Andreas Steffen
|
dbc45e90d4
|
fixed memory leak by calling curl_slist_free_all(headers)
|
2007-03-09 16:08:28 +00:00 |
|
Andreas Steffen
|
bb225522c7
|
whitelisting static Curl_getaddrinfo() memory leak
|
2007-03-09 16:07:22 +00:00 |
|
Andreas Steffen
|
5455cf230f
|
fixed a certinfo_t memory leak in verify()
|
2007-03-09 14:59:28 +00:00 |
|
Andreas Steffen
|
d45d2f1e21
|
fixed a memory leak in response_t
|
2007-03-09 14:44:34 +00:00 |
|
Andreas Steffen
|
1bcb84605f
|
ocsp signer certificate and ocsp response signature can be verified
|
2007-03-08 23:29:04 +00:00 |
|
Martin Willi
|
f5fbad4a62
|
fixed memleaks when using EAP authentication
fixed configuration payloads when using EAP
|
2007-03-08 22:56:14 +00:00 |
|
Martin Willi
|
5744d3e777
|
fixed payload order (again)
|
2007-03-08 20:21:17 +00:00 |
|
Martin Willi
|
1216db7e8b
|
including peers certificate when his certreq is empty
|
2007-03-08 20:19:24 +00:00 |
|
Martin Willi
|
e5a7f1cd08
|
implemented cookies as initiator
proper logging of notifies in IKE_SA setup
|
2007-03-08 20:18:39 +00:00 |
|
Martin Willi
|
bb32e76c3a
|
disabling routing for IPv6, does not work correctly
|
2007-03-08 20:17:34 +00:00 |
|
Andreas Steffen
|
162afac75f
|
fixed call of add_auth_certificate()
|
2007-03-08 19:44:14 +00:00 |
|
Andreas Steffen
|
33d108de22
|
generalized get_ca_certificate() to get_auth_certificate(auth_flags)
|
2007-03-08 18:56:43 +00:00 |
|
Andreas Steffen
|
54645fb275
|
added fetcher_finalize() to clean up libcurl
|
2007-03-08 17:00:32 +00:00 |
|
Martin Willi
|
8b8dd69dee
|
some cleanups
not installing %any DNS servers
|
2007-03-08 16:58:59 +00:00 |
|
Andreas Steffen
|
8d0cd21a01
|
support of setting and getting authority flags
|
2007-03-08 16:48:16 +00:00 |
|
Andreas Steffen
|
9149635ffa
|
support if ocsp signing certificates
|
2007-03-08 16:47:18 +00:00 |
|
Andreas Steffen
|
9f4039755d
|
support if ocsp signing certificates
|
2007-03-08 16:46:50 +00:00 |
|
Martin Willi
|
3b7fdcf6c6
|
fixed payload order in IKE_AUTH
|
2007-03-08 15:59:21 +00:00 |
|
Martin Willi
|
069f01cfef
|
removed SHA2 kernel proposals from default, the kernel doesn't support them yet
|
2007-03-08 15:18:51 +00:00 |
|
Martin Willi
|
f007a70055
|
allocation fixes, not complete
|
2007-03-08 14:41:30 +00:00 |
|
Martin Willi
|
2c7fe7f530
|
handling "No policy found" properly
|
2007-03-08 14:41:09 +00:00 |
|
Martin Willi
|
0cde6c412b
|
added more debugging output for policy lookup
returning a (dummy) policy even when TS does not match, so we can properly send a TS_UNACCEPTABLE
|
2007-03-08 14:40:15 +00:00 |
|
Martin Willi
|
9b8b3e5f5c
|
fixed CHILD_SA creation within existing IKE_SA
|
2007-03-08 12:28:10 +00:00 |
|
Andreas Steffen
|
95f6a18fc7
|
added ocsp_parse_single_response
|
2007-03-08 00:35:20 +00:00 |
|
Martin Willi
|
49e8ac052d
