Andreas Steffen
4da0116d78
OIDs used by strongSwan
2008-09-01 11:38:03 +00:00
Andreas Steffen
1a4d27c854
added thread_analysis tool
2008-09-01 11:19:07 +00:00
Martin Willi
eb3e27059b
use libcap for capability dropping
...
optional, must be enabled --with-capabilities=libcap
will be extended to support --with-capabilities=libcap2
2008-08-29 09:24:14 +00:00
Andreas Steffen
8fa6f2dc66
streamlined ipsec listalgs output
2008-08-29 05:35:09 +00:00
Martin Willi
e609b1cda2
capability API to allow plugin-controlled capability set
2008-08-28 16:27:48 +00:00
Martin Willi
dc98e50153
cosmetics
2008-08-28 11:15:01 +00:00
Martin Willi
e577ad3985
creating default IKE proposals dynamically using algorithm enumeration API
2008-08-28 11:07:57 +00:00
Martin Willi
f1b014b9a3
separated sha1_prf implementation from sha1_hasher
2008-08-28 10:57:24 +00:00
Martin Willi
9482208633
crypto_factory algorithm enumeration API
...
implementation of "ipsec listalgs"
2008-08-28 09:24:42 +00:00
Tobias Brunner
8bbc7ca710
* allow to load templates from arbitrary places
...
* changed implementation of guest?/iface?
2008-08-28 08:05:07 +00:00
Tobias Brunner
6c20579a43
mkdir_p: utility function to create a directory and all required parent directories
2008-08-28 07:47:55 +00:00
Martin Willi
018ae7c1aa
build scripts for ubuntu NetworkManager packages
2008-08-27 13:51:05 +00:00
Martin Willi
ee210ca353
check user account validity after PAM authentication
2008-08-27 13:48:54 +00:00
Andreas Steffen
a9bb69c8a8
version bump to 4.2.7
2008-08-27 12:01:57 +00:00
Martin Willi
609166f49f
additional NEWS for 4.2.6
2008-08-27 08:39:09 +00:00
Tobias Brunner
ca4f63383c
* guest#running?
...
* guest?, iface? (also Guest.include? resp. guest.include?)
* easy accessors for guests and ifaces (Guest.sun instead of Guest["sun"] and guest.eth0 instead of guest["eth0"])
* if a block is given for iface#add or iface#del then the change is only temporary while executing the block and gets reverted afterwards
2008-08-27 07:35:20 +00:00
Andreas Steffen
9f9d6ece39
my changes for the 4.2.6 release
2008-08-27 07:19:40 +00:00
Andreas Steffen
2c6dced953
added ikev2/rw-eap-aka-identity scenario
2008-08-26 20:02:58 +00:00
Andreas Steffen
a44d02627f
cosmetics
2008-08-26 19:54:47 +00:00
Andreas Steffen
41dc6b56b0
ipsec statusall lists eap_type and eap_identity
2008-08-26 19:45:44 +00:00
Andreas Steffen
a625146517
enable-eap-identity in UML scenarios
2008-08-26 19:17:14 +00:00
Martin Willi
281dd55891
using strongSwan, not NetworkManager version number
2008-08-26 14:27:53 +00:00
Martin Willi
be49236373
fixing charon path for now for ubuntu package
2008-08-26 14:27:12 +00:00
Andreas Steffen
d9fc51387d
added ikev2/multi-level-ca-cr-init and ikev2/multi-level-ca-cr-resp scenarios
2008-08-26 05:34:33 +00:00
Andreas Steffen
919019b3cd
completed support of AUTHZ_CA_CERT and AUTHZ_CA_CERT_NAME attributes
2008-08-26 05:15:34 +00:00
Andreas Steffen
bafb220857
adapted sql/rw-eap-aka-rsa scenario to new EAP identity type
2008-08-25 13:52:26 +00:00
Andreas Steffen
3c87e92695
list CA restrictions in ipsec statusall
2008-08-25 12:35:18 +00:00
Martin Willi
f6ecd44fc6
added NM gnome plugin to distribution
2008-08-25 08:21:51 +00:00
Martin Willi
c1ee908e4c
removed generated Makefile.in.in from svn
2008-08-25 08:15:57 +00:00
Martin Willi
a88aae3df6
enforce DN of configured gateway certificate
2008-08-25 07:50:21 +00:00
Martin Willi
7945c90adb
new EAP-Identity handling uses ID_EAP in plugins
2008-08-25 07:49:48 +00:00
Martin Willi
1a109c9fc6
disabled PSK option until we have a way to enforce strong secrets
2008-08-25 07:48:11 +00:00
Martin Willi
1995f79f10
use username part of RFC822 IDs for PAM authentication
2008-08-25 07:47:16 +00:00
Martin Willi
822901061b
ported parts of two-sim branch
...
eap_identity parameter to exchange in eap_identity
some auth_info/peer_cfg refactorings
fixed some bugs, introduced new ones
2008-08-22 10:44:51 +00:00
Martin Willi
7c112a12c0
run guests with some niceness
2008-08-22 08:37:15 +00:00
Martin Willi
5ba7efb083
pool names are unique
2008-08-22 07:38:59 +00:00
Martin Willi
3e45b3a1ad
do not return IPv6 src addresses for IPv4 destinations
2008-08-21 15:17:45 +00:00
Martin Willi
b848f0377c
fixed EAP-GTC secret lookup
...
improved error logging
PAM authentication needs CAP_AUDIT_WRITE capability
2008-08-21 14:40:03 +00:00
Martin Willi
1caa265c61
a (incomplete) implementation of draft-sheffer-ikev2-gtc-00.txt using PAM
2008-08-21 12:10:07 +00:00
Andreas Steffen
dc6a2edd0d
corrected caption
2008-08-21 11:58:58 +00:00
Andreas Steffen
5cd07d18a3
charon.process_route = no does not process RTM_NEWROUTE and RTM_DELROUTE events. Useful for taking down hundreds of virtual IPs on the same host
2008-08-21 11:55:16 +00:00
Martin Willi
2d6559b107
added sqlite busy handler: retries on locking conflicts
2008-08-21 09:25:06 +00:00
Martin Willi
02e907fe66
avoid too many alloca()s in netlink send, problematic on MIPS
2008-08-21 07:55:16 +00:00
Martin Willi
bdbf3c49fc
some string fixes
2008-08-20 13:59:37 +00:00
Martin Willi
6368a58ffc
added missing tooltip
2008-08-20 12:02:53 +00:00
Martin Willi
1b9f6c2410
handle DBUS permission problems gracefully
2008-08-20 11:44:47 +00:00
Martin Willi
142eaea43c
fixed shared key lookup by ID
...
proper auth method selection
2008-08-20 08:51:18 +00:00
Martin Willi
592dc30108
fixed auth-dialog password flush
2008-08-20 08:49:47 +00:00
Andreas Steffen
59bb33e1e0
set version back to 4.2.6
2008-08-19 18:53:15 +00:00
Andreas Steffen
af165431d2
fixed libstrongswan integrity test
2008-08-19 18:51:30 +00:00