Martin Willi
|
8434c88b5e
|
Extended SIM manager by hooks, currently featuring attribute and key hooks
|
2009-11-30 09:27:26 +01:00 |
Martin Willi
|
fb1ae8da52
|
Added a get_sa() method to the bus, allowing a thread to lookup its IKE_SA
|
2009-11-30 09:27:14 +01:00 |
Martin Willi
|
c56d958243
|
Handle NOT_SUPPORTED or other errors properly in get_quintuplet
|
2009-11-30 09:26:35 +01:00 |
Andreas Steffen
|
7868162b35
|
added RFC-conforming ikev2/sha2 scenarios
|
2009-11-26 23:48:29 +01:00 |
Andreas Steffen
|
68db91ca32
|
adapted ikev2/alg-aes-xcbc scenario
|
2009-11-26 23:46:27 +01:00 |
Martin Willi
|
2b2c69e992
|
Use transport mode ESP SA if IPcomp is used, IPcomp already applies outer IP header
|
2009-11-26 16:03:06 +01:00 |
Martin Willi
|
52fd0ef9e0
|
Added NEWS about SHA2 changes
|
2009-11-26 10:39:26 +01:00 |
Martin Willi
|
6780edc07e
|
Use full algorithm name for SHA384/512 HMACs
|
2009-11-26 10:39:26 +01:00 |
Martin Willi
|
6546482a68
|
Support the Linux specific SHA256 96 bit truncation HMAC via "sha256_96" keyword
|
2009-11-26 10:39:25 +01:00 |
Martin Willi
|
eebfa73fd5
|
Install SHA256_128 auth algorithm with specified 128 bit truncation
|
2009-11-26 10:39:25 +01:00 |
Martin Willi
|
2379fdba1e
|
Updated XFRM linux header, includes specified truncations for auth algos
|
2009-11-26 10:39:25 +01:00 |
Martin Willi
|
5be75c2cb1
|
Added support for IPv6 source route installation
|
2009-11-26 10:31:00 +01:00 |
Martin Willi
|
387a6e6c32
|
Check existing path in mobike probing only if we still have a route
|
2009-11-26 10:30:59 +01:00 |
Andreas Steffen
|
4b55cf5d09
|
put identities in single quotes
|
2009-11-25 09:02:09 +01:00 |
Andreas Steffen
|
653da7c907
|
added more debugging in configuration attribute handling
|
2009-11-24 23:17:07 +01:00 |
Andreas Steffen
|
eba568563c
|
changed error messages in the case of faulty esp and ike strings
|
2009-11-24 16:45:52 +01:00 |
Andreas Steffen
|
2eeab939a0
|
do not send all available kernel algorithms if esp string is faulty
|
2009-11-24 16:38:10 +01:00 |
Elmar Vonlanthen
|
792876ff87
|
check if alg_info_esp exists
|
2009-11-24 16:15:12 +01:00 |
Andreas Steffen
|
cda8ec7afc
|
added some parentheses
|
2009-11-24 14:36:17 +01:00 |
Andreas Steffen
|
93e2377c7f
|
allow ECP DH groups in pfsgroup definition
|
2009-11-24 14:35:25 +01:00 |
Andreas Steffen
|
17d52fbba1
|
renewed OCSP Signing certificate
|
2009-11-24 13:55:38 +01:00 |
Andreas Steffen
|
c4570d188e
|
issue error message for expired certificates in OCSP trust chain checking
|
2009-11-24 12:37:38 +01:00 |
Andreas Steffen
|
227583ba59
|
updated IKEv2 notification messages assigned by IANA
|
2009-11-24 09:21:00 +01:00 |
Andreas Steffen
|
44e41c4c6e
|
updated NEWS for 4.3.6dr2
|
2009-11-24 09:18:41 +01:00 |
Martin Willi
|
06f02f993c
|
Do not recreate existing create_child subtask when retrying with different DH group
|
2009-11-23 13:50:01 +01:00 |
Martin Willi
|
0d1d19b99d
|
Avoid potentially unaligned half-word read
|
2009-11-23 13:49:19 +01:00 |
Eric Mertens
|
ad78bb13c8
|
Correctly set host number to zero when computing traffic selector range
|
2009-11-23 10:34:30 +01:00 |
Martin Willi
|
dd326c114f
|
Use abort() instead of raising SIGKILL, gives us proper core dumps if enabled
|
2009-11-20 14:36:24 +01:00 |
Martin Willi
|
832f283150
|
Use status_t return value for get_quintuplet() dummy implementations
|
2009-11-20 11:02:06 +01:00 |
Martin Willi
|
10bc5d96cb
|
Move comment out of register_printf_function test
|
2009-11-19 14:37:34 +01:00 |
Martin Willi
|
80b44cd71a
|
Message stringification supports more detailed EAP payload information
|
2009-11-18 10:37:46 +01:00 |
Martin Willi
|
1860bfa2ea
|
Correctly enumerate attributes to request as initiator with the actually requesting handler
|
2009-11-17 17:51:30 +01:00 |
Martin Willi
|
1427c93fcd
|
Fixed memleak in attribute handling
|
2009-11-17 15:55:45 +00:00 |
Martin Willi
|
d674c2ace0
|
attr plugin supports any custom attribute type having a v4/v6 IP under the charon.plugins.attr namespace
|
2009-11-17 15:53:57 +00:00 |
Martin Willi
|
3797b8e767
|
Support enumeration of key/value pairs in a section of strongswan.conf
|
2009-11-17 15:52:36 +00:00 |
Martin Willi
|
86813bef12
|
Whitelist register_printf_specifier in leak detective
|
2009-11-17 15:51:57 +00:00 |
Martin Willi
|
b5a2055fb1
|
Give plugins more control of which configuration attributes to request, and pass received attributes back to the requesting handler
|
2009-11-17 14:51:50 +01:00 |
Martin Willi
|
e6cf060275
|
Encrypt payloads with missing rule, fix insertion of non-encrypted payloads
|
2009-11-12 14:52:12 +00:00 |
Martin Willi
|
074444972a
|
Build libsimaka with libtool, as we require a PIC-enabled version
|
2009-11-12 13:37:07 +00:00 |
Martin Willi
|
098466039f
|
Fix word alignement in memxor() on 64-bit architectures
|
2009-11-12 13:37:06 +00:00 |
Martin Willi
|
addfeeff9c
|
Do not complain about missing payload order rules for private use payloads
|
2009-11-12 13:37:06 +00:00 |
Martin Willi
|
5bfe1b2529
|
Properly initialize attribute encoding/length values
|
2009-11-12 13:37:06 +00:00 |
Martin Willi
|
733538a421
|
Identation/whitespace cleanups
|
2009-11-12 13:37:06 +00:00 |
Martin Willi
|
82713deafd
|
Simplified vendor ID payload interface
|
2009-11-12 13:37:06 +00:00 |
Martin Willi
|
20d144e72f
|
Invoke message hook before generation, allowing plugins to mangle it
|
2009-11-12 13:37:06 +00:00 |
Martin Willi
|
ee3d4ef801
|
Prefer MODP2048/1536 over ECP Diffie-Hellman groups
|
2009-11-12 13:10:30 +00:00 |
Martin Willi
|
f6bbcec390
|
Use register_printf_specifier instead of deprecated register_printf_function, if available
|
2009-11-12 13:16:46 +01:00 |
Martin Willi
|
0850e33518
|
Fixed compiler warning about missing return value
|
2009-11-12 11:17:02 +01:00 |
Martin Willi
|
1a86be6e48
|
Support variable RES length in AKA quintuplets
|
2009-11-12 10:34:02 +01:00 |
Martin Willi
|
15b65bf15d
|
Ported pseudonym/reauth functionality to EAP-AKA
|
2009-11-12 10:34:01 +01:00 |