Andreas Steffen
|
994b80b513
|
activated CAMELLIA_CBC cipher in openssl plugin
|
2009-08-05 22:46:53 +02:00 |
Andreas Steffen
|
b6f739c13b
|
support of SHA224-based certificate signatures
|
2009-08-05 22:01:44 +02:00 |
Tobias Brunner
|
7da1f4a0ff
|
Enabling UDP encapsulation via setsockopt fails on Mac OS X (it is also not required as this is done using sysctl).
|
2009-08-05 12:31:10 +02:00 |
Andreas Steffen
|
fcdf491a21
|
output number of transmitted bytes in closing CHILD_SA statement
|
2009-08-04 23:08:42 +02:00 |
Tobias Brunner
|
524f9ac470
|
FreeBSD only reports a policy's usetime if a lifetime has been specified when the policy was added (we only specify a lifetime on the SA, not on the policy).
|
2009-08-04 11:08:58 +02:00 |
Tobias Brunner
|
56ee8fcc96
|
FreeBSD and Mac OS X both set the sequence number of an SADB_X_SPDGET response to zero, we accept that for now.
|
2009-08-04 11:08:58 +02:00 |
Tobias Brunner
|
e8c3cdb25b
|
Missing check for udp.h added.
|
2009-08-04 11:08:57 +02:00 |
Martin Willi
|
3d2f73b92f
|
parse RDNs in multiple SEQUENCEs in all SETs of a DN
|
2009-08-03 15:24:48 +02:00 |
Martin Willi
|
5cb300e795
|
compare IKE config when reusing an existing IKE_SA to initiate a CHILD_SA
|
2009-08-03 14:37:24 +02:00 |
Andreas Steffen
|
10c13ed264
|
fixed dereferencing bug caused by bool type redefinition
|
2009-08-02 16:58:32 +02:00 |
Andreas Steffen
|
f35f229fd6
|
implemented query_sa() for PFKEYv2
|
2009-08-02 11:46:33 +02:00 |
Andreas Steffen
|
47eb87d437
|
corrected interface definition
|
2009-07-31 08:57:55 +02:00 |
Andreas Steffen
|
3f720dc7c3
|
update usetime only if usebytes increase
|
2009-07-30 23:19:42 +02:00 |
Andreas Steffen
|
2ad51539f6
|
display transmitted bytes per SA
|
2009-07-30 21:33:19 +02:00 |
Tobias Brunner
|
eab05274f4
|
Handling of unsupported policy directions (FWD) fixed.
|
2009-07-30 14:06:26 +02:00 |
Tobias Brunner
|
e20bd8b6ea
|
Enabling NAT-T on Mac OS X using the private SADB_X_EXT_NATT flag and sadb_sa_2 struct.
|
2009-07-30 14:06:26 +02:00 |
Tobias Brunner
|
789ba17024
|
Configure the NAT-T port via sysctl on Mac OS X to enable handling of incoming UDP encapsulated ESP packets in the kernel.
|
2009-07-30 14:06:26 +02:00 |
Tobias Brunner
|
b2117eee20
|
Make accept(2) and recvfrom(2) cancellation points on Mac OS X.
|
2009-07-30 14:06:26 +02:00 |
Andreas Steffen
|
ecff28c5c5
|
fixe KW_END_FIRST..KW_END_LAST keyword range
|
2009-07-28 15:44:24 +02:00 |
Andreas Steffen
|
acb34739e4
|
improved DPD error message
|
2009-07-22 22:30:21 +02:00 |
Andreas Steffen
|
e1089f5906
|
added file and segment lengths to checksum.c
|
2009-07-21 22:23:51 +02:00 |
Andreas Steffen
|
8ce8e19068
|
version bump to 4.3.4
|
2009-07-21 22:21:52 +02:00 |
Andreas Steffen
|
144b433402
|
version bump of Linux UML kernel to 2.6.30.2
|
2009-07-21 15:51:04 +02:00 |
Martin Willi
|
fcac8f6571
|
filter objects for segment checksumming by dlpi_name, excludes rare false positives
|
2009-07-21 15:10:24 +02:00 |
Martin Willi
|
7655843ab5
|
enumerate executable sections only to build checksum
|
2009-07-21 15:00:18 +02:00 |
Martin Willi
|
acd4afc997
|
announce integrity testing only once
|
2009-07-21 14:58:14 +02:00 |
Tobias Brunner
|
6ff7ab850b
|
Fixed GID lookup in cases where the configured group is a prefix of another group.
