Martin Willi
37f5a0da2c
use credential builder to build attribute certificates
2009-08-26 11:23:49 +02:00
Martin Willi
a5dc4a9585
moved builder hooks to a separate file
2009-08-26 11:23:49 +02:00
Martin Willi
11aa7e7869
use a pluto specific credential builder to build pluto cert_t's
2009-08-26 11:23:49 +02:00
Martin Willi
c486fa8158
removed obsolete pgp private key parsing, done by libstrongswan
2009-08-26 11:23:49 +02:00
Martin Willi
dc816eacdf
use libstrongswan for private key loading, whack callback to read passphrase
2009-08-26 11:23:49 +02:00
Martin Willi
4d15129160
pass along X509 flags when loading PEM encoded data
2009-08-26 11:23:49 +02:00
Martin Willi
280469923d
make use of the pem helper plugin to load credentials
2009-08-26 11:23:49 +02:00
Martin Willi
c9db16b7dd
added file loading support to pem plugin, using mmap()
2009-08-26 11:23:48 +02:00
Martin Willi
160f4c225d
moved PEM parsing functionality to its own plugin
2009-08-26 11:23:48 +02:00
Andreas Steffen
5672eae131
make boolean expression less enigmatic
2009-08-25 21:09:54 +02:00
Martin Willi
eb641993d4
set stroke connection flags to a clear TRUE/FALSE
2009-08-25 19:57:36 +02:00
Martin Willi
469083cc7d
disable lifetimes of allocated SPIs
...
The default lifetime of 30 seconds is too short, as a tunnel
setup may need several minutes if we have high packet loss. Instead
of increasing the value, we disable lifetimes completely, as we handle
the removal of such SAs from userland just fine.
2009-08-25 18:15:25 +02:00
Martin Willi
1bc0b4f795
remove incomplete SAs with PROTO_ESP
2009-08-25 18:12:55 +02:00
Martin Willi
625b48b558
added URL for git repository served over git:// protocol
2009-08-21 10:52:39 +02:00
Andreas Steffen
8bc2a8086c
version bump to 4.3.5
2009-08-18 18:35:37 +02:00
Andreas Steffen
fc0ed07c1f
pruned OID tree
2009-08-18 18:24:26 +02:00
Andreas Steffen
c8b543a6fc
fixed wrong emailAddress OID introduced by revision c31687da
2009-08-18 17:52:00 +02:00
Tobias Brunner
333b461aa6
Fixing address resolution via getaddrinfo in libfreeswan.
2009-08-18 12:30:11 +02:00
Andreas Steffen
8a17c1f907
check integrity of pool code file
2009-08-17 15:46:56 +02:00
Andreas Steffen
bde541acf8
integrity test of openac and scepclient code files
2009-08-17 14:25:18 +02:00
Andreas Steffen
430dd08a2b
NEWS for 4.3.4
2009-08-17 13:47:28 +02:00
Andreas Steffen
51dfa7f592
reinitialize print arguments
2009-08-17 10:54:34 +02:00
Andreas Steffen
2f5b1e0eb7
check success of library_init()
2009-08-14 22:13:51 +02:00
Tobias Brunner
f1777dff59
Replacing gethostbyname, gethostbyname2 and their _r variants with getaddrinfo to increase portability.
2009-08-14 16:14:32 +02:00
Tobias Brunner
26965b4ef3
OpenSolaris needs libsocket and libnsl for socket().
2009-08-14 14:50:53 +02:00
Tobias Brunner
932fdc38de
Enable CMSG headers and macros on OpenSolaris.
2009-08-14 14:50:52 +02:00
Tobias Brunner
8c3627c5ae
Added define to get sigwait with two parameters on OpenSolaris.
2009-08-14 14:50:51 +02:00
Tobias Brunner
e580e0a9a2
sockio.h is required on OpenSolaris for SIOCGIFADDR.
2009-08-14 14:50:50 +02:00
Tobias Brunner
647bd246e4
Replaced the strange definitions of IN6ADDR_ANY_INIT and IN6ADDR_LOOPBACK_INIT on OpenSolaris.
2009-08-14 14:50:49 +02:00
Tobias Brunner
cc396286e8
Defined some missing fixed-width int types on OpenSolaris.
2009-08-14 14:50:22 +02:00
Tobias Brunner
a3ccf95f3f
LOG_AUTHPRIV is not defined on OpenSolaris.
2009-08-14 13:37:07 +02:00
Tobias Brunner
3901937d14
OpenSolaris defines MUTEX_DEFAULT therefore we rename the members of the enums mutex/condvar/rwlock_type_t.
2009-08-14 13:30:59 +02:00
Tobias Brunner
8b6a5ce5ba
We need to include alloca.h on OpenSolaris.
2009-08-14 13:25:22 +02:00
Andreas Steffen
12a699c58d
fixed 4.3 refactoring error
2009-08-11 08:51:16 +02:00
Andreas Steffen
87079f58e1
added -module -avoid-version LDFLAGS
2009-08-11 01:06:45 +02:00
Andreas Steffen
8ddcac4c48
prepare CAMELLIA_CCM ESP encryption
2009-08-10 16:30:42 +02:00
Andreas Steffen
20af53fe33
add ikev1/esp-alg-aes-ctr scenario
2009-08-08 19:20:53 +02:00
Andreas Steffen
453c6aea16
added ikev2/esp-alg-aes-ctr scenario
2009-08-08 19:08:17 +02:00
Tobias Brunner
3974b2fb07
FreeBSD's libc does not support backtrace(), but libexecinfo optionally replicates this function (and the other defined in execinfo.h).
2009-08-07 18:46:25 +02:00
Martin Willi
dd4c14f37c
set protocol to ESP for policies installed as a trap
2009-08-07 16:05:32 +02:00
Martin Willi
d9796a4311
fixed printf fromat for length limited string
2009-08-07 10:31:21 +02:00
Andreas Steffen
4b5b92bfee
%llu correctly prints u_int64_t
2009-08-07 09:50:36 +02:00
Andreas Steffen
4a02deb088
printing u_int64_t caused segfault on 32-bit platforms
2009-08-07 08:47:29 +02:00
Andreas Steffen
99dd42918e
do not set usetime if query_policy() fails
2009-08-07 05:59:09 +02:00
Tobias Brunner
79ff614144
Use LONG_MAX instead of a hard-coded value.
2009-08-06 18:22:01 +02:00
Tobias Brunner
bfca7aa5ed
FreeBSD returns the current policy use time only after specifying a hard lifetime when installing the policy.
2009-08-06 18:14:44 +02:00
Andreas Steffen
f53088c657
added openssl-ikev2/alg-camellia scenario
2009-08-06 16:48:41 +02:00
Tobias Brunner
c3a78360a8
Fixed a race condition when querying stats of a child_sa in different order.
2009-08-06 16:47:32 +02:00
Andreas Steffen
5d8306de68
use SS_RC_FIRST and SS_RC_LAST
2009-08-06 16:42:44 +02:00
Andreas Steffen
3646c8a159
abort pluto or charon if initialization fails
2009-08-06 16:32:52 +02:00