ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
5,648 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

5648 Commits

Author SHA1 Message Date
Martin Willi 9e2c88b98d Use a m4 helper macro to build plugin lists 2010-08-12 13:14:32 +02:00
Martin Willi 8bec0f5153 Implemented Smartcard support in NetworkManager frontend 2010-08-11 16:32:04 +02:00
Martin Willi 01e4f5f32f Implemented public key encryption/private key decryption in PKCS#11 2010-08-11 12:12:37 +02:00
Martin Willi aea735ef63 Discard a packet that exceeds the receive buffer 2010-08-11 10:52:59 +02:00
Martin Willi 10a2e09b55 Added a strongswan.conf option to change socket receive buffer size 2010-08-11 10:48:17 +02:00
Martin Willi 4ec53e95f5 Double check that the OpenSSL RNG has been seeded, do so otherwise 2010-08-11 10:12:50 +02:00
Martin Willi d775af9d18 Implemented RSA en-/decryption in openssl plugin 2010-08-11 09:53:45 +02:00
Andreas Steffen 133accfcfd differentiate between TLS messages and EAP-[T]TLS packets in the debug output 2010-08-10 19:02:05 +02:00
Martin Willi 07d2b39123 Parse important extendedKeyUsage flags in openssl plugin 2010-08-10 18:46:31 +02:00
Martin Willi a0a8aaaf4f Parse UPN subjectAltName in openssl plugin 2010-08-10 18:46:31 +02:00
Martin Willi 772cba39e4 Parse UPN subjectAltNames in x509 plugin 2010-08-10 18:46:31 +02:00
Martin Willi 82f62a7447 Added Microsoft OID for user principal name (UPN) subjectAltNames 2010-08-10 18:46:31 +02:00
Martin Willi 3d711a68fb Added a stroke command to export cached x509 certificates to the console 2010-08-10 18:46:30 +02:00
Martin Willi a944d2092b Use bits instead of bytes for a private/public key 2010-08-10 18:46:30 +02:00
Martin Willi 33ddaaabec Added support for different encryption schemes to private/public keys 2010-08-10 18:46:30 +02:00
Martin Willi 3547a9b87d Migrated agent plugin to INIT/METHOD macros 2010-08-10 18:46:30 +02:00
Martin Willi 57202484e4 Migrated remaining classes in openssl plugin to INIT/METHOD macros 2010-08-10 18:46:30 +02:00
Martin Willi 646babd354 Migraded gcrypt plugin to INIT/METHOD macros 2010-08-10 18:46:30 +02:00
Martin Willi 876b61e132 Migrated gmp plugin to INIT/METHOD macros 2010-08-10 18:46:30 +02:00
Tobias Brunner 6432669fa2 Added support for early and late calls to Vstr wrappers. 
That is, prevent a SIGSEGV if Vstr wrappers are called before printf_hook_t
is initialized and after it is destroyed.
 2010-08-10 13:00:20 +02:00
Martin Willi 478eb66030 Fixed settings lookup if the section/key contains dots, second try 2010-08-09 14:30:16 +02:00
Andreas Steffen 3810afa9f9 log final TLS acknowledgement packet 2010-08-08 19:14:53 +02:00
Andreas Steffen ded59df4fc added level 2 debug info on sent TLS packets 2010-08-07 11:26:04 +02:00
Andreas Steffen ab47a7924b log EAP-TTLS version 2010-08-07 11:26:04 +02:00
Andreas Steffen a622c6d019 fixed typo 2010-08-07 11:26:04 +02:00
Andreas Steffen a6444fcdd4 EAP-TLS and EAP-TTLS use different constant MSK PRF label 2010-08-07 11:26:04 +02:00
Andreas Steffen b4d30a425e support server authentication only for EAP-TTLS 2010-08-07 11:26:04 +02:00
Andreas Steffen 26eb9b2d17 added eap_ttls plugin configuration 2010-08-07 11:26:04 +02:00
Tobias Brunner fa9f101345 Properly initialize libstrongswan in _copyright. 
This is required if libvstr is used.
 2010-08-06 19:56:42 +02:00
Tobias Brunner 7c3dd613d7 Added missing Vstr wrappers for asprintf. 2010-08-06 19:56:42 +02:00
Martin Willi 7c03d707a5 Create a PKCS#11 session public key if we don't find one 2010-08-06 17:32:32 +02:00
Martin Willi fed9407bb1 Implemented PKCS#11 RSA public key for keys found on a token 2010-08-06 17:02:41 +02:00
Martin Willi babed73257 Export scheme_to_mechanism conversion function 2010-08-06 17:02:01 +02:00
Martin Willi a02784da5d Load certificate after enumeration 2010-08-06 17:00:23 +02:00
Jiri Bohac 30d8e8d04d fix error-type range in parsing of NOTIFY payloads 2010-08-06 11:47:35 +02:00
Andreas Steffen fd8ad4198d added TTLS to EAP short names, too 2010-08-06 06:06:40 +02:00
Andreas Steffen f32e56bbce added EAP_TTLS method 2010-08-05 21:01:39 +02:00
Andreas Steffen 6ac797ad3a added ikev2/rw-eap-tls-radius 2010-08-05 19:28:06 +02:00
Martin Willi 37d2d7e158 Whitespace cleanups 2010-08-05 13:58:49 +02:00
Martin Willi e85bca7f22 Use certificate subject to get a public key of the TLS server 2010-08-05 13:13:45 +02:00
Andreas Steffen 6b717cc28d no need for strongSwan VID since the EAP_ONLY notification has been officially registered with IANA 2010-08-05 12:47:09 +02:00
Tobias Brunner edb82ab8ae Some Doxygen fixes. 2010-08-05 11:53:53 +02:00
Andreas Steffen 7ea87db00d added some more TLS debug output 2010-08-05 09:51:05 +02:00
Andreas Steffen 7030e3950a fixed type in cipher suite list build 2010-08-05 01:26:10 +02:00
Andreas Steffen 4657b3a42a log selected TLS version and cipher suite 2010-08-05 01:21:59 +02:00
Andreas Steffen 289c9ac3d7 log TLS handshake messages in debug level 2 2010-08-04 16:55:55 +02:00
Tobias Brunner 744b83c7c9 Fixed loading of secrets with IDs. 
Since the ID string is manually terminated by a null character, write
permission is required for the mmapped ipsec.secrets.
 2010-08-04 16:03:46 +02:00
Tobias Brunner dca2d89209 Fixed loading of private keys without password. 
The chunk storing the password was not correctly initialized, resulting
in a segmentation fault when no password was specified in ipsec.secrets.
 2010-08-04 14:22:48 +02:00
Tobias Brunner 83628fd600 Accept EAP_ONLY_AUTHENTICATION notifies from any client, now that IANA allocated an ID. 2010-08-04 12:58:53 +02:00
Andreas Steffen 8e7920eea1 generated aaa certificate 2010-08-04 12:44:47 +02:00