Andreas Steffen
|
be2e5b48cd
|
updated list of ESP and AH algorithms
|
2008-04-18 11:25:37 +00:00 |
Tobias Brunner
|
6439267a8c
|
support for hash and URL encoded certificate payloads in charon
|
2008-04-18 11:24:45 +00:00 |
Tobias Brunner
|
eed87e1d76
|
typo
|
2008-04-18 10:58:36 +00:00 |
Martin Willi
|
4075225466
|
fixed peer config equality check
|
2008-04-18 10:30:52 +00:00 |
Tobias Brunner
|
ab7ed97c93
|
type corrected
|
2008-04-18 10:11:41 +00:00 |
Martin Willi
|
58caabf7b4
|
more NEWS
|
2008-04-18 08:09:32 +00:00 |
Andreas Steffen
|
a11274a856
|
corrected description
|
2008-04-18 07:44:39 +00:00 |
Andreas Steffen
|
6927d37c2c
|
fixed another transport mode evaltest
|
2008-04-18 07:42:57 +00:00 |
Andreas Steffen
|
c2fc3379ac
|
added ipv6/net2net-ipv4-ikev2 scenario
|
2008-04-18 07:24:01 +00:00 |
Andreas Steffen
|
0d6e4d7137
|
fixed two evaltests
|
2008-04-18 07:21:49 +00:00 |
Andreas Steffen
|
5c5d67d6ae
|
updated NEWS
|
2008-04-17 20:38:47 +00:00 |
Andreas Steffen
|
8eeb796a51
|
changed logging of crl writing to old style
|
2008-04-17 20:23:31 +00:00 |
Andreas Steffen
|
5434d5f7e9
|
corrected variable name
|
2008-04-17 18:56:55 +00:00 |
Martin Willi
|
c4ec8c9d18
|
fixed compiler warning
|
2008-04-17 15:08:48 +00:00 |
Martin Willi
|
b360e3933d
|
respecting ipsec.conf cachecrls= option
|
2008-04-17 15:01:57 +00:00 |
Martin Willi
|
58126dd295
|
added missing bits for credential caching
|
2008-04-17 15:00:51 +00:00 |
Martin Willi
|
d33fa48bc7
|
caching of CRLs to /etc/ipsec.d/crls
|
2008-04-17 14:08:38 +00:00 |
Martin Willi
|
72c882d8c0
|
cosmetics to chunk_write()
|
2008-04-17 14:06:37 +00:00 |
Martin Willi
|
2270b396b3
|
added missing credential_set method to stroke_ca
|
2008-04-17 13:00:05 +00:00 |
Martin Willi
|
233b853dfa
|
extended credential_set_t interface by a cache_cert() method
allows persistent or in-memory caching of fetched certificates
|
2008-04-17 11:22:37 +00:00 |
Martin Willi
|
46a5604a04
|
splitted IKE_SA manager destroy to allow plugin interaction
|
2008-04-17 10:46:25 +00:00 |
Martin Willi
|
e5617e40d1
|
adding rightsourceip=%poolname properly to peer config
|
2008-04-17 08:55:32 +00:00 |
Martin Willi
|
4904d26120
|
slightly optimized IKE_SA checkin
|
2008-04-16 08:43:32 +00:00 |
Martin Willi
|
054c9e6031
|
parallelized trust chain verification
temporary imported certificates are thread-local only
read-write locking on credential manager
credential sets must be thread-save now
|
2008-04-16 08:38:15 +00:00 |
Martin Willi
|
2c463cdfb1
|
optimized half-open IKE_SA lookup (no checkout)
|
2008-04-16 08:34:52 +00:00 |
Martin Willi
|
140ed97c0c
|
disable DPD if dpddelay is set but dpdaction=none
|
2008-04-16 05:50:56 +00:00 |
Martin Willi
|
20e32cf86c
|
updated sql testcases to new table schema
|
2008-04-15 15:14:32 +00:00 |
Martin Willi
|
02e4180e48
|
updated sql plugin to respect config changes
|
2008-04-15 15:13:53 +00:00 |
Martin Willi
|
1822ca740b
|
disabled SQL logging by default, as tests scenarios do not have a logging table
|
2008-04-15 15:13:08 +00:00 |
Martin Willi
|
f722fa31db
|
added error logging to sqlite plugin
|
2008-04-15 15:12:01 +00:00 |
Martin Willi
|
0dab0f1d5d
|
fixed build of smp plugin
|
2008-04-15 11:51:46 +00:00 |
Andreas Steffen
|
f45411c045
|
set long-forgotten DPD defaults
|
2008-04-15 11:27:45 +00:00 |
Martin Willi
|
82d8368bd7
|
build plugins after daemon/libstrongswan
|
2008-04-15 07:57:01 +00:00 |
Martin Willi
|
6a365f0740
|
added API for random number generators, served through credential factory
ported randomizer_t to a rng_t on top of /dev/(u)random (plugin random)
|
2008-04-15 05:56:35 +00:00 |
Martin Willi
|
0644ebd3de
|
implemented IKE_SA uniqueness using ipsec.conf uniqueids paramater
additionally supports a "keep" value to keep the old IKE_SA
|
2008-04-14 13:23:24 +00:00 |
Martin Willi
|
a593db5d35
|
ike_sa_manager enumerable, not iterable
|
2008-04-14 11:37:46 +00:00 |
Martin Willi
|
b010310517
|
updated rightsourceip parameter in man page
|
2008-04-14 08:27:05 +00:00 |
Martin Willi
|
348af092ac
|
added close_action as a seperate config option to dpd_action
|
2008-04-14 08:17:18 +00:00 |
Martin Willi
|
cadb5d16e5
|
fixed jumping IKE_SA unique ids
|
2008-04-14 07:55:23 +00:00 |
Martin Willi
|
45819d7d49
|
fixed rightsourceip=%config scenarios
|
2008-04-14 07:18:16 +00:00 |
Andreas Steffen
|
fa89d4457a
|
use ip6tables in sql/rw-psk-ipv6 scenario
|
2008-04-14 06:10:10 +00:00 |
Andreas Steffen
|
acda610cbb
|
fixed suppression of cert requests in eap-sim and eap-aka scenarios
|
2008-04-14 04:33:17 +00:00 |
Andreas Steffen
|
ff41ca0dc4
|
host_srcip was not properly initialized in starterwhack.c
|
2008-04-13 21:42:44 +00:00 |
Andreas Steffen
|
743d9c7b20
|
added sql/rw-psk-ipv6 scenario
|
2008-04-13 19:50:15 +00:00 |
Andreas Steffen
|
09a01b5e51
|
added sql/rw-psk-rsa-split scenario
|
2008-04-13 19:49:20 +00:00 |
Andreas Steffen
|
b1bdfa4890
|
fixed disabling the sending of cert requests
|
2008-04-13 17:31:07 +00:00 |
Martin Willi
|
96926b006d
|
using dpd actions to enforce connection state
dpd actions a per child-, not peer ike-sa
|
2008-04-11 08:14:48 +00:00 |
Tobias Brunner
|
4a6474c2c3
|
enabling acquire for mediated connections
|
2008-04-10 12:51:04 +00:00 |
Tobias Brunner
|
78abba428f
|
enabling reauthentication on mediation connections
|
2008-04-10 08:42:27 +00:00 |
Tobias Brunner
|
4a03518112
|
fixing a problem if the mediation server initiates the rekeying
|
2008-04-10 07:24:30 +00:00 |