Andreas Steffen
|
a066f7e6c2
|
corrected captions
|
2008-11-02 22:13:17 +00:00 |
Andreas Steffen
|
5145ae48be
|
fully implemented the parsing of XFRM and PF_KEY MIGRATE messages
|
2008-11-02 21:34:52 +00:00 |
Martin Willi
|
e301a69d6c
|
removed 0-byte truncation, fixes random Openssl RSA signature verification failures
|
2008-10-31 17:07:04 +00:00 |
Martin Willi
|
a13862be61
|
fixed crash in openssl signature verification if sizeof(size_t) != sizeof(int) (64bit)
|
2008-10-31 17:05:40 +00:00 |
Andreas Steffen
|
b74bc4384c
|
identify attributes of XFRM ACQUIRE and MIGRATE messages
|
2008-10-31 06:18:48 +00:00 |
Andreas Steffen
|
e7f4fc537f
|
subscribing XFRM socket for MIGRATE messages
|
2008-10-31 02:50:01 +00:00 |
Andreas Steffen
|
08571955fb
|
adapted evaltest.dat to extended acquire job message
|
2008-10-31 01:46:37 +00:00 |
Andreas Steffen
|
e526d22818
|
parse xfrm and pf_key acquire messages and subscribe to migrate messages
|
2008-10-31 01:43:23 +00:00 |
Martin Willi
|
19aff61b19
|
reverted changeset 4529:
Camellia is 22 in IKEv1, but not-yet defined in IKEv2
in IKEv2, 22 is reserved for AES-XTS
|
2008-10-30 13:21:21 +00:00 |
Martin Willi
|
5dffdea1d7
|
added hooks for IKE and CHILD keymat
|
2008-10-30 12:58:54 +00:00 |
Martin Willi
|
5a76bb7f7a
|
store plain skd, not the prf
|
2008-10-30 09:18:52 +00:00 |
Andreas Steffen
|
fdaed5289a
|
added Camellia CBC to list of encryption algorithms
|
2008-10-30 03:31:36 +00:00 |
Andreas Steffen
|
113a4afa55
|
corrected parameter description
|
2008-10-30 00:35:37 +00:00 |
Martin Willi
|
80853d8498
|
moved CHILD_SA key derivation to keymat_t
passing key chunks to CHILD_SA, not the PRF
|
2008-10-29 16:06:16 +00:00 |
Martin Willi
|
f65ba4e978
|
prf handles zero-length allocations graceful
|
2008-10-29 14:12:54 +00:00 |
Martin Willi
|
a64cc8f75f
|
do not store DH redundant in keymat
|
2008-10-29 13:35:06 +00:00 |
Martin Willi
|
6faa0c3392
|
replaced not-maintained ChangeLog
|
2008-10-29 09:27:51 +00:00 |
Andreas Steffen
|
217d95c82e
|
upgrade to linux-2.6.28 headers with support for kmaddress struct
|
2008-10-29 05:32:38 +00:00 |
Martin Willi
|
6a4ff35cc4
|
moved key derivation and management into keymat object
allows secured implementation of key management (e.g. in kernel or HW)
only IKE keys for now
|
2008-10-28 16:07:06 +00:00 |
Martin Willi
|
3c8234d408
|
store IKE proposal implicitly during derive_keys
|
2008-10-28 10:12:21 +00:00 |
Martin Willi
|
20fb671904
|
fixed reauthentication time in statusall
|
2008-10-28 09:41:33 +00:00 |
Andreas Steffen
|
f5ab7f5f57
|
refining changeset 4483 by introducing charon.dh_exponent_ansi_x9_42 key
|
2008-10-28 01:59:01 +00:00 |
Martin Willi
|
85ac2fa547
|
use more generic stats getter, introducing new stats
|
2008-10-27 14:51:00 +00:00 |
Martin Willi
|
ddc5b90db2
|
new release of NM debs
|
2008-10-27 12:01:23 +00:00 |
Martin Willi
|