|
2009-07-20 21:20:03 +02:00 |
Tobias Brunner
|
9af7715c3d
|
Fixed installation of config files in out-of-tree builds.
|
2009-07-20 21:13:45 +02:00 |
Tobias Brunner
|
7cdf712d3e
|
Use the numerical UID/GID to install the config files and create the ipsec.d directories.
|
2009-07-20 21:03:05 +02:00 |
Tobias Brunner
|
7d2b06da6a
|
Translate the configured user and group to a numerical UID and GID.
|
2009-07-20 21:01:13 +02:00 |
Andreas Steffen
|
def1777eca
|
streamlined integrity test output some more
|
2009-07-18 11:23:27 +02:00 |
Andreas Steffen
|
1d941f12ad
|
advertise activated integrity tests
|
2009-07-18 00:37:35 +02:00 |
Andreas Steffen
|
aa74d70595
|
added latest NEWS
|
2009-07-17 22:54:23 +02:00 |
Andreas Steffen
|
d9b67a9fc0
|
added ikev1/net2net-pgp-v4 scenario
|
2009-07-17 22:36:12 +02:00 |
Andreas Steffen
|
542471e3fe
|
adapted scenario description for OpenPGP V3 keys
|
2009-07-17 22:33:22 +02:00 |
Andreas Steffen
|
03b704fd55
|
enable crypt debugging in ikev1/esp-alg-camellia scenario
|
2009-07-17 21:27:54 +02:00 |
Andreas Steffen
|
2e4a94ec26
|
added strongswan-2.8.11 and strongswan-4.2.17 VIDs
|
2009-07-17 21:19:32 +02:00 |
Andreas Steffen
|
f179ba474e
|
enable integrity test in all rw-cert scenarios
|
2009-07-17 20:52:14 +02:00 |
Andreas Steffen
|
e3f3b004e2
|
fix test vector error output
|
2009-07-17 20:36:21 +02:00 |
Andreas Steffen
|
eab241fb56
|
stop strongswan if integrity check of libstrongswan or daemon fails
|
2009-07-17 20:33:19 +02:00 |
Andreas Steffen
|
6b04ba288d
|
streamlined debug output of integrity tests
|
2009-07-17 17:00:17 +02:00 |
Andreas Steffen
|
ca366aeea0
|
enforce strongSwan coding rules
|
2009-07-17 16:57:07 +02:00 |
Andreas Steffen
|
521aa00fb1
|
shortened cypto test output
|
2009-07-17 16:36:01 +02:00 |
Andreas Steffen
|
848133ff1c
|
accelerate lookup in non-concatenated pools
|
2009-07-17 13:58:29 +02:00 |
Andreas Steffen
|
dfd8ddfb33
|
added scenario ikev2/ip-split-pools-db
|
2009-07-17 13:38:57 +02:00 |
Andreas Steffen
|
ec54df1762
|
added sql/ip-split-pools-db and sql/ip-split-pools-db-restart scenarios
|
2009-07-17 11:50:59 +02:00 |
Andreas Steffen
|
7f522b5fd8
|
check for an existing lease over all assigned pools first
|
2009-07-17 11:48:35 +02:00 |
Andreas Steffen
|
07be083b7f
|
fixed problem with static leases over multiple pools
|
2009-07-16 21:53:46 +02:00 |
Tobias Brunner
|
375a91bb9b
|
Fixing distribution build (checksum.c is created on the user's system).
|
2009-07-16 16:53:43 +02:00 |
Martin Willi
|
e0964e2e26
|
fixed memleak in SQL config lookup
|
2009-07-16 15:59:56 +02:00 |