7a
skip boot aggregate check against database
2012-08-14 10:05:57 +02:00
Tobias Brunner