907d3d0f1d
Add a mutex/condvar based semaphore implementation if sem_timedwait is unavailable
...
Fixes #214 .
2012-08-20 17:20:26 +02:00
5ff8309889
version bump to 5.0.1dr3
2012-08-20 12:25:53 +02:00
81d7e9bbaf
version bump to 5.0.1dr2
2012-08-14 10:05:57 +02:00
09ae3d79ca
Merge branch 'android-app'
...
This branch introduces a userland IPsec implementation (libipsec) and an
Android App which targets the VpnService API that is provided by Android 4+.
The implementation is based on the bachelor thesis 'Userland IPsec for
Android 4' by Giuliano Grassi and Ralf Sager.
2012-08-13 12:07:52 +02:00
e4ef4c9877
Merge branch 'android-ndk'
...
This branch comes with some preliminary changes for the user-land IPsec
implementation and the Android App.
One important change is that the UDP ports used by the socket-default plugin
were made configurable (either via ./configure or strongswan.conf).
Also, the plugin does randomly allocate a port if it is configured to 0,
which is useful for client implementations. A consequence of these
changes is that the local UDP port used when creating ike_cfg_t objects has
to be fetched from the socket.
2012-08-13 10:45:39 +02:00
9ede42e112
Documentation fixes regarding xauth-pam/eap-gtc plugins
2012-08-11 16:05:05 +02:00
b9e4916321
Add xauth-pam, an XAuth backend verifying credentials with PAM
2012-08-10 10:43:44 +02:00
b6a071514a
Fixed ip_packet_t if IPv6 is not available
2012-08-08 15:41:03 +02:00
224ab4c59b
socket-default plugin allocates random ports if configured to 0.
...
Also added strongswan.conf options to change the ports.
2012-08-08 15:30:27 +02:00
b70139fbfd
Stub library for user space IPsec implementation added.
2012-08-08 15:09:31 +02:00
162621ed57
Moved Android specific logger to separate plugin.
...
This is mainly because the other parts of the existing android plugin
can not be built in the NDK (access to keystore and system properties are
not part of the stable NDK libraries).
2012-08-08 15:07:43 +02:00
e7ea057fd2
Make the UDP ports charon listens for packets on (and uses as source ports) configurable.
2012-08-08 15:07:43 +02:00
4c6c934635
With --enable-bfd-backtraces, use binutils libbfd to resolve backtraces
...
The invocation of addr2line to resolve backtrace source locations
is slow and cumbersome. When using libbfd directly, we can eliminate
the overhead of the process invocation. Even better, we can cache
library symbol names, bringing wicked fast lookups. As a neat bonus,
we can resolve static function names.
2012-07-13 13:23:29 +02:00
bbe5b50567
Set a sane default if --with-dev-headers is given without path
2012-07-12 08:39:54 +02:00
ccceb82662
version bump to 5.0.1dr1
2012-07-11 17:46:45 +02:00
b188f23199
Install dev headers only if --with-dev-headers= option is set
2012-07-11 11:16:31 +02:00
4c311ffb1f
Check if config.h passed correctly via gcc -include
2012-07-11 09:57:07 +02:00
7300eb29d1
Use and install a config.h AC_CONFIG_HEADER that contains all AC_DEFINE results
2012-07-11 09:57:07 +02:00
a4037686c7
Added a description to all AC_DEFINE macros, as required by autoheader
2012-07-11 09:57:07 +02:00
ee7b7de18f
getpwnam_r and getgrnam_r are not supported by the Android NDK
2012-07-09 17:52:01 +02:00
4f07a19d10
Fixed help text for --disable-xauth-generic plugin
2012-07-05 09:46:59 +02:00
2a59527659
Thread-safe wrapper around strerror(3)/strerror_r(3) added
2012-06-28 13:14:52 +02:00
bc6d944705
Added an option to rename the ipsec script during installation
...
Also rename the man page and adjust all references in the script, the
man page and other files.
Closes #194 .
2012-06-25 16:53:38 +02:00
720ba902c5
Enable xauth-generic by default but don't build it if IKEv1 is disabled
2012-06-25 11:07:49 +02:00
83c75fd10f
version bump to 5.0.0
2012-06-23 11:32:54 +02:00
6d599fb964
Removed remaining pluto related configure options.
2012-06-13 11:33:32 +02:00
fff4b74db2
Bye bye Pluto!
...
Charon will take over IKEv1 duties from here. This also removes
libfreeswan and whack.
2012-06-11 17:33:32 +02:00
1527307ec9
version bump to 5.0.0rc1
2012-06-09 14:05:08 +02:00
7a56c35fc9
Remove executable flag from source files.
2012-05-18 10:04:08 +02:00
04024b5de8
Add nonce plugin implementation
...
This nonce generator uses an RNG to generate nonces. The RNG quality is
currently set to RNG_WEAK which is the same value used in IKE init.
The plugin is enabled and thus built by default.
2012-05-18 08:15:40 +02:00
0aa90701f6
It seems charon-nm has to be linked against libnm-util.
...
That's at least the case for NetworkManager 0.9.4 in Ubuntu 12.04.
2012-05-03 15:17:57 +02:00
b64f333612
Integrate nm plugin directly in charon-nm.
2012-05-03 13:57:03 +02:00
1c7a733e36
Added a small libcharon wrapper intended to directly host the nm plugin.
...
For this reason it reclaims the --enable-nm configure option.
2012-05-03 13:38:14 +02:00
94b48e071a
Provide plugin list from charon, not internally in libcharon.
2012-05-03 13:14:07 +02:00
b24be29646
Merge branch 'ikev1'
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
2012-05-02 11:12:31 +02:00
501c163859
version bump to 4.6.3
2012-04-30 09:48:21 +02:00
6c97b16333
version bump to 4.6.3rc2
2012-04-22 17:41:20 +02:00
e90e106117
version bump to 4.6.3rc1
2012-04-05 09:11:47 +02:00
c0d39c205c
Implemented AES-CMAC based PRF and signer.
...
The cmac plugin implements AES-CMAC as defined in RFC 4493 and the
signer and PRF based on it as defined in RFC 4494 and RFC 4615,
respectively.
2012-04-03 10:40:47 +02:00
b1f2f05c92
Merge branch 'ikev1-clean' into ikev1-master
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/daemon.c
src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
src/libcharon/plugins/eap_radius/eap_radius_accounting.c
src/libcharon/plugins/eap_radius/eap_radius_forward.c
src/libcharon/plugins/farp/farp_listener.c
src/libcharon/sa/ike_sa.c
src/libcharon/sa/keymat.c
src/libcharon/sa/task_manager.c
src/libcharon/sa/trap_manager.c
src/libstrongswan/plugins/x509/x509_cert.c
src/libstrongswan/utils.h
Applied lost changes of moved files keymat.c and task_manager.c.
Updated listener_t.message hook signature in new plugins.
2012-03-20 17:57:53 +01:00
85fc1eb640
Added an XAuth plugin that forwards authentication to EAP methods
2012-03-20 17:31:28 +01:00
e51a28fda8
Added a --disable-ikev2 option to disable IKEv2 support in charon
2012-03-20 17:31:26 +01:00
3d44d735c6
Added generic XAuth backend, using secrets provided by credential sets.
2012-03-20 17:31:17 +01:00
41e1e435d9
Removed xauth-null dummy plugin.
2012-03-20 17:31:17 +01:00
8c583c110e
version bump to 5.0.0dr1
2012-03-20 17:31:11 +01:00
4394d96844
IKEv1 XAuth: Added a "NULL" XAuth plugin which sends a hardcoded user/pass, and blindly accepts whatever user/pass is sent it. Changed the xauth_request task to use this new plugin. Add --enable-xauth-null to your configure line to build with the new plugin.
2012-03-20 17:31:11 +01:00
ccdd3a4cee
Added configure option for the IKEv1 implementation in charon.
2012-03-20 17:30:39 +01:00
584178c3bb
version bump to 4.6.3dr2
2012-03-16 22:21:54 +01:00
c224f7654d
version bump to 4.6.3dr1
2012-03-14 07:45:35 +01:00
21b0f216b9
created libradius shared by eap-radius and tnc-pdp plugins
2012-03-13 16:27:17 +01:00
Martin Willi