Andreas Steffen
d1cbe55127
implemented ipsec listalgs as a stroke command
2008-10-08 07:00:13 +00:00
Andreas Steffen
51358f9f72
correct fix that replaces Changeset 4378
2008-10-08 06:57:52 +00:00
Andreas Steffen
c85862931f
removing fix applied by Changeset 4378
2008-10-08 06:15:41 +00:00
Andreas Steffen
ec6a88f617
added the sql/rw-rsa and sql/rw-rsa-keyid scenarios using raw RSA public keys
2008-10-08 03:37:40 +00:00
Andreas Steffen
af09048e35
get_subject() of a CERT_TRUSTED_PUBKEY object returns ID_PUBKEY_INFO_SHA1 hash consistent with the IKEv2 keyid philosophy
2008-10-08 03:35:52 +00:00
Andreas Steffen
95fd1dedb3
Implemented BUILD_BLOB_ASN1_DER for the CERT_TRUSTED_PUBKEY subtype
2008-10-08 01:19:26 +00:00
Andreas Steffen
7a07cd1c75
fixed loop termination criterion in addr_in_subnet(). Thanks go to Wolfgang Steudel, TU Ilmenau
2008-10-07 21:41:45 +00:00
Martin Willi
c8ba5125d6
guest bootup waits for init, not for network stack (fixes 2.6.27 guest kernels)
2008-10-07 16:31:41 +00:00
Martin Willi
693a244d0f
ported mconsole-exec patch to 2.6.27-rc7
2008-10-07 09:09:34 +00:00
Martin Willi
aa9a300677
userland support to process notifies for new NAT mappings detected in UDP encapsulation
2008-10-07 07:55:28 +00:00
Andreas Steffen
41b1cd6b87
wait 5 seconds before deactivating eth1 interface on alice
2008-10-07 04:56:50 +00:00
Andreas Steffen
e8c58d8e64
explicitly load kernel-netlink plugin in UML scenarios
2008-10-07 04:51:20 +00:00
Martin Willi
9d9a772ee1
use MOBIKE enabled DPD if we are NATed
...
update SAs if we detect changes in NAT mappings
2008-10-06 13:37:04 +00:00
Martin Willi
0592212f23
fixed builder_cancel macro to return NULL on failed build
2008-10-06 13:08:49 +00:00
Martin Willi
aa1b90a5b2
do not run CHILD_SA delete action if rekeying
2008-10-03 16:01:14 +00:00
Andreas Steffen
09d7ef2614
added --disable-kernel-netlink configure option
2008-10-03 03:27:42 +00:00
Martin Willi
9c0aa46b64
use dpd_action also for remotely closed tunnels
2008-10-02 13:47:19 +00:00
Martin Willi
7827997346
also respect the mobike=no setting as responder
2008-09-30 12:36:58 +00:00
Martin Willi
ceff3064fe
using signed return value for read()
2008-09-30 06:27:50 +00:00
Tobias Brunner
a341a68fac
merging renaming of mode_t to ipsec_mode_t back to trunk
2008-09-25 13:56:23 +00:00
Tobias Brunner
507f26f685
merging modularized kernel interface back to trunk
2008-09-25 07:56:58 +00:00
Tobias Brunner
80fc5bd95c
missing '_' added
2008-09-19 13:20:09 +00:00
Andreas Steffen
414caff027
version bump to 4.2.8
2008-09-18 00:42:22 +00:00
Andreas Steffen
b37cda8211
completed NEWS for 4.2.7 release
2008-09-18 00:34:31 +00:00
Martin Willi
cdaf57ec34
fixed DH value range testing
2008-09-17 09:02:30 +00:00
Martin Willi
73f6886a50
checking mpz_export return value properly
...
fixes a potential DoS attack if a DH value of zero gets processed
2008-09-17 08:10:48 +00:00
Andreas Steffen
b33c11b6c7
stroke parses and lists AC groups
2008-09-17 02:17:01 +00:00
Martin Willi
bb34d2611f
updated ubuntu packages for release compatible with NM svn20080908
2008-09-12 13:48:11 +00:00
Martin Willi
f061d83358
ported NM plugin to upstream NetworkManager changes
...
splitted secrets (4031)
using uuid in auth-dialog (4053)
2008-09-12 13:28:31 +00:00
Martin Willi
346bb576a2
allow multiple DELETE payloads in an informational message
2008-09-11 11:14:09 +00:00
Martin Willi
b1f4785428
updated NEWS
2008-09-05 15:10:56 +00:00
Martin Willi
07447ea597
fixed ubuntu distribution/typos
2008-09-05 14:44:21 +00:00
Martin Willi
f494dbd494
new ubuntu package release
2008-09-05 14:01:47 +00:00
Martin Willi
1d03954aad
NM plugin supports (encrypted) private key files
2008-09-05 13:26:58 +00:00
Andreas Steffen
07d7f9a402
time values in strongswan.conf can be optionally specified in days (d), hours (h), minutes (m), or seconds (s)
2008-09-04 16:19:46 +00:00
Martin Willi
e376d75f96
some NEWS
2008-09-04 14:52:33 +00:00
Martin Willi
0c6a489046
fixed some translations/encoding
2008-09-04 13:51:35 +00:00
Martin Willi
f0e8a8f7f3
an initial German translation for NM plugin
2008-09-04 13:39:37 +00:00
Martin Willi
3876c44175
updated debian build to extended nm plugin
2008-09-04 11:55:31 +00:00
Martin Willi
82840e6c92
reduced nm verbosity
2008-09-04 10:35:20 +00:00
Martin Willi
aff26a62c3
implemented NetworkManager certificate/private key authentication using ssh-agent
2008-09-04 08:40:37 +00:00
Martin Willi
994ed35312
added a configure option to select charon binary
2008-09-04 08:37:31 +00:00
Martin Willi
6af6f88a79
agent plugin optionally accepts a BUILD_PUBLIC_KEY to select a specific private key from the agent
2008-09-04 08:35:11 +00:00
Andreas Steffen
60055b7e1c
charon.keep_alive = 0 disables the sending of NAT keep alives
2008-09-03 19:00:08 +00:00
Andreas Steffen
3dfecde4c0
configure NAT keep alive interval using the charon.keep_alive key
2008-09-03 18:49:06 +00:00
Tobias Brunner
6283b1f1f8
typos
2008-09-03 07:44:46 +00:00
Martin Willi
703791715b
handle INFORMATIONAL exchanges with NATD payloads in mobike task
2008-09-02 14:02:40 +00:00
Martin Willi
21c9546321
libstrongswan agent plugin to use ssh-agent for RSA signatures
2008-09-02 11:04:26 +00:00
Martin Willi
46eb41644d
ported openac to credential factory changes
2008-09-02 11:01:05 +00:00
Martin Willi
f7c17aa15c
refactored credential builder
...
allow enumeration of matching builders
try a second builder if the first one fails
builder clones resources internally on demand
caller frees added resources on failure and success
stricter handling of non-supported build parts
2008-09-02 11:00:13 +00:00