Martin Willi
323f9f990f
replaces four spaces by tabs, where appropriate
2009-09-04 14:50:23 +02:00
Martin Willi
7daf5226b7
removed trailing spaces ([[:space:]]+$)
2009-09-04 13:46:09 +02:00
Tobias Brunner
484a06bce7
Fixed some typos; whitespace cleanup.
2009-09-02 17:30:46 +02:00
Tobias Brunner
8c5d72cd0b
removing svn keyword $Id$ from all files
2009-04-30 13:19:35 +00:00
Martin Willi
a44bb9345f
merged multi-auth branch back into trunk
2009-04-14 10:34:24 +00:00
Martin Willi
1490ff4d9b
updated Doxyfile
...
properly close all doxygen groups
fixed remaining doxygen warnings
2009-03-24 17:43:01 +00:00
Martin Willi
822901061b
ported parts of two-sim branch
...
eap_identity parameter to exchange in eap_identity
some auth_info/peer_cfg refactorings
fixed some bugs, introduced new ones
2008-08-22 10:44:51 +00:00
Andreas Steffen
7d4bb52073
make config_auth_method_t backward compatible to existing sql templates
2008-06-10 20:31:53 +00:00
Tobias Brunner
ea0823dffd
ECDSA with OpenSSL
2008-06-10 09:08:27 +00:00
Martin Willi
ff6836716c
returning reference pointer on get_ref()
2008-05-06 10:55:42 +00:00
Martin Willi
0644ebd3de
implemented IKE_SA uniqueness using ipsec.conf uniqueids paramater
...
additionally supports a "keep" value to keep the old IKE_SA
2008-04-14 13:23:24 +00:00
Martin Willi
96926b006d
using dpd actions to enforce connection state
...
dpd actions a per child-, not peer ike-sa
2008-04-11 08:14:48 +00:00
Martin Willi
cdcfe777f4
implementation of an CFG attribute framework, currently supporting virtual IPs
...
updated ipsec.conf sourceip parameter to support
CIDR notatation to serve from a pool
%poolname to query a separate (database?) pool
2008-04-09 12:54:47 +00:00
Tobias Brunner
471f923071
fixed two other memory leaks
2008-04-03 15:13:25 +00:00
Tobias Brunner
dc04b7c743
mediation extension adapted to the naming convention of the current version of the draft. note: the external interface (config, autotools) has not yet been changed
2008-03-26 18:40:19 +00:00
Martin Willi
3c7e72f5b0
added equals() method to peer_cfg, ike_cfg, proposals, auth_info
...
allows easier merging of ipsec.conf connections
replaced some iterators through enumerators
made proposals algorithm_t private using enumerator
2008-03-26 10:06:45 +00:00
Martin Willi
552cc11b1f
merged the modularization branch (credentials) back to trunk
2008-03-13 14:14:44 +00:00
Martin Willi
0f806802ae
implemented Expanded EAP types to support vendor specific methods
2007-12-13 17:31:21 +00:00
Martin Willi
ee61471113
implemented RFC4478 (repeated authentication)
...
changed %V printf handler to take a time delta, %#V now takes two arguments
2007-11-20 12:06:40 +00:00
Tobias Brunner
d5cc175833
experimental P2P-NAT-T for IKEv2 merged back from branch
2007-10-03 15:10:41 +00:00
Martin Willi
f53b74c96f
moved force_encap to ike_config, enables responder to enforce udp encapsulation
...
fixed bugs in force_encap code
2007-10-01 16:41:34 +00:00
Martin Willi
9dae1bed00
implemented IKEv2 force_encap connection parameter
...
enforces UDP encapsulation by faking NAT detection payloads
to hurdle restrictive firewalls
2007-10-01 12:19:39 +00:00
Andreas Steffen
15a9d460c0
peer_cfg now knows about group memberships
2007-09-13 15:33:17 +00:00
Martin Willi
9164e49ac0
added mobike=yes|no connection option
...
yes: include mobike support notifies as initiator
no: only enable mobike as responder when initiator supports it
default: yes
2007-08-29 12:11:25 +00:00
Martin Willi
16878f6823
support for virtual IP definition on client side:
...
if leftsourceip is defined, it is requested.
server may define rightsourceip=%config to accept any,
or it may overwrite it using rightsourceip.
if server does not return an IP, client enforces its configured leftsourceip.
2007-05-22 13:49:31 +00:00
Martin Willi
3b138b8422
cleaned up apidoc
...
added some comments
removed configuration.[ch], as it does not make sense like it is
2007-04-11 07:20:39 +00:00
Martin Willi
e0fe765152
restructured file layout
...
new configuration structure:
peer_cfg: configuration related to a peer (authenitcation, ...=
ike_cfg: config to use for IKE setup (proposals)
child_Cfg: config for CHILD_SA (proposals, traffic selectors)
a peer_cfg has one ike_cfg and multiple child_cfg's
stroke now uses fixed count of threads
2007-04-10 06:01:03 +00:00