|
ported changes from EAP branch, renabling EAP framework
|
2007-03-08 00:27:43 +00:00 |
|
Martin Willi
|
3c6337793f
|
added (not yet supported) sha2 algorithms to kernel
only adding a route if using tunnel mode
|
2007-03-08 00:17:57 +00:00 |
|
Martin Willi
|
9aa20fdae8
|
added SHA2 MAC and PRF to default proposal
|
2007-03-08 00:16:33 +00:00 |
|
Martin Willi
|
ea235d388e
|
added more debug output
|
2007-03-08 00:15:15 +00:00 |
|
Martin Willi
|
3243e90188
|
experimental SHA2 HMAC and PRF implementations
|
2007-03-08 00:14:17 +00:00 |
|
Andreas Steffen
|
40695383ae
|
parsing basic ocsp response
|
2007-03-08 00:13:15 +00:00 |
|
Andreas Steffen
|
08d42d3994
|
forgot to assign public.is_ocsp_signer() method
|
2007-03-07 23:31:03 +00:00 |
|
Andreas Steffen
|
4eacb268a0
|
added parsing level to x509_create_from_chunk()
|
2007-03-07 22:58:25 +00:00 |
|
Andreas Steffen
|
8dfb0a31b5
|
added parsing level to x509_create_from_chunk() and added is_ocsp_signer() method
|
2007-03-07 22:57:50 +00:00 |
|
Andreas Steffen
|
78703918aa
|
http post fetching using libcurl implemented
|
2007-03-07 19:28:03 +00:00 |
|
Andreas Steffen
|
bdfff62db9
|
added fetcher.h and fetcher.c
|
2007-03-07 14:13:01 +00:00 |
|
Andreas Steffen
|
6a65758a80
|
added
|
2007-03-07 14:12:36 +00:00 |
|
Andreas Steffen
|
a7d67e77a1
|
corrected @ingroup to utils
|
2007-03-07 14:11:47 +00:00 |
|
Andreas Steffen
|
62a8ee10c3
|
corrected comment
|
2007-03-07 14:11:02 +00:00 |
|
Andreas Steffen
|
dd82ca4dcc
|
start ocsp checking only if there are any ocspuris present
|
2007-03-07 13:22:07 +00:00 |
|
Andreas Steffen
|
0d1f911065
|
conntrack -F is used to flush the NAT states
|
2007-03-07 04:45:12 +00:00 |
|
Andreas Steffen
|
26ad49c8e7
|
the hostaccess=yes parameters are not needed anymore
|
2007-03-07 04:44:25 +00:00 |
|
Andreas Steffen
|
854b4e4460
|
use conntrack -F to flush NAT states
|
2007-03-07 04:29:13 +00:00 |
|
Andreas Steffen
|
764804739f
|
replaced actual virtual IP addresses by symbolic ones
|
2007-03-07 04:28:34 +00:00 |
|
Andreas Steffen
|
74d1b5e5b0
|
removed unnecessary double quotes
|
2007-03-07 04:27:32 +00:00 |
|
Andreas Steffen
|
817fecddc9
|
nonce in ocsp_t was not properly initialized
|
2007-03-07 04:22:21 +00:00 |
|
Andreas Steffen
|
7687c463da
|
ocsp request is now fully built but without requestor signature
|
2007-03-07 03:39:40 +00:00 |
|
Andreas Steffen
|
45fe480e87
|
starting to build ocsp request
|
2007-03-06 23:05:44 +00:00 |
|
Martin Willi
|
2540992a06
|
prevent from initiating multiple exchanges the same time
|
2007-03-06 22:17:53 +00:00 |
|
Martin Willi
|
915c065d61
|
updated apidoc documentation
|
2007-03-06 22:17:21 +00:00 |
|
Martin Willi
|
c676f2e2a6
|
fixed notify handling in IKE_AUTH
moved nonce payload before TS in CHILD_SA setup
|
2007-03-06 20:58:39 +00:00 |