Tobias Brunner
c0d39c205c
Implemented AES-CMAC based PRF and signer.
...
The cmac plugin implements AES-CMAC as defined in RFC 4493 and the
signer and PRF based on it as defined in RFC 4494 and RFC 4615,
respectively.
2012-04-03 10:40:47 +02:00
Tobias Brunner
9a6b1cb412
Fixed GNU license header in hmac and xcbc plugins.
2012-04-03 10:33:59 +02:00
Martin Willi
4bc7577db2
More detailed NEWS about RADIUS extensions
2012-04-02 13:58:21 +02:00
Andreas Steffen
0293f09597
updated supported EAP methods
2012-03-30 11:15:10 +02:00
Tobias Brunner
ef511fc03d
Add support for dnQualifier in DNs.
2012-03-29 10:01:55 +02:00
Andreas Steffen
e464894e8b
remove leading zeros in ASN.1 encoded serial numbers
2012-03-27 15:05:36 +02:00
Tobias Brunner
a281494abd
Added NEWS about resolvconf support.
2012-03-27 10:44:21 +02:00
Tobias Brunner
ed2cab08d2
Make resolvconf interface prefix configurable.
2012-03-27 10:44:21 +02:00
Tobias Brunner
caae5a5c0f
Added support for the resolvconf framework in resolve plugin.
...
If /sbin/resolvconf is found nameservers are not written directly to
/etc/resolv.conf but instead resolvconf is invoked.
2012-03-27 10:44:21 +02:00
Tobias Brunner
817ab8a8d4
Don't cast second argument of mem_printf_hook (%b) to size_t.
...
Also treat the given number as unsigned int.
Due to the printf hook registration the second argument of
mem_printf_hook (if called via printf etc.) is always of type int*.
Casting this to a size_t pointer and then dereferencing that as int does
not work on big endian machines if int is smaller than size_t (e.g. on ppc64).
In order to make this change work if the argument is of a type larger
than int, size_t for instance, the second argument for %b has to be casted
to (u_)int.
2012-03-27 09:10:34 +02:00
Tobias Brunner
adfd3b992f
smp: Use proper signed type to get return value of read(2).
2012-03-27 09:10:33 +02:00
Tobias Brunner
008e2df477
pluto: Use time_monotonic() instead of a custom implementation.
2012-03-27 09:10:33 +02:00
Tobias Brunner
8e066237a7
Don't include individual glib headers in nm plugin.
...
Expections are glib/gi18n.h, glib/gi18n-lib.h, glib/gprintf.h and
glib/gstdio.h.
2012-03-26 15:23:17 +02:00
Andreas Steffen
80abe22f65
fixed parsing of IF-MAP SOAP responses
2012-03-21 14:25:19 +01:00
Andreas Steffen
3cea55b0c8
corrected description
2012-03-17 23:22:25 +01:00
Andreas Steffen
9da795392e
added ikev2/esp-alg-sha1-160 scenario
2012-03-17 23:20:03 +01:00
Andreas Steffen
d9b539dc33
added ikev2/esp-alg-md5-128 scenario
2012-03-17 22:56:37 +01:00
Andreas Steffen
584178c3bb
version bump to 4.6.3dr2
2012-03-16 22:21:54 +01:00
Andreas Steffen
f673958e59
added the strongswan.conf options of the tnc-pdp plugin
2012-03-16 11:14:40 +01:00
Andreas Steffen
bd360b3911
keep a copy of refreshed carolCert-ocsp.pem
2012-03-15 07:59:42 +01:00
Andreas Steffen
ebf292bad0
refreshed carolCert-ocsp.pem
2012-03-15 07:58:35 +01:00
Andreas Steffen
68c2c7ece4
eliminate unneeded private variable
2012-03-14 21:38:30 +01:00
Andreas Steffen
ea2f340e27
added tnc/tnccs-20-pdp scenario
2012-03-14 08:47:12 +01:00
Andreas Steffen
9b8053a63a
edited description of tnc/tnccs-11-radius scenario
2012-03-14 08:46:52 +01:00
Andreas Steffen
fb5450a435
use MAX_RADIUS_ATTRIBUTE_SIZE constant from radius_message header file
2012-03-14 07:51:56 +01:00
Andreas Steffen
c224f7654d
version bump to 4.6.3dr1
2012-03-14 07:45:35 +01:00
Andreas Steffen
dae4ada4cd
make the mppe salt unique
2012-03-14 07:31:19 +01:00
Andreas Steffen
3cff2b598b
straightene radius_mppe header file
2012-03-14 06:52:26 +01:00
Andreas Steffen
6fd612913e
implemented MS_MPPE encryption
2012-03-13 23:26:15 +01:00
Andreas Steffen
5fdb849293
use predefined Microsoft PEN
2012-03-13 19:23:35 +01:00
Andreas Steffen
4adc3c147e
use MAX_RADIUS_ATTRIBUTE_SIZE constant
2012-03-13 18:06:56 +01:00
Andreas Steffen
ff4e447954
use RADIUS_TUNNEL_TYPE_ESP defined in header file
2012-03-13 17:00:37 +01:00
Andreas Steffen
d90ade8f79
implemented RADIUS Filter-ID attribute
2012-03-13 16:27:18 +01:00
Andreas Steffen
dfa3084223
removed double library entry
2012-03-13 16:27:17 +01:00
Andreas Steffen
27a91de071
adapted debug output
2012-03-13 16:27:17 +01:00
Andreas Steffen
70b2bfa5cb
keep a list of RADIUS connections with EAP method states
2012-03-13 16:27:17 +01:00
Andreas Steffen
595f44e9a3
apply maximum RADIUS attribute size to outbound EAP messages
2012-03-13 16:27:17 +01:00
Andreas Steffen
d1a311f631
read PDP server name from strongswan.conf
2012-03-13 16:27:17 +01:00
Andreas Steffen
4853efe891
define MAX_RADIUS_ATTRIBUTE_SIZE
2012-03-13 16:27:17 +01:00
Andreas Steffen
135822e11b
define peer and server identities
2012-03-13 16:27:17 +01:00
Andreas Steffen
cd9bde335c
added EAP_SUCCESS/FAILURE message to RADIUS Accept/Reject
2012-03-13 16:27:17 +01:00
Andreas Steffen
b3ec652192
added msg_auth flag in radius_message_t sign() method
2012-03-13 16:27:17 +01:00
Andreas Steffen
4fc6c7d442
allow debug of raw RADIUS data
2012-03-13 16:27:17 +01:00
Andreas Steffen
d4db9f44c2
simple RADIUS server example works
2012-03-13 16:27:17 +01:00
Andreas Steffen
e9f32b010a
first use of libradius
2012-03-13 16:27:17 +01:00
Andreas Steffen
21b0f216b9
created libradius shared by eap-radius and tnc-pdp plugins
2012-03-13 16:27:17 +01:00
Andreas Steffen
70fd2d1af7
created tnc-pdp policy decision point plugin
2012-03-13 16:27:16 +01:00
Martin Willi
bc403eb1e5
Fixed crash and locking issues while unrouting connections via stroke
2012-03-13 10:56:22 +01:00
Tobias Brunner
cd6b5bf8e9
Clear peer addresses during HA update.
2012-03-09 10:30:37 +01:00
Tobias Brunner
72b2811204
Simplified some route lookups now that we store all peer addresses in a list.
2012-03-09 10:22:21 +01:00