ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
17,154 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

23 Commits

Author SHA1 Message Date
Tobias Brunner 1ec9382880 vici: Add support for PPKs 2018-09-10 18:03:01 +02:00
Tobias Brunner 859d645c44 vici: Accept XAUTH as shared key type too 
Fixes #2481.
 2017-12-22 10:09:22 +01:00
Tobias Brunner 605a98c7ce vici: Return key ID from load-key command 
We already do this for load-token and this should simplify client
implementations.
 2017-05-23 16:41:02 +02:00
Tobias Brunner 2ceeb96db5 vici: Add command to load a private key from a token 
PINs are stored in a "hidden" credential set, so that its shared
secrets are not exposed via VICI.  Since they are not explicitly loaded as
shared secrets via VICI a client might consider them as removed secrets and
remove them.
 2017-02-16 19:24:07 +01:00
Tobias Brunner ed105f45af vici: Add support for NT Hash secrets 
Fixes #1002.
 2017-02-16 19:23:51 +01:00
Tobias Brunner cf57d9a98f vici: Add possibility to remove shared keys by a unique identifier 
This identifier can be set when adding/replacing a secret.  The unique
identifiers of all secrets may be enumerated.
 2017-02-16 19:21:13 +01:00
Tobias Brunner 2a56acf501 vici: Add commands to enumerate and remove private keys 
They are identified by their SHA-1 key identifier.
 2017-02-16 19:21:12 +01:00
Andreas Steffen 85b5a6ace2 Save both base and delta CRLs to disk 2016-10-11 17:18:22 +02:00
Andreas Steffen 2a2669ee3e vici: strongswan.conf cache_crls = yes saves fetched CRLs to disk 2016-10-11 17:18:22 +02:00
Andreas Steffen 2c7cfe7630 vici: flush-certs command flushes certificate cache 
When fresh CRLs are released with a high update frequency (e.g.
every 24 hours) or OCSP is used then the certificate cache gets
quickly filled with stale CRLs or OCSP responses. The new VICI
flush-certs command allows to flush e.g. cached CRLs or OCSP
responses only. Without the type argument all kind of certificates
(e.g. also received end entity and intermediate CA certificates)
are purged.
 2016-09-13 17:02:59 +02:00
Andreas Steffen 87371460f6 vici: Support of raw public keys 2016-01-09 07:23:29 +01:00
Andreas Steffen 02d431022c Refactored certificate management for the vici and stroke interfaces 2015-12-12 00:19:24 +01:00
Andreas Steffen 334119b843 Share vici_cert_info.c with vici_cred.c 2015-12-11 18:26:55 +01:00
Tobias Brunner 176c24b8e1 vici: Attribute certificates are not trusted 2015-11-12 14:45:43 +01:00
Tobias Brunner e5e352e631 vici: Properly add CRLs to the credential set 
add_crl() ensures that old CLRs are not stored in the credential set.
 2015-11-12 14:45:42 +01:00
Andreas Steffen 63d370387d vici: Certification Authority support added. 
CDP and OCSP URIs for a one or multiple certification authorities
can be added via the VICI interface. swanctl allows to read
definitions from a new authorities section.
 2015-07-21 13:02:30 +02:00
Martin Willi 94d9398202 vici: Return a success result for the clear-creds command 
Even if the command actually can't fail, this looks more aligned to similar
commands.
 2014-10-10 11:42:17 +02:00
Martin Willi c2b6402eb0 vici: Log owners of a just loaded shared-secret 2014-05-07 14:13:39 +02:00
Martin Willi 41745e24f3 vici: Handle "xauth" as an alias for "eap" secrets 2014-05-07 14:13:38 +02:00
Martin Willi 6efa792d22 vici: Add a load-shared command to load shared IKE and EAP secrets 2014-05-07 14:13:37 +02:00
Martin Willi 559ef7de48 vici: Add a load-key command to load private keys 2014-05-07 14:13:36 +02:00
Martin Willi c12edb2a27 vici: Support loading of different certificate types 2014-05-07 14:13:36 +02:00
Martin Willi de190f62c2 vici: Add a credential backend 2014-05-07 14:13:36 +02:00