Tobias Brunner
fff4b74db2
Bye bye Pluto!
...
Charon will take over IKEv1 duties from here. This also removes
libfreeswan and whack.
2012-06-11 17:33:32 +02:00
Andreas Steffen
1527307ec9
version bump to 5.0.0rc1
2012-06-09 14:05:08 +02:00
Tobias Brunner
7a56c35fc9
Remove executable flag from source files.
2012-05-18 10:04:08 +02:00
Adrian-Ken Rueegsegger
04024b5de8
Add nonce plugin implementation
...
This nonce generator uses an RNG to generate nonces. The RNG quality is
currently set to RNG_WEAK which is the same value used in IKE init.
The plugin is enabled and thus built by default.
2012-05-18 08:15:40 +02:00
Tobias Brunner
0aa90701f6
It seems charon-nm has to be linked against libnm-util.
...
That's at least the case for NetworkManager 0.9.4 in Ubuntu 12.04.
2012-05-03 15:17:57 +02:00
Tobias Brunner
b64f333612
Integrate nm plugin directly in charon-nm.
2012-05-03 13:57:03 +02:00
Tobias Brunner
1c7a733e36
Added a small libcharon wrapper intended to directly host the nm plugin.
...
For this reason it reclaims the --enable-nm configure option.
2012-05-03 13:38:14 +02:00
Tobias Brunner
94b48e071a
Provide plugin list from charon, not internally in libcharon.
2012-05-03 13:14:07 +02:00
Martin Willi
b24be29646
Merge branch 'ikev1'
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
2012-05-02 11:12:31 +02:00
Andreas Steffen
501c163859
version bump to 4.6.3
2012-04-30 09:48:21 +02:00
Andreas Steffen
6c97b16333
version bump to 4.6.3rc2
2012-04-22 17:41:20 +02:00
Andreas Steffen
e90e106117
version bump to 4.6.3rc1
2012-04-05 09:11:47 +02:00
Tobias Brunner
c0d39c205c
Implemented AES-CMAC based PRF and signer.
...
The cmac plugin implements AES-CMAC as defined in RFC 4493 and the
signer and PRF based on it as defined in RFC 4494 and RFC 4615,
respectively.
2012-04-03 10:40:47 +02:00
Martin Willi
b1f2f05c92
Merge branch 'ikev1-clean' into ikev1-master
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/daemon.c
src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
src/libcharon/plugins/eap_radius/eap_radius_accounting.c
src/libcharon/plugins/eap_radius/eap_radius_forward.c
src/libcharon/plugins/farp/farp_listener.c
src/libcharon/sa/ike_sa.c
src/libcharon/sa/keymat.c
src/libcharon/sa/task_manager.c
src/libcharon/sa/trap_manager.c
src/libstrongswan/plugins/x509/x509_cert.c
src/libstrongswan/utils.h
Applied lost changes of moved files keymat.c and task_manager.c.
Updated listener_t.message hook signature in new plugins.
2012-03-20 17:57:53 +01:00
Martin Willi
85fc1eb640
Added an XAuth plugin that forwards authentication to EAP methods
2012-03-20 17:31:28 +01:00
Martin Willi
e51a28fda8
Added a --disable-ikev2 option to disable IKEv2 support in charon
2012-03-20 17:31:26 +01:00
Tobias Brunner
3d44d735c6
Added generic XAuth backend, using secrets provided by credential sets.
2012-03-20 17:31:17 +01:00
Tobias Brunner
41e1e435d9
Removed xauth-null dummy plugin.
2012-03-20 17:31:17 +01:00
Andreas Steffen
8c583c110e
version bump to 5.0.0dr1
2012-03-20 17:31:11 +01:00
Clavister OpenSource
4394d96844
IKEv1 XAuth: Added a "NULL" XAuth plugin which sends a hardcoded user/pass, and blindly accepts whatever user/pass is sent it. Changed the xauth_request task to use this new plugin. Add --enable-xauth-null to your configure line to build with the new plugin.
2012-03-20 17:31:11 +01:00
Tobias Brunner
ccdd3a4cee
Added configure option for the IKEv1 implementation in charon.
