ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
8,195 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

8195 Commits

Author SHA1 Message Date
Martin Willi d1fbb0a4b3 Renamed radius_server to radius_config, as some real RADIUS server functionality is coming 2012-03-05 18:31:30 +01:00
Martin Willi 2e3615e4ad Prefer EAP-Identity to read radattr RADIUS attribute file 2012-03-05 18:08:04 +01:00
Martin Willi 4cd176d525 Invoke ike_updown hook on authentication failure not before response sent 2012-03-05 18:08:04 +01:00
Martin Willi 0853ff39c5 Build libradius if radattr plugin is enabled 2012-03-05 18:08:04 +01:00
Martin Willi 3ccc8a191c Inject RADIUS attribute in radattr plugin read from an identity specific file 2012-03-05 18:08:04 +01:00
Martin Willi caf4b88efc Added a radattr plugin that prints any received RADIUS notify to console 2012-03-05 18:08:04 +01:00
Martin Willi f0f94e2ce6 Moved generic RADIUS protocol support to a dedicated libradius 2012-03-05 18:08:04 +01:00
Martin Willi 990fda9d88 Removed libcharon dependencies from generic RADIUS protocol support 2012-03-05 18:06:15 +01:00
Martin Willi 99cb353968 Forward specifcied RADIUS attributes between AAA backend and client 2012-03-05 18:06:15 +01:00
Martin Willi 007d5b9218 Defined a private status notify to transport arbitrary RADIUS attributes 2012-03-05 18:06:14 +01:00
Martin Willi c158ccd960 Implemented RADIUS DAE response retransmission 2012-03-05 18:06:14 +01:00
Martin Willi fbaf5cd213 Be a little more verbose before starting IKE_SA reauthentication 2012-03-05 18:06:14 +01:00
Martin Willi 4d19f7c5bf Process RADIUS DAE CoA updates, updating lifetimes 2012-03-05 18:06:14 +01:00
Martin Willi a07b69734b Send an AUTH_LIFETIME update after updating the lifetime, but can not reauth actively 2012-03-05 18:06:14 +01:00
Martin Willi d23c159658 Use faster ike_sa_id and a delete job to handle RADIUS DAE Delete-Request 2012-03-05 18:06:14 +01:00
Martin Willi 245e3c52a2 Refactored RADIUS DAE IKE_SA lookup 2012-03-05 18:06:14 +01:00
Martin Willi 964b0c144e Pass RADIUS DAE client address a host_t instead of sockaddr struct 2012-03-05 18:06:14 +01:00
Martin Willi 9756c143f0 Send RADIUS DAE Disconnect-ACK/NAK on Disconnect-Request 2012-03-05 18:06:14 +01:00
Martin Willi 392618d4ec Support signing of RADIUS response messages 2012-03-05 18:06:13 +01:00
Martin Willi 2bf3858955 Act on RADIUS DAE Disconnect requests 2012-03-05 18:06:13 +01:00
Martin Willi 76b6b19f8d Verify received RADIUS DAE requests 2012-03-05 18:06:13 +01:00
Martin Willi e8a8179706 Support verification of RADIUS request messages 2012-03-05 18:06:13 +01:00
Martin Willi 3bc1829211 Rename RADIUS message constructors to handle both, requests and responses 2012-03-05 18:06:13 +01:00
Martin Willi 6319ce63cf Enable RADIUS DAE listening if configured 2012-03-05 18:06:13 +01:00
Martin Willi 85932ad24e Added infrastructure to listen to RADIUS Dynamic Authorization Extension requests 2012-03-05 18:06:13 +01:00
Martin Willi 3a42c08904 Added Dynamic Authorization Extension RADIUS message codes 2012-03-05 18:06:13 +01:00
Martin Willi c61341a58f Set IKE_SA lifetime based on RADIUS Session-Timeout attribute 2012-03-05 18:06:13 +01:00
Martin Willi bdcf441703 Set hard timeouts when setting a lifetime 2012-03-05 18:06:13 +01:00
Martin Willi e9fcf1c6cc Fix IKE_SA timeout debug output on 64bit platforms 2012-03-05 18:06:13 +01:00
Tobias Brunner 0808d60ebf maemo: New upstream release. 2012-02-27 18:15:51 +01:00
Tobias Brunner 686cfd4e34 Added support for untruncated MD5 and SHA1 HMACs in ESP as used in RFC 4595. 
This requires a Linux kernel >= 2.6.33.
 2012-02-27 14:31:19 +01:00
Martin Willi 3a2660f189 Encode IPv6 virtual IPs in a Framed-IPv6-Prefix attribute 2012-02-24 11:20:16 +01:00
Martin Willi d15ae70c8c Refactored construction of RADIUS accounting messages 2012-02-24 11:12:18 +01:00
Martin Willi d93f204ca5 Include port numbers in Calling-Station-Id, too 2012-02-24 10:49:29 +01:00
Martin Willi 802ed08dff Use large enough buffers for IPv6 addresses in Calling-Station-Id 2012-02-24 10:13:08 +01:00
Martin Willi 434cdbac09 Send client external address as Calling-Station-Id in RADIUS accounting 2012-02-24 10:05:23 +01:00
Andreas Steffen f3d6b9c88c added missing x character 2012-02-21 16:29:35 +01:00
Andreas Steffen e4f554404e handle case where subject = NULL but keyid is set 2012-02-20 12:12:31 +01:00
Andreas Steffen 81ce0cf67e libtnccs is required by the eap_tnc plugin 2012-02-20 09:04:02 +01:00
Andreas Steffen f8b1b32768 charon does not depend on libtncif any more but tnc_tnccs does 2012-02-20 08:00:48 +01:00
Andreas Steffen 05f421b7d3 build libstrongswan if libimcv is built 2012-02-16 23:28:38 +01:00
Andreas Steffen a54cf814e6 version bump to 4.6.2 2012-02-16 00:10:36 +01:00
Andreas Steffen 1b9c613b77 fixed attest sql query in list_measurements() 2012-02-15 23:13:05 +01:00
Tobias Brunner a190ec0ac5 Compiler warnings fixed. 2012-02-14 16:09:44 +01:00
Tobias Brunner 0f7d381cfe pluto: Print expiry time more properly. 2012-02-14 09:38:00 +01:00
Tobias Brunner 7efde9011e pluto: Drop support for legacy PSK format. 
Any line in ipsec.secrets starting with " or ' was treated as PSK
without ID selectors by pluto.  This prevented it from supporting DNs
like "C=CH, O=Linux strongSwan, OU=Sales, CN=alice@strongswan.org" as
ID selectors.

PSKs defined in this legacy format can easily be updated by changing

"thisIsASecret"

into

: PSK "thisIsASecret"
 2012-02-08 13:36:32 +01:00
Andreas Steffen e01751035e completed imc/imv-attestation settings 2012-02-07 22:11:51 +01:00
Andreas Steffen 2af22e1135 adapted debug output check in openssl-ikev2/rw-eap-tls-only scenario 2012-02-07 20:31:17 +01:00
Martin Willi ae10ee6d0b Double check if a cached suite is available, overwrite any old suite state 2012-02-07 11:42:57 +01:00
Tobias Brunner b96eb46d5c Some Doxygen fixes. 2012-02-07 11:20:46 +01:00