ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
839 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

839 Commits

Author SHA1 Message Date
Martin Willi c15c3d4be9 updated for release 2006-06-15 13:23:06 +00:00
Martin Willi 147fe5095d fixed aes code, we support now aes128, aes192, aes256 in IKE 2006-06-15 13:14:09 +00:00
Martin Willi c095388f7f added support for "ike" and "esp" keywords 
fixed bugs in proposal code
algorithm selection for charon works now with ipsec.conf
a lot of other fixes
 2006-06-15 11:09:11 +00:00
Martin Willi 3efbf98312 implemented clean spi allocation behavior when using multiple proposals 2006-06-15 11:06:22 +00:00
Martin Willi 525a5538db fixed logleve(l) keyword typo 2006-06-15 11:03:41 +00:00
Martin Willi 56f1a8f2d6 handling of "rekey=no" parameter added 2006-06-15 11:02:15 +00:00
Martin Willi ad038f770d changed default algorithms to: 
ike: aes128-sha-modp2048
  esp: aes128-sha1, 3des-md5
 2006-06-15 11:01:17 +00:00
Andreas Steffen b98e0927f4 added default CRL directory path 2006-06-14 12:44:12 +00:00
Andreas Steffen 311b225740 added strictcrlpolicy command line argument 2006-06-14 12:43:51 +00:00
Andreas Steffen 03442041a9 added option parsing 2006-06-14 12:42:36 +00:00
Andreas Steffen d9d35d5911 added local CRLs 2006-06-14 12:41:37 +00:00
Andreas Steffen 71d277e468 added rekeying parameters 2006-06-14 12:41:17 +00:00
Andreas Steffen b3b4c0e44b corrected some descriptions 2006-06-13 11:33:13 +00:00
Andreas Steffen 3c846c630a moved RSA key size constraints to definitions.h 2006-06-13 11:32:12 +00:00
Martin Willi b7e3329f17 fixed down keyword 2006-06-13 10:11:45 +00:00
Martin Willi fa32cd3c47 debug and logging improvements 2006-06-13 10:01:04 +00:00
Martin Willi 22ff6f578f 2006-06-13 10:00:19 +00:00
Andreas Steffen 64f4d91898 support for stroke listcerts|listcacerts|listcrls|listall 2006-06-12 08:47:28 +00:00
Andreas Steffen 5347233204 support for stroke listcerts|listcacerts|listall and left|rightca= 2006-06-12 08:43:46 +00:00
Andreas Steffen 299dbc604f gperf creates optimum hash table for stroke keywords 2006-06-12 08:42:32 +00:00
Martin Willi 50f98119dd using same reqid if a child sa rekeys an existing one 2006-06-12 08:36:41 +00:00
Andreas Steffen fec9cb332f NULL string argument is treated as %any 2006-06-12 08:26:14 +00:00
Andreas Steffen bc35460db7 add_certificate() now returns pointer to added cert 2006-06-12 07:57:14 +00:00
Andreas Steffen c4a7413e72 cosmetics 2006-06-12 07:55:37 +00:00
Andreas Steffen 016816b880 single tests now start up faster 2006-06-12 07:51:18 +00:00
Martin Willi a2a3fb3e25 workaround for peers rekeying at the same time 
loading lifetime policies from ipsec.conf
 2006-06-12 07:33:20 +00:00
Martin Willi 695723d4e8 old child_sa gets deleted after rekeying 
rekeying almost complete, but:
	IKE_SA get in an invalid state when both initiate rekeying at the same time,
 2006-06-09 15:12:43 +00:00
Andreas Steffen 2a13996de0 corrected type 2006-06-09 11:06:37 +00:00
Martin Willi b543bef50c improved kernel interface logging 2006-06-09 08:41:41 +00:00
Martin Willi 0bb32cb5f3 fixed clone/destroy behavior when not using CAs 2006-06-09 07:40:40 +00:00
Martin Willi 5c131a016b specifying keysize in bits, as it is required in IKEv2 
added generic kernel SA algorithm handling, which brings us:
        aes-128, aes-256, blowfish, des, 3des and null encryption for CHILD_SAs
 2006-06-09 07:31:30 +00:00
Andreas Steffen b7f9ca5837 added support for leftsendcert= and left|rightca= parameters 2006-06-09 05:50:41 +00:00
Andreas Steffen ac427e3677 discard cert if CA basic constraints flag is not set and warn if cert is not valide 2006-06-09 05:48:49 +00:00
Andreas Steffen a612f2dd00 added public methods is_ca() and is_valid() 2006-06-09 05:47:00 +00:00
Andreas Steffen 5407d563b7 changed ASN.1 CONTROL log output to LEVEL2 2006-06-09 05:45:37 +00:00
Andreas Steffen 996865b09e cosmetics 2006-06-09 05:44:34 +00:00
Martin Willi 180f924ba5 removed unused Makefile 2006-06-09 05:42:29 +00:00
Andreas Steffen d521714c9a stroke.h requires libstrongswan/types.h 2006-06-09 05:41:31 +00:00
Martin Willi 5238c9afef fixed compile warnings when using -Wall 
further CHILD_SA rekeying work done:
	creation of a new CHILD_SA on a expire from a kernel works
	delete of old CHILD_SA still missing
	some issues when both initiate rekeing
 2006-06-08 14:20:05 +00:00
Martin Willi c0d63ac9db updated INSTALL to conform with autotools 
added a short HACKING introduction
 2006-06-08 06:34:52 +00:00
Martin Willi 8d77eddec2 further work for rekeying: 
get liftimes from policy
  added new state
  initiation of rekeying done
proposal redone:
  removed support for AH+ESP proposals
 2006-06-07 13:26:23 +00:00
Martin Willi a401efd091 proper leak detective hook for realloc 
excluded pthread_setspecific from leak detective
 2006-06-07 13:22:38 +00:00
Martin Willi 6a030ba9ea fixed a memleak 2006-06-07 05:54:09 +00:00
Andreas Steffen 0f2094930d cosmetics 2006-06-06 06:24:04 +00:00
Andreas Steffen 71c80765a5 ipv6-host2host scenario added 2006-06-06 05:43:32 +00:00
Andreas Steffen fc0afb6810 created IPv6 environment 2006-06-06 05:41:21 +00:00
Martin Willi 32b6500fbf job management: 
moved job code from thread_pool to job, jobs have an "execute" method now
  added two new jobs: delete_child_sa & rekey_child_sa
kernel interface:
  listens now for ACQUIRE & EXPIRE
  supports hard and soft lifetimes
  fires jobs for delete and rekey child sa
ike sa manager:
  can checkout IKE SAs by requid of owned CHILD SAs
we have now the infrastructure to do the rekeying... :-)
 2006-05-31 14:23:15 +00:00
Martin Willi 6f2aba1322 - fixed some memleaks/freebugs 
- leak detective works almost usable now (?!)
 2006-05-31 14:13:26 +00:00
Martin Willi 3b8af2ab60 - added host2host test for ikev2 2006-05-31 08:15:23 +00:00
Martin Willi bd72398729 - fixed host-host tunnel traffic selection, host-host works now 2006-05-31 06:52:27 +00:00