2012-03-20 17:30:39 +01:00
Andreas Steffen
584178c3bb
version bump to 4.6.3dr2
2012-03-16 22:21:54 +01:00
Andreas Steffen
c224f7654d
version bump to 4.6.3dr1
2012-03-14 07:45:35 +01:00
Andreas Steffen
21b0f216b9
created libradius shared by eap-radius and tnc-pdp plugins
2012-03-13 16:27:17 +01:00
Andreas Steffen
70fd2d1af7
created tnc-pdp policy decision point plugin
2012-03-13 16:27:16 +01:00
Martin Willi
0853ff39c5
Build libradius if radattr plugin is enabled
2012-03-05 18:08:04 +01:00
Martin Willi
caf4b88efc
Added a radattr plugin that prints any received RADIUS notify to console
2012-03-05 18:08:04 +01:00
Martin Willi
f0f94e2ce6
Moved generic RADIUS protocol support to a dedicated libradius
2012-03-05 18:08:04 +01:00
Andreas Steffen
f3d6b9c88c
added missing x character
2012-02-21 16:29:35 +01:00
Andreas Steffen
81ce0cf67e
libtnccs is required by the eap_tnc plugin
2012-02-20 09:04:02 +01:00
Andreas Steffen
f8b1b32768
charon does not depend on libtncif any more but tnc_tnccs does
2012-02-20 08:00:48 +01:00
Andreas Steffen
05f421b7d3
build libstrongswan if libimcv is built
2012-02-16 23:28:38 +01:00
Andreas Steffen
a54cf814e6
version bump to 4.6.2
2012-02-16 00:10:36 +01:00
Andreas Steffen
b3cbc53893
version bump to 4.6.2rc1
2012-02-05 22:24:56 +01:00
Andreas Steffen
2a77a27213
version bump to 4.6.2dr4
2012-02-02 18:26:12 +01:00
Tobias Brunner
5ec525c1d1
Added PKCS#8 stub plugin.
2012-02-01 18:27:45 +01:00
Martin Willi
023800ba62
Build libstrongswan if libfast gets built
2012-01-24 18:23:44 +01:00
Tobias Brunner
17e3a92661
Fix gettid() on Android, which is defined in unistd.h there.
2012-01-12 11:08:22 +01:00
Tobias Brunner
66f16d9629
Use native gettid() if available (which is the case on Android).
2012-01-10 18:31:33 +01:00
Andreas Steffen
cb4da3f610
register aik certificate via ipsec attest
2011-12-25 14:31:26 +01:00
Andreas Steffen
005d981cc2
check for TrouSerS
2011-12-18 18:26:38 +01:00
Tobias Brunner
c17f6f96e2
Log native thread ID when a thread is created.
...
If possible gettid() is used, otherwise pthread_self() is logged (which is
not completely portable, but seems to work on most supported platforms).
2011-12-16 16:44:38 +01:00
Andreas Steffen
0e94ae1286
Revert "fixed caption alignment"
...
This reverts commit d463def798
.
2011-12-16 14:19:14 +01:00
Andreas Steffen
d463def798
fixed caption alignment
2011-12-16 14:15:46 +01:00
Andreas Steffen
bc74e1aaf0
version bump to 4.6.2dr2
2011-12-12 10:38:23 +01:00
Andreas Steffen
b448e3ece6
moved attestation plugins to libpts in order to resolve circular reference with libimcv
2011-11-28 21:23:59 +01:00
Andreas Steffen
602122771e
automatically construct attest plugin list
2011-11-28 21:23:24 +01:00
Andreas Steffen
28ca456426
version bump to 4.6.2dr1
2011-11-28 06:01:03 +01:00
Andreas Steffen
acb92cb44c
version bump to 4.6.1
2011-11-08 21:00:09 +01:00
Andreas Steffen
74d165a94b
version bump to 4.6.0
2011-11-02 09:30:45 +01:00
Andreas Steffen
b08505da70
tnc-tnccs plugin is now included in integrity tests
2011-10-31 23:30:06 +01:00
Tobias Brunner
b3b3613c60
pkcs11: Register the pkcs11 plugin before any other crypto plugins.
...
This is what most users probably expect when they enable the pkcs11
plugin. All advanced features (like DH/RNG) are disabled by default.
2011-10-31 18:46:16 +01:00
Andreas Steffen
75093db66a
version bump to 4.6.0rc3
2011-10-26 09:17:57 +02:00
Andreas Steffen
f0a8bf47f7
refactored TNC framework
2011-10-25 01:10:16 +02:00
Andreas Steffen
f0fa002fd1
moved imc_manager to libtnccs
2011-10-25 01:10:16 +02:00
Andreas Steffen
e4e96e5c67
fixed type
2011-10-22 12:31:09 +02:00
Andreas Steffen
41273bfbee
version bump to 4.6.0rc2
2011-10-22 12:29:37 +02:00
Tobias Brunner
adab84533e
starter: Use kernel interfaces to flush SAD and SPD.
...
This now supports platforms where neither 'ip xfrm' nor 'setkey' are
available (like Android).
2011-10-21 14:24:34 +02:00
Tobias Brunner
f3a682c1ff
starter: Load plugins specific to starter.
2011-10-21 14:24:34 +02:00
Tobias Brunner
d52c37790e
pluto: Option added to disable adns.
...
This basically disables opportunistic encryption.
2011-10-14 17:36:20 +02:00
Tobias Brunner
9a8fdc159a
Added a replacement for closefrom (available on *BSD).
2011-10-13 11:19:12 +02:00
Tobias Brunner
2421ac9e98
getpass(3) is not supported on Android.
...
No replacement yet.
2011-10-11 16:30:20 +02:00
Andreas Steffen
0ea9772b9e
version bump to 4.6.0dr5
2011-10-05 21:04:07 +02:00
Tobias Brunner
439cb93ce9
Check for RTA_TABLE in configure.