0935ba328b
|
including a "none" tundev to make NM happy
|
2008-10-27 11:30:27 +00:00 |
Martin Willi
|
a1db79b31a
|
fixed some compiler warnings
|
2008-10-27 11:13:33 +00:00 |
Andreas Steffen
|
aeaa6a9b45
|
remove unused local DH_EXPONENT_ENTROPY definition
|
2008-10-27 00:02:22 +00:00 |
Andreas Steffen
|
21a45f2f2d
|
use 512 bits of entropy for secret DH exponents
|
2008-10-26 23:53:52 +00:00 |
Martin Willi
|
82d20c0588
|
additional getters for ipcomp and UDP encap
|
2008-10-24 09:51:48 +00:00 |
Martin Willi
|
6e10aeadab
|
more CHILD_SA refactorings
|
2008-10-24 08:02:35 +00:00 |
Martin Willi
|
f2a5aa4a9d
|
initiate connections simultaneously in load tester
|
2008-10-22 09:01:36 +00:00 |
Andreas Steffen
|
2d1000d14e
|
include updown plugin in sql scenarios
|
2008-10-21 22:28:29 +00:00 |
Martin Willi
|
0fd6e95562
|
a load testing plugin, to:
find multi-threading issues
do performance profiling
|
2008-10-21 13:00:38 +00:00 |
Martin Willi
|
6df2837a8c
|
fixed enumeration of CHILD_SA traffic selectors
|
2008-10-21 10:57:40 +00:00 |
Andreas Steffen
|
8ceb5fd566
|
use old algorithm nameagain in pfkey/alg-aes-xcbc scenario
|
2008-10-21 03:42:32 +00:00 |
Martin Willi
|
f2e1ff59ab
|
reset threads IKE_SA after checking other IKE_SAs
invoke updown script only if we have valid IKE_SA
|
2008-10-20 11:38:16 +00:00 |
Andreas Steffen
|
7790ab0f37
|
re-established all previous AUD level messages
|
2008-10-17 03:44:06 +00:00 |
Martin Willi
|
104c28d603
|
fixed perl oid generation
|
2008-10-16 15:38:48 +00:00 |
Martin Willi
|
6f3ea4a516
|
loading updown plugin if required
|
2008-10-16 12:48:27 +00:00 |
Martin Willi
|
ad3af574a4
|
moved updown script invocation to an optional plugin
|
2008-10-16 11:48:18 +00:00 |
Martin Willi
|
e17353fc31
|
bus uses finally recusive locking
other small fixes
|
2008-10-16 11:32:43 +00:00 |
Martin Willi
|
f868dc0ca2
|
condvar->wait() can handle recursive mutex
|
2008-10-16 11:29:42 +00:00 |
Martin Willi
|
229ee197a3
|
added missing EAP-AKA RFC
|
2008-10-16 07:21:30 +00:00 |
Martin Willi
|
61508be2f5
|
added a guest.mconsole() method to script mconsole (e.g. add additional conX=)
|
2008-10-15 14:47:52 +00:00 |
Martin Willi
|
1df106bf39
|
cache keys for in and outbound ESP SAs
removed redundant storing of traffic selectors in CHILD_SA (sa_policy_t)
creating TS pairs dynamically using create_policy_enumerator()
|
2008-10-15 12:24:44 +00:00 |
Tobias Brunner
|
35379b2130
|
typedef fixed
|
2008-10-15 11:34:29 +00:00 |
Martin Willi
|
0b9728986a
|
reverted changeset [4440], [4443] uses old algorithm name again
|
2008-10-15 08:50:14 +00:00 |
Martin Willi
|
9f4e5f8c47
|
store ESP keys in CHILD_SA
|
2008-10-15 08:37:56 +00:00 |
Andreas Steffen
|
ff93a76cf1
|
activate compilation of the kernel_pfkey plugin
|
2008-10-15 00:22:51 +00:00 |
Andreas Steffen
|
deb079204e
|
added PFKEYv2 UML scenarios
|
2008-10-15 00:11:00 +00:00 |