01f50bdddc
conftest: Sanity check for proposal number modifier
2018-11-12 17:36:22 +01:00
3fbc95cf54
keymat_v2: Add support for PPKs
2018-09-10 18:03:01 +02:00
2307bffe56
proposal: Move proposal_t from libcharon to libstrongswan
...
This allows us to use it without having to initialize libcharon, which
was required for the logging (we probably could have included debug.h
instead of daemon.h to workaround that but this seems more correct).
2017-11-17 18:09:54 +01:00
de280c2e03
private-key: Add optional parameters argument to sign() method
2017-11-08 16:48:10 +01:00
267c1f7083
keymat: Allow keymat to modify signature scheme(s)
...
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
2017-02-08 10:32:17 +01:00
b12c53ce77
Use standard unsigned integer types
2016-03-24 18:52:48 +01:00
147fe503af
ike: Rename encryption_payload to encrypted_payload
2014-10-10 09:30:25 +02:00
0404a29bfe
kernel-netlink: Define netlink buffer as an union having a netlink header
...
This allows us to streamline the netlink buffers, and avoid extensive
casting.
2014-09-24 11:19:58 +02:00
3ecfc83c6b
payload: Use common prefixes for all payload type identifiers
...
The old identifiers did not use a proper namespace and often clashed with
other defines.
2014-06-04 15:53:03 +02:00
064fe9c963
enum: Return boolean result for enum_from_name() lookup
...
Handling the result for enum_from_name() is difficult, as checking for
negative return values requires a cast if the enum type is unsigned. The new
signature clearly differentiates lookup result from lookup value.
Further, this actually allows to convert real -1 enum values, which could not
be distinguished from "not-found" and the -1 return value.
This also fixes several clang warnings where enums are unsigned.
2014-05-16 15:42:07 +02:00
85ca2f7441
conftest: Disable reset_seq hook on systems other than Linux
...
Fixes #386 .
2013-08-21 11:27:28 +02:00
11adf114c1
Fixed Doxygen comments after scanning complete src directory
2013-03-02 18:31:53 +01:00
4e51cf895e
conftest: Make outgoing sequence number set by reset_seq configurable
...
This is useful for certain test cases. Passing the sequence number to
the callback requires a new struct that contains both the number and the
xfrm_usersa_id. The new configuration parameter is called oseq in
accordance with the kernel name, see the comment in the reset_cb
callback function for details.
2013-01-08 11:10:13 +01:00
6da1ada3b3
Missed one in 3dcffed6
2012-09-28 20:50:09 +02:00
3dcffed682
The this->data member is never NULL
2012-09-28 17:09:16 +02:00
4c57c63062
Added possibility to register custom proposal keywords
...
Keyword lookup and registration are handled via the new lib->proposal object.
2012-09-13 15:44:46 +02:00
995875210a
Removed len argument from proposal_get_token()
...
Also use enumerators instead of lexparser.h to parse proposal strings.
2012-09-13 15:44:01 +02:00
a6733d8e85
Remove unused replay variable in conftests seq number reset hook
2012-07-16 14:53:37 +02:00
bb1e0c59e1
Add a return value to keymat_v2_t.get_auth_octets()
2012-07-16 14:53:34 +02:00
5aef6bd0f3
Accept NULL auth_cfg_t passed to credential_manager_t.get_private()
2012-03-20 17:31:39 +01:00
47b8f6ef4b
Invoke bus_t.message hook twice, once plain and parsed, once encoded and encrypted
2012-03-20 17:31:37 +01:00
15a682f4c2
Separated libcharon/sa directory with ikev1 and ikev2 subfolders
2012-03-20 17:31:26 +01:00
9ad5b8fa95
Cleanup CERT payload constructors
2012-03-20 17:31:13 +01:00
e174e0d445
Added not-yet used sa_payload parameters used in IKEv1
2012-03-20 17:30:52 +01:00
d6cec44b24
Fixed conftests after extending CERT payload.
2012-03-20 17:30:50 +01:00
a0563846b0
Moved version specific keymat functions to specific interfaces.
2012-03-20 17:30:45 +01:00
c311d22d0f
Don't clone chunk in message.get_packet_data
2012-03-20 17:30:44 +01:00
04ee2b7fed
Added IKEv1 support to notify payload
2012-03-20 17:30:43 +01:00
38fb67fbf1
Add a payload.get_header_length() method, remove header length definitions
2012-03-20 17:30:42 +01:00
e9b55b8325
Simplify signature of get_encoding_rules(), make all rules static
2012-03-20 17:30:42 +01:00
4ed52db2bb
Allow creation of message_t objects for IKEv1 packets.
2012-03-20 17:30:40 +01:00
b0b9d18593
Extend sa_payload for IKEv1 support
2012-03-20 17:30:40 +01:00
2a277867be
Show full blown traffic selector in log_ts hook
2011-04-14 09:21:58 +02:00
84545f6e7c
Some typos fixed.
2011-02-07 11:39:41 +01:00
5b0e6c593a
Added option to use a different key when rebuilding AUTH
2011-01-05 16:46:07 +01:00
0beb1d6fbb
Added a hook to reset ESP sequence numbers
2011-01-05 16:46:00 +01:00
c7f7a0ba06
Use strncaseeq instead of strncasecmp
2011-01-05 16:45:59 +01:00
9992cb1c10
Generate payload to rebuild_auth, works with injected unknown payloads
2011-01-05 16:45:55 +01:00
5c95bf7b93
Move rebuild_auth functionality to a standalone hook
...
This reverts commit 3c12b239fd55aa36c59eb60224d27af8b8d915d1.
2011-01-05 16:45:54 +01:00
586070d2ce
Implemented hook to log traffic selectors
2011-01-05 16:45:53 +01:00
6bd3a1c220
The set_reserved() hook rebuilds AUTH if it mangles ID payload fields
2011-01-05 16:45:53 +01:00
5f15faebc8
Include the used reserved bytes from ID payloads in AUTH calculation
2011-01-05 16:45:53 +01:00
b5bbc9506c
Extended set_reserved hook to mangle sa_payload substructures
2011-01-05 16:45:52 +01:00
a6da3795d6
The set_ike_version hook supports version flag mangling
2011-01-05 16:45:52 +01:00
357e960e40
Implemented hook to toggle initiator flag in IKE header
2011-01-05 16:45:52 +01:00
446a4537e5
Implemented a hook to set reserved bits
2011-01-05 16:45:51 +01:00
15a612efb2
Use payload_get_field() to look up payload fields
2011-01-05 16:45:51 +01:00
f5705d0fa6
Use standard ID getter in log_id hook
2011-01-05 16:45:50 +01:00
64293410b7
Implemented a hook to toggle the IKE message request flag
2011-01-05 16:45:50 +01:00
19a18de98a
Implemented hook to modify IKE header SPIs
2011-01-05 16:45:50 +01:00
Tobias Brunner