2011-10-04 18:46:51 +02:00
Martin Willi
3946821937
Load eap-aka plugin before shared simaka helpers depending on it
2011-09-26 13:43:38 +00:00
Andreas Steffen
07534f8998
version bump to 4.6.0dr4
2011-09-13 23:32:37 +02:00
Andreas Steffen
3ed943c34f
created libpts
2011-09-08 12:20:58 +02:00
Andreas Steffen
f5f19c334b
removed conflicts
2011-09-08 12:08:09 +02:00
Andreas Steffen
4a492a8d1f
created empty imc_attestation and imv_attestation plugin hulls
2011-09-08 12:08:08 +02:00
Martin Willi
f9a0f55657
Check if ClearSilver actually requires zlib
2011-09-02 13:40:38 +02:00
Martin Willi
ba2201edf0
Added plugin stub of certexpire plugin
2011-08-22 18:42:32 +02:00
Andreas Steffen
756fd15f55
version bump to 4.6.0dr3
2011-08-14 09:26:21 +02:00
Andreas Steffen
92a1b234b4
version bump to 4.6.0dr2
2011-08-11 07:56:42 +02:00
Andreas Steffen
5a2e2e0b8c
version bump to 4.6.0dr1
2011-08-10 09:29:35 +02:00
Andreas Steffen
c77af76807
created tnc-ifmap plugin
2011-08-10 09:29:33 +02:00
Andreas Steffen
25ea6c1542
version bump to 4.5.3
2011-08-01 19:15:01 +02:00
Andreas Steffen
4b30589724
version bump to 4.5.3rc1
2011-07-14 23:27:07 +02:00
Andreas Steffen
19db8e9eff
install IMC and IMV dynamic libraries in imcvs directory
2011-07-06 21:53:40 +02:00
Tobias Brunner
60d62b9e5c
Don't install the libraries directly in lib/.
...
Instead use a subdirectory (prefix/lib/ipsec by default). Also moved the
plugins from libexec to a subdirectory of that dir.
2011-07-05 14:42:14 +02:00
Andreas Steffen
7dc1ff73c1
version bump to 4.5.3dr8
2011-07-05 07:37:36 +02:00
Andreas Steffen
d9cdab9249
added ITA Scanner IMC/IMV pair which detects open server ports on TNC clients
2011-07-04 21:40:25 +02:00
Andreas Steffen
d6b6a1615e
version bump to 4.5.3dr7
2011-06-29 16:51:33 +02:00
Andreas Steffen
32af7f32ea
version bump to 4.5.3dr6
2011-06-27 22:35:20 +02:00
Andreas Steffen
91a7703bc4
version bump to 4.5.3dr5
2011-06-19 23:27:43 +02:00
Martin Willi
6fe53bde24
We actually need to link against libz, as neo libraries are often static
...
This reverts commit 3c0630a797
.
2011-06-15 12:23:21 +02:00
Andreas Steffen
d97f870048
version bump to 4.5.3dr4
2011-06-10 07:45:40 +02:00
Andreas Steffen
b000bb42f9
version bump to 4.5.3dr3
2011-06-05 14:55:18 +02:00
Andreas Steffen
7c4d4d209d
make IMC/IMV pairs independent of libcharon
2011-06-01 16:33:44 +02:00
Martin Willi
91b9bc3e0f
Load af-alg with higher priority
2011-06-01 12:03:44 +02:00
Martin Willi
3c0630a797
libfast does not depend on zlib directly, clearsilver can be built without compression support
2011-06-01 12:03:44 +02:00
Andreas Steffen
3208d8a73c
do not checksum IMC/IMV plugins
2011-06-01 09:22:12 +02:00
Andreas Steffen
71ad779801
fixed location of imc_test/imv_test Makefiles
2011-06-01 08:02:16 +02:00
Andreas Steffen
5d179d1999
version bump to 4.5.3dr2
2011-05-31 06:22:42 +02:00
Andreas Steffen
510f37abd4
implemented the RFC 5792 PA-TNC protocol and an example IMC/IMV pair
2011-05-30 21:30:09 +02:00
Andreas Steffen
13eeb1d22a
version bump to 4.5.3dr1
2011-05-25 21:34:22 +02:00
Tobias Brunner
617061072b
Renamed option to enable unit tests as plugin is named unit-tester.
...
To correctly enable a plugin the names used in the ARG_ENABL_SET and
ADD_PLUGIN macros have to match (and they have, of course, to match the
plugin's name).
2011-05-24 19:28:54 +02:00
Martin Willi
8ed3c9fba5
Enable strict-aliasing warnings, we should really get rid of them
2011-05-24 12:04:35 +02:00
Martin Willi
afd53de627
Add md5 to script plugins
2011-05-20 10:08:57 +02:00
Andreas Steffen
d6fc82c12e
version bump to final 4.5.2
2011-05-14 17:12:50 +02:00
Andreas Steffen
82b43847f5
version bump to 4.5.2rc2
2011-05-08 17:56:05 +02:00