ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
8,150 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

117 Commits

Author SHA1 Message Date
Martin Willi 44e513a320 Added support for trustchain key strength checking to rightauth option 2011-01-07 15:51:35 +01:00
Martin Willi 6367de28ad Added a left/rightcertpolicy keyword to specify certificatePolicy requirements 2011-01-07 15:51:35 +01:00
Martin Willi 2e90006f96 Show base CRL of delta CRLs in listcrls 2011-01-05 16:46:06 +01:00
Martin Willi b3d359e58f Use a generic getter for all numerical X.509 constraints 2011-01-05 16:46:05 +01:00
Martin Willi 5dba5852fc Slightly renamed X509_NO_PATH_LEN_CONSTRAINT to use it for PolicyConstraints, too 2011-01-05 16:46:02 +01:00
Andreas Steffen 27a66f9393 implemented wrap around of registered IKEv1 algorithm names 2010-12-26 17:11:02 +01:00
Andreas Steffen 16b6606e5f wrap list of IKEv2 algorithms after 120 characters per line 2010-12-24 17:29:51 +01:00
Andreas Steffen cb6be85cfe Migrated stroke_list_t to INIT/METHOD macros 2010-12-24 14:29:09 +01:00
Martin Willi 6c302616f1 Added a tfc ipsec.conf keyword to control Traffic Flow Confidentiality 2010-12-20 09:45:39 +01:00
Martin Willi 37788b1d06 Added a TFC padding option to child_cfg 2010-12-20 09:45:39 +01:00
Andreas Steffen 5932f41fcc trace back crypto algorithms to the plugins that registered them 2010-12-18 16:31:12 +01:00
Martin Willi cf5866b9c0 Renamed purgex509/crl to purgecerts/crls to be consistent with list commands 2010-12-10 11:21:55 +01:00
Martin Willi 6aa144ddb7 Added options to flush CRLs/X509 certs from the cert cache 2010-12-10 09:45:22 +01:00
Andreas Steffen 4332cd7f95 added newline 2010-12-07 09:02:55 +01:00
Andreas Steffen faccd69068 re-introduced comment 2010-12-07 09:01:28 +01:00
Andreas Steffen a42aaed64f Migrated stroke_control_t to INIT/METHOD macros 2010-12-07 08:58:57 +01:00
Andreas Steffen d31aec9fa7 Migrated stroke_plugin_t to INIT/METHOD macros 2010-12-07 08:01:56 +01:00
Tobias Brunner 5b2d9f24f5 Refactored stroke_cred_t to use mem_cred_t. 2010-12-03 18:00:00 +01:00
Tobias Brunner 413d8fe0e3 Avoid calling globfree twice on failure. 2010-12-03 17:38:36 +01:00
Andreas Steffen c616d84c3f start and route connections defined in an SQL database via start_action field and ipsec up %startall command 2010-11-28 11:57:49 +01:00
Andreas Steffen a9ac8c51ea Migrated stroke_config_t to INIT/METHOD macros 2010-11-27 01:12:58 +01:00
Andreas Steffen a5ffb559d2 Migrated stroke_cat_t to INIT/METHOD macros 2010-11-27 00:49:15 +01:00
Martin Willi 851d60484e Added a stroke rekey command to trigger IKE/CHILD_SA rekeying manually 2010-11-03 15:12:05 +01:00
Andreas Steffen 9b9352c83b fixed 64 bit printf() issue 2010-10-24 20:30:19 +02:00
Andreas Steffen 80f86acccb show validity of OCSP responses 2010-09-10 22:26:03 +02:00
Tobias Brunner bb381e26c6 Refer to scheduler and processor via lib and not hydra. 2010-09-02 19:04:18 +02:00
Tobias Brunner f6659688ab Refer to kernel interface via hydra and not charon. 2010-09-02 19:01:25 +02:00
Tobias Brunner 61e8e73206 Refer to scheduler via hydra and not charon. 2010-09-02 19:01:24 +02:00
Tobias Brunner c5f7146b17 Refer to processor via hydra and not charon. 2010-09-02 19:01:22 +02:00
Martin Willi bbdc85b66e Respect key types in stroke key/certificate backend 2010-09-02 13:07:23 +02:00
Martin Willi 33b1a2567f Load a left/rightcert2 for EAP-TLS even if no left/rightauth2 is defined 2010-08-31 18:10:23 +02:00
Martin Willi 64d7b0733f Added support for the ipsec.conf aaa_identity keyword 2010-08-31 17:52:52 +02:00
Martin Willi 835ec23aff Use enum mappings to resolve debug group 2010-08-23 09:47:04 +02:00
Martin Willi 9d49f79f55 List registered AEAD algorithms in listalgs 2010-08-19 19:02:34 +02:00
Martin Willi 3d711a68fb Added a stroke command to export cached x509 certificates to the console 2010-08-10 18:46:30 +02:00
Martin Willi a944d2092b Use bits instead of bytes for a private/public key 2010-08-10 18:46:30 +02:00
Tobias Brunner 744b83c7c9 Fixed loading of secrets with IDs. 
Since the ID string is manually terminated by a null character, write
permission is required for the mmapped ipsec.secrets.
 2010-08-04 16:03:46 +02:00
Tobias Brunner dca2d89209 Fixed loading of private keys without password. 
The chunk storing the password was not correctly initialized, resulting
in a segmentation fault when no password was specified in ipsec.secrets.
 2010-08-04 14:22:48 +02:00
Martin Willi 0d08ebe7ac Pass type of requested key in the callback credential set 2010-08-04 09:26:21 +02:00
Martin Willi 15177f5785 Obseleted BUILD_PASSPHRASE(_CALLBACK) for private key loading, use credential sets 2010-08-04 09:26:21 +02:00
Martin Willi 0556667dca Use credential sets to load smartcard keys 2010-08-04 09:26:21 +02:00
Martin Willi 62be923683 Implemented a callback based credential set, currently for shared keys only 2010-08-04 09:26:21 +02:00
Martin Willi 9587ece534 mmap() ipsec.secrets instead malloc(), proper error checking 2010-08-04 09:26:21 +02:00
Martin Willi 947298b302 Splitted up the load_secrets() function 2010-08-04 09:26:21 +02:00
Martin Willi 57522106c4 %prompt support for smartcard PIN via "ipsec secrets" 2010-08-04 09:26:20 +02:00
Martin Willi 0b8b664056 Pass the PKCS11 keyid as chunk, not as string 2010-08-04 09:26:20 +02:00
Martin Willi 353d10d590 Reuse generic passphrase build part, not a dedicated PIN part 2010-08-04 09:26:20 +02:00
Martin Willi 3479c27931 Support module names in %smartcard specifier, streamlined smartcard building 2010-08-04 09:26:20 +02:00
Thomas Egerer 5d2e159b41 Fix segfault on 'ipsec stroke up ]' command 2010-07-29 14:03:11 +02:00
Martin Willi 0406eeaacb Support different encoding types in certificate.get_encoding() 2010-07-13 13:53:20 +02:00
Martin Willi da9724e6d0 Renamed key_encod{ing,der}_t and constants, prepare for generic credential encoding 2010-07-13 11:29:35 +02:00
Martin Willi 2ccc02a4fd Moved credential manager to libstrongswan 2010-07-13 10:26:07 +02:00
Andreas Steffen 26c4d0102a configuration of different marks for inbound and outbound direction 2010-07-09 09:06:07 +02:00
Martin Willi 4f99093235 Show mallinfo() data in statusall, if available 2010-07-06 16:28:25 +02:00
Martin Willi 4172574bfb Use the group constraint in a more generic fashion, not only for attribute certificates 2010-07-05 09:41:04 +02:00
Andreas Steffen ee26c537d7 support of xfrm marks for IKEv2 2010-07-02 23:46:09 +02:00
Martin Willi d5ad6eb1e0 Flush certificate cache on CA delete 2010-06-07 13:51:18 +02:00
Martin Willi a3ffa9edfd Log non-empty task queues in statusall 2010-06-07 11:59:37 +02:00
Martin Willi 8029e5efd2 Added generic implementations for crl_is_newer/certificate_is_newer 2010-05-21 16:25:51 +02:00
Reto Buerki 277fcf9f86 Add reqid field and getter function to child_cfg_t. 2010-05-04 14:38:34 +02:00
Tobias Brunner c9235353f8 Use a read-write lock in stroke_attribute to increase concurrency. 2010-04-06 12:47:39 +02:00
Tobias Brunner 8c9f5bad8b Migrated stroke_attribute_t to METHOD/INIT macros. 2010-04-06 12:47:38 +02:00
Tobias Brunner ac5fb545c5 Extracted in-memory IP address pool from stroke plugin to libhydra. 2010-04-06 12:47:38 +02:00
Martin Willi 89bf11d204 Respect line with in Makefile.am's, other cosmetics 2010-03-25 14:54:56 +01:00
Tobias Brunner 58f86d0f0f Changed all usages of lib->attributes to hydra->attributes. 2010-03-24 18:54:26 +01:00
Tobias Brunner bd3f8ea30b Convert charon into libcharon. 2010-03-19 13:34:52 +01:00
Tobias Brunner 08c5572602 Moving charon to libcharon. 2010-03-19 13:34:52 +01:00