Andreas Steffen
d9d35d5911
added local CRLs
2006-06-14 12:41:37 +00:00
Andreas Steffen
71d277e468
added rekeying parameters
2006-06-14 12:41:17 +00:00
Andreas Steffen
b3b4c0e44b
corrected some descriptions
2006-06-13 11:33:13 +00:00
Andreas Steffen
3c846c630a
moved RSA key size constraints to definitions.h
2006-06-13 11:32:12 +00:00
Martin Willi
b7e3329f17
fixed down keyword
2006-06-13 10:11:45 +00:00
Martin Willi
fa32cd3c47
debug and logging improvements
2006-06-13 10:01:04 +00:00
Martin Willi
22ff6f578f
2006-06-13 10:00:19 +00:00
Andreas Steffen
64f4d91898
support for stroke listcerts|listcacerts|listcrls|listall
2006-06-12 08:47:28 +00:00
Andreas Steffen
5347233204
support for stroke listcerts|listcacerts|listall and left|rightca=
2006-06-12 08:43:46 +00:00
Andreas Steffen
299dbc604f
gperf creates optimum hash table for stroke keywords
2006-06-12 08:42:32 +00:00
Martin Willi
50f98119dd
using same reqid if a child sa rekeys an existing one
2006-06-12 08:36:41 +00:00
Andreas Steffen
fec9cb332f
NULL string argument is treated as %any
2006-06-12 08:26:14 +00:00
Andreas Steffen
bc35460db7
add_certificate() now returns pointer to added cert
2006-06-12 07:57:14 +00:00
Andreas Steffen
c4a7413e72
cosmetics
2006-06-12 07:55:37 +00:00
Andreas Steffen
016816b880
single tests now start up faster
2006-06-12 07:51:18 +00:00
Martin Willi
a2a3fb3e25
workaround for peers rekeying at the same time
...
loading lifetime policies from ipsec.conf
2006-06-12 07:33:20 +00:00
Martin Willi
695723d4e8
old child_sa gets deleted after rekeying
...
rekeying almost complete, but:
IKE_SA get in an invalid state when both initiate rekeying at the same time,
2006-06-09 15:12:43 +00:00
Andreas Steffen
2a13996de0
corrected type
2006-06-09 11:06:37 +00:00
Martin Willi
b543bef50c
improved kernel interface logging
2006-06-09 08:41:41 +00:00
Martin Willi
0bb32cb5f3
fixed clone/destroy behavior when not using CAs
2006-06-09 07:40:40 +00:00
Martin Willi
5c131a016b
specifying keysize in bits, as it is required in IKEv2
...
added generic kernel SA algorithm handling, which brings us:
aes-128, aes-256, blowfish, des, 3des and null encryption for CHILD_SAs
2006-06-09 07:31:30 +00:00
Andreas Steffen
b7f9ca5837
added support for leftsendcert= and left|rightca= parameters
2006-06-09 05:50:41 +00:00
Andreas Steffen
ac427e3677
discard cert if CA basic constraints flag is not set and warn if cert is not valide
2006-06-09 05:48:49 +00:00
Andreas Steffen
a612f2dd00
added public methods is_ca() and is_valid()
2006-06-09 05:47:00 +00:00
Andreas Steffen
5407d563b7
changed ASN.1 CONTROL log output to LEVEL2
2006-06-09 05:45:37 +00:00
Andreas Steffen
996865b09e
cosmetics
2006-06-09 05:44:34 +00:00
Martin Willi
180f924ba5
removed unused Makefile
2006-06-09 05:42:29 +00:00
Andreas Steffen
d521714c9a
stroke.h requires libstrongswan/types.h
2006-06-09 05:41:31 +00:00
Martin Willi
5238c9afef
fixed compile warnings when using -Wall
...
further CHILD_SA rekeying work done:
creation of a new CHILD_SA on a expire from a kernel works
delete of old CHILD_SA still missing
some issues when both initiate rekeing
2006-06-08 14:20:05 +00:00
Martin Willi
c0d63ac9db
updated INSTALL to conform with autotools
...
added a short HACKING introduction
2006-06-08 06:34:52 +00:00
Martin Willi
8d77eddec2
further work for rekeying:
...
get liftimes from policy
added new state
initiation of rekeying done
proposal redone:
removed support for AH+ESP proposals
2006-06-07 13:26:23 +00:00
Martin Willi
a401efd091
proper leak detective hook for realloc
...
excluded pthread_setspecific from leak detective
2006-06-07 13:22:38 +00:00
Martin Willi
6a030ba9ea
fixed a memleak
2006-06-07 05:54:09 +00:00
Andreas Steffen
0f2094930d
cosmetics
2006-06-06 06:24:04 +00:00
Andreas Steffen
71c80765a5
ipv6-host2host scenario added
2006-06-06 05:43:32 +00:00
Andreas Steffen
fc0afb6810
created IPv6 environment
2006-06-06 05:41:21 +00:00
Martin Willi
32b6500fbf
job management:
...
moved job code from thread_pool to job, jobs have an "execute" method now
added two new jobs: delete_child_sa & rekey_child_sa
kernel interface:
listens now for ACQUIRE & EXPIRE
supports hard and soft lifetimes
fires jobs for delete and rekey child sa
ike sa manager:
can checkout IKE SAs by requid of owned CHILD SAs
we have now the infrastructure to do the rekeying... :-)
2006-05-31 14:23:15 +00:00
Martin Willi
6f2aba1322
- fixed some memleaks/freebugs
...
- leak detective works almost usable now (?!)
2006-05-31 14:13:26 +00:00
Martin Willi
3b8af2ab60
- added host2host test for ikev2
2006-05-31 08:15:23 +00:00
Martin Willi
bd72398729
- fixed host-host tunnel traffic selection, host-host works now
2006-05-31 06:52:27 +00:00
Andreas Steffen
1df544d063
bug fixed circumventing an assertion in delete_connection when ikev1 is not set
2006-05-31 05:51:05 +00:00
Andreas Steffen
6848dac603
minimized prefixed on stroke logger output
2006-05-31 05:50:04 +00:00
Andreas Steffen
90ed2e8278
charon outputs strongSwan version
2006-05-31 05:48:32 +00:00
Andreas Steffen
ef8f5256d3
tests with subjectAltNames now
2006-05-31 05:47:30 +00:00
Martin Willi
2d6c3bce06
2006-05-30 14:56:12 +00:00
Martin Willi
b93782903f
- fixed event queue for events >36min
2006-05-30 13:22:46 +00:00
Martin Willi
8403b34bd9
2006-05-30 13:01:50 +00:00
Martin Willi
0773bdcf3f
- included charons module tests to build & dist
2006-05-30 13:00:18 +00:00
Andreas Steffen
6d5e617f7d
full support of ikev1 and ikev2 connection flags
2006-05-30 11:10:42 +00:00
Andreas Steffen
9db4f61476
cosmetics in log_status output
2006-05-30 11:07:14 +00:00