51c8f8261f
some more changes to IKE_SA and CHILD_SA logging
2008-07-22 17:10:10 +00:00
fb34475b5c
consistent logging of IKE and CHILD SAs
2008-07-21 12:47:59 +00:00
a4a3e0c7dc
introduced an additional bus->signal parameter for signal specific data
...
added SIG_IKE/SIG_CHD macros for signal emitting
2008-07-18 15:51:40 +00:00
62bd123952
peer_cfg lookup takes peer addresses into account
2008-07-01 09:05:20 +00:00
ea0823dffd
ECDSA with OpenSSL
2008-06-10 09:08:27 +00:00
0644ebd3de
implemented IKE_SA uniqueness using ipsec.conf uniqueids paramater
...
additionally supports a "keep" value to keep the old IKE_SA
2008-04-14 13:23:24 +00:00
196b28a470
demoted more notify debug messages to level 2
2008-04-02 19:15:05 +00:00
dc04b7c743
mediation extension adapted to the naming convention of the current version of the draft. note: the external interface (config, autotools) has not yet been changed
2008-03-26 18:40:19 +00:00
ae8715f956
attempt to achieve consistent debugging output
2008-03-19 12:06:38 +00:00
552cc11b1f
merged the modularization branch (credentials) back to trunk
2008-03-13 14:14:44 +00:00
0f806802ae
implemented Expanded EAP types to support vendor specific methods
2007-12-13 17:31:21 +00:00
3af513753a
improved P2P_ENDPOINT debugging
2007-12-03 23:06:17 +00:00
7805ad302d
moved AUTH_LIFETIME handling in its own task (cleaner separation, proper payload order)
2007-12-03 10:52:18 +00:00
ee61471113
implemented RFC4478 (repeated authentication)
...
changed %V printf handler to take a time delta, %#V now takes two arguments
2007-11-20 12:06:40 +00:00
56db479192
ID payload with explicit payload type
2007-10-02 11:55:10 +00:00
a2ab401c56
put IKE_SA and CHILD_SA names in single quotes
2007-09-15 16:06:58 +00:00
3f4076b7c8
log name of established IKE_SA
2007-09-15 15:54:30 +00:00
17d92e9732
further MOBIKE stuff:
...
kernel properly reports network reconfiguration and informs all IKE_SAs
MOBIKE in IKE_AUTH: MOBIKE_SUPPORTED notify and address exchange
reestablishment of IKE_SAs on network reconfiguration kinda works
not stable yet!
2007-06-21 15:25:28 +00:00
6e04f25313
support of CA-based ipsec policies
2007-05-18 12:25:37 +00:00
df9fbd2c64
adapted authentication failure text to those in the authenticators
2007-05-15 14:52:44 +00:00
a84fb01b96
restructuring of configuration backends
...
added propotypes of new control interfaces (xml & dbus)
introduced loadable:
configuration backends
control interfaces
using pluggable modules as in EAP
2007-04-27 14:25:08 +00:00
f47e450be9
properly checking received IDr as initiator
2007-04-25 06:06:13 +00:00
a07aad39dc
edited comment and debug output
2007-04-10 22:38:06 +00:00
e0fe765152
restructured file layout
...
new configuration structure:
peer_cfg: configuration related to a peer (authenitcation, ...=
ike_cfg: config to use for IKE setup (proposals)
child_Cfg: config for CHILD_SA (proposals, traffic selectors)
a peer_cfg has one ike_cfg and multiple child_cfg's
stroke now uses fixed count of threads
2007-04-10 06:01:03 +00:00
c00840478e
fixed state and logging of IKE_SA when using EAP authentication
2007-03-27 16:11:29 +00:00
f5fbad4a62
fixed memleaks when using EAP authentication
...
fixed configuration payloads when using EAP
2007-03-08 22:56:14 +00:00
e5a7f1cd08
implemented cookies as initiator
...
proper logging of notifies in IKE_SA setup
2007-03-08 20:18:39 +00:00
8b8dd69dee
some cleanups
...
not installing %any DNS servers
2007-03-08 16:58:59 +00:00
f007a70055
allocation fixes, not complete
2007-03-08 14:41:30 +00:00
49e8ac052d
ported changes from EAP branch, renabling EAP framework
2007-03-08 00:27:43 +00:00
c676f2e2a6
fixed notify handling in IKE_AUTH
...
moved nonce payload before TS in CHILD_SA setup
2007-03-06 20:58:39 +00:00
02b3101b67
fixed double free bug
2007-03-05 22:02:14 +00:00
5bf1be3c9f
fixed ID selection bug when peer doesn't include IDr payload
...
allowing vendor ID in any messag
2007-03-05 15:22:50 +00:00
c60c7694d2
merged tasking branch into trunk
2007-02-28 14:04:36 +00:00
Andreas Steffen