Tobias Brunner
1adaa02bb2
merging kernel_pfkey plugin back from kernel-interface branch
2008-10-14 08:46:31 +00:00
Martin Willi
79a878466c
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
Martin Willi
aa9a300677
userland support to process notifies for new NAT mappings detected in UDP encapsulation
2008-10-07 07:55:28 +00:00
Andreas Steffen
09d7ef2614
added --disable-kernel-netlink configure option
2008-10-03 03:27:42 +00:00
Tobias Brunner
a341a68fac
merging renaming of mode_t to ipsec_mode_t back to trunk
2008-09-25 13:56:23 +00:00
Tobias Brunner
507f26f685
merging modularized kernel interface back to trunk
2008-09-25 07:56:58 +00:00
Martin Willi
eb3e27059b
use libcap for capability dropping
...
optional, must be enabled --with-capabilities=libcap
will be extended to support --with-capabilities=libcap2
2008-08-29 09:24:14 +00:00
Martin Willi
1caa265c61
a (incomplete) implementation of draft-sheffer-ikev2-gtc-00.txt using PAM
2008-08-21 12:10:07 +00:00
Martin Willi
6dbce9c803
reimplemented dbus plugin for NetworkManager 0.7, renamed to nm
2008-07-31 11:16:14 +00:00
Martin Willi
6b64fe2684
loading unit-tester plugin as the last one
2008-07-21 11:16:07 +00:00
Martin Willi
364fca2cee
fixed identation
2008-06-19 11:50:13 +00:00
Martin Willi
61c4638646
first simple prototype of a UCI configuration plugin for OpenWRT
2008-06-17 14:17:51 +00:00
Tobias Brunner
ea0823dffd
ECDSA with OpenSSL
2008-06-10 09:08:27 +00:00
Andreas Steffen
eaa1399812
fixed the strongswan.conf path
2008-05-22 21:59:30 +00:00
Martin Willi
da1bc5e860
fixed loading of smp plugin
2008-05-19 14:20:07 +00:00
Martin Willi
99968bf0a0
fixed plugin names of EAP modules
2008-05-16 12:14:48 +00:00
Martin Willi
1ba62b5562
loading default modules depending on configure options
2008-05-16 08:52:32 +00:00
Martin Willi
782db7edd1
prototype of mediation client database plugin
2008-05-14 07:26:19 +00:00
Martin Willi
5b7ec6d4e0
renamed med_db plugin to medsrv, as we will introduce an additional medcli client plugin
2008-05-08 12:11:30 +00:00
Martin Willi
82d8368bd7
build plugins after daemon/libstrongswan
2008-04-15 07:57:01 +00:00
Martin Willi
cdcfe777f4
implementation of an CFG attribute framework, currently supporting virtual IPs
...
updated ipsec.conf sourceip parameter to support
CIDR notatation to serve from a pool
%poolname to query a separate (database?) pool
2008-04-09 12:54:47 +00:00
Martin Willi
9e72d3bcaf
defining ME globally, as we need it in plugins
2008-03-31 15:01:43 +00:00
Martin Willi
6b9290ff12
renamed xml plugin to smp to avoid confusion
...
added some dependency checks to configure
configure checks ClearSilver and fastcgi
cleanups in the build system here and there
2008-03-28 12:44:01 +00:00
Tobias Brunner
dc04b7c743
mediation extension adapted to the naming convention of the current version of the draft. note: the external interface (config, autotools) has not yet been changed
2008-03-26 18:40:19 +00:00
Martin Willi
dfd5cdcb88
cert_cache_t caches subject-issuer relations and subject certificates
...
ocsp/crl do not benefit yet due missing lookup function
2008-03-20 14:31:36 +00:00
Martin Willi
48acfe98ae
refactored trustchain verification, this should fix #33
...
moved auth_info/ocsp_response credset wrapper to separate files
2008-03-19 17:54:54 +00:00
Martin Willi
552cc11b1f
merged the modularization branch (credentials) back to trunk
2008-03-13 14:14:44 +00:00
Andreas Steffen
663fedbe44
implemented IKEV2 EAP-SIM server and client test module that use triplets stored in a file. For details see the scenario 'ikev2/rw-eap-sim-rsa'
2008-02-04 14:52:06 +00:00
Martin Willi
26e2467692
ported EAP-AKA branch into trunk
2007-12-13 10:54:29 +00:00
Martin Willi
4b403e7672
merged EAP-MD5 into trunk
2007-12-12 14:29:10 +00:00
Martin Willi
cbfb2aff50
added more ./configure build options for
...
EAP-Identity module
ipsec tools (openac, scepclient)
optional charon/pluto build
charon stroke interface
2007-12-03 14:47:15 +00:00
Martin Willi
7805ad302d
moved AUTH_LIFETIME handling in its own task (cleaner separation, proper payload order)
2007-12-03 10:52:18 +00:00
Martin Willi
8e78e43220
added a "libcharon-" prefix to plugins to avoid conflicts
2007-12-03 09:03:22 +00:00
Martin Willi
733f336ad3
socket_t implementation withouth raw sockets
...
--disable-raw-socket configure option
prevents charon/pluto to run in parallel
2007-11-26 11:20:00 +00:00
Tobias Brunner
d5cc175833
experimental P2P-NAT-T for IKEv2 merged back from branch
2007-10-03 15:10:41 +00:00
Andreas Steffen
b4979ff724
removed some empty lines
2007-09-18 11:23:52 +00:00
Martin Willi
8f561d4409
prototype implemementation of an sqlite configuration backend
2007-09-18 07:12:21 +00:00
Martin Willi
17d92e9732
further MOBIKE stuff:
...
kernel properly reports network reconfiguration and informs all IKE_SAs
MOBIKE in IKE_AUTH: MOBIKE_SUPPORTED notify and address exchange
reestablishment of IKE_SAs on network reconfiguration kinda works
not stable yet!
2007-06-21 15:25:28 +00:00
Martin Willi
26424f03c3
proper reauthentication:
...
IKE_SA is closed completely before the new is initiated,
resolves some issues when a dynamic IP is requested from a pool
2007-06-14 08:13:05 +00:00
Martin Willi
9fe1a1ca76
introduced callback_job:
...
simple asynchronous method invocation
use daemons thread pool for all threads
proper cancellation and cleanups
cancellation mechanism to dynamically unload multithreaded code
unified event_queue and scheduler => scheduler
unified job_queue and thread_pool => processor
removed job_type_t, not really needed
fixes here, there and everywhere
2007-06-11 10:57:19 +00:00
Martin Willi
bcd887781a
removed route_job, handled all in interface_manager
2007-05-16 08:49:10 +00:00
Martin Willi
3cd3f48428
properly implemented interface_managers initiate, terminte_[ike|child]
...
proper thread release when stroke is CTRL+C'ed
fixed some permission issues
2007-05-09 12:33:08 +00:00
Andreas Steffen
9c53c47bde
added interface.h
2007-04-27 21:29:31 +00:00
Andreas Steffen
0f00a094b3
added writeable_backend.h
2007-04-27 20:58:45 +00:00
Andreas Steffen
bc1214096b
fixed typo
2007-04-27 18:13:57 +00:00
Martin Willi
a84fb01b96
restructuring of configuration backends
...
added propotypes of new control interfaces (xml & dbus)
introