Martin Willi
8d77eddec2
further work for rekeying:
...
get liftimes from policy
added new state
initiation of rekeying done
proposal redone:
removed support for AH+ESP proposals
2006-06-07 13:26:23 +00:00
Martin Willi
6a030ba9ea
fixed a memleak
2006-06-07 05:54:09 +00:00
Andreas Steffen
fc0afb6810
created IPv6 environment
2006-06-06 05:41:21 +00:00
Martin Willi
32b6500fbf
job management:
...
moved job code from thread_pool to job, jobs have an "execute" method now
added two new jobs: delete_child_sa & rekey_child_sa
kernel interface:
listens now for ACQUIRE & EXPIRE
supports hard and soft lifetimes
fires jobs for delete and rekey child sa
ike sa manager:
can checkout IKE SAs by requid of owned CHILD SAs
we have now the infrastructure to do the rekeying... :-)
2006-05-31 14:23:15 +00:00
Martin Willi
6f2aba1322
- fixed some memleaks/freebugs
...
- leak detective works almost usable now (?!)
2006-05-31 14:13:26 +00:00
Martin Willi
bd72398729
- fixed host-host tunnel traffic selection, host-host works now
2006-05-31 06:52:27 +00:00
Andreas Steffen
6848dac603
minimized prefixed on stroke logger output
2006-05-31 05:50:04 +00:00
Andreas Steffen
90ed2e8278
charon outputs strongSwan version
2006-05-31 05:48:32 +00:00
Martin Willi
2d6c3bce06
2006-05-30 14:56:12 +00:00
Martin Willi
b93782903f
- fixed event queue for events >36min
2006-05-30 13:22:46 +00:00
Martin Willi
8403b34bd9
2006-05-30 13:01:50 +00:00
Martin Willi
0773bdcf3f
- included charons module tests to build & dist
2006-05-30 13:00:18 +00:00
Andreas Steffen
6d5e617f7d
full support of ikev1 and ikev2 connection flags
2006-05-30 11:10:42 +00:00
Andreas Steffen
9db4f61476
cosmetics in log_status output
2006-05-30 11:07:14 +00:00
Andreas Steffen
c11c43d2c3
use of streq
2006-05-30 11:03:55 +00:00
Andreas Steffen
510d54eb59
lookup of private key based on keyid of public key
2006-05-30 07:53:13 +00:00
Andreas Steffen
fa896e9a21
new functions to add certificates and retrieve private and public keys
2006-05-30 07:52:25 +00:00
Andreas Steffen
d793980f56
changed log level
2006-05-30 07:50:15 +00:00
Andreas Steffen
e1c00b96a6
list ca certificates
2006-05-30 07:48:29 +00:00
Andreas Steffen
abf2be2281
define default CA_CERTIFICATE_DIR
2006-05-30 07:38:41 +00:00
Andreas Steffen
92d30836fd
load all ca certificates
2006-05-30 07:37:48 +00:00
Martin Willi
db66c624bf
- fixed daemon destruction order to prevent
...
crashes on termination
2006-05-30 06:14:23 +00:00
Martin Willi
139ce7871f
- fixed memleak when deleting a connection
2006-05-29 11:29:23 +00:00
Martin Willi
60b9abf5c1
- updated todo list
2006-05-29 11:19:31 +00:00
Martin Willi
9fe14f4b8a
- policies contain a connections name now
...
- used for initiate and delete
- connections won't get initiated twice anymore
- deleting of connections is now possible, which allows us to use
ipsec update and ipsec reload
2006-05-29 11:09:45 +00:00
Andreas Steffen
ecadab2ba7
stroke now uses constant size string buffer
2006-05-29 07:14:57 +00:00
Andreas Steffen
f8be15f53b
changed to standard connection log output
2006-05-29 07:11:50 +00:00
Martin Willi
65996a534d
- some logging improvements and cosmetics
2006-05-24 11:59:58 +00:00
Martin Willi
3a13a78084
- handle IKE_SA setup without a piggy-packed CHILD_SA
...
more IKEv2 conform
2006-05-24 09:05:21 +00:00
Martin Willi
b82908b8b5
- initiate IKE_SA deletion befor manager destruction
2006-05-24 09:02:39 +00:00
Martin Willi
49e6a32353
2006-05-24 06:47:33 +00:00
Martin Willi
8b5be79d83
- show connection templates in status & statusall
...
- don't complain on termination of IKEv1 connections
2006-05-23 13:25:57 +00:00
Martin Willi
7ba69503aa
- changed config load strategy:
...
starter loads both connections in charon & pluto,
charon ignores anything with keyexchange!=ikev2.
pluto needs the same behavior.
2006-05-23 10:07:02 +00:00
Andreas Steffen
96b82ed821
load_end_certificate() now loads certificates
2006-05-23 08:16:15 +00:00
Martin Willi
4a5bba25e2
- reimplemented proper IKE SA deletion using a seperate state,
...
should conform now to IKEv2
2006-05-23 08:01:49 +00:00
Martin Willi
a4c75933cc
- added ingorelist for builded files
2006-05-19 12:20:26 +00:00
Martin Willi
7881ac141e
- applied patch from the NAT-T team fixing several typos
2006-05-19 06:46:22 +00:00
Martin Willi
86a7937b45
- applied patch from andreas, which allows certificate listing via stroke
2006-05-19 06:44:08 +00:00
Martin Willi
b5e1560659
- applied andreas's patch
...
- logger output improvements
- testin gupdates
- and a lot more
2006-05-18 06:02:28 +00:00
Martin Willi
f2c2d395ff
- introduced autotools
...
- first working version
- make dist should work
- things to do:
- UML testing!
- more cleanups
2006-05-16 14:24:03 +00:00
Martin Willi
9cf5f29027
2006-05-10 13:16:27 +00:00
Martin Willi
b8577029d1
2006-05-10 08:02:49 +00:00
Martin Willi
95806de938
2006-05-10 07:58:29 +00:00
Martin Willi
607d174dcb
2006-05-10 07:33:51 +00:00
Martin Willi
37a2b616e2
- fixed stroke error output to starter
2006-05-10 07:11:52 +00:00
Martin Willi
2192375bc8
- using random SPIs now, but without collision checks
2006-05-10 07:00:38 +00:00
Martin Willi
f768bdc3f3
- applied some -W's from strongswan
...
- fixed that warnings
2006-05-09 07:34:25 +00:00
Martin Willi
65cf07ac1d
- applied patch from andreas
...
- added charonstart option to config
- new ikev2 tests for UML
2006-05-06 07:09:45 +00:00
Martin Willi
9820c0e208
- applied patch from andreas
...
- pem loading
- secrets file parsing
- ikev2 testcase
- some other additions here and there
2006-05-04 07:55:42 +00:00
Martin Willi
8744148f55
- connection termination is handled cleanly by name now
2006-05-04 07:06:31 +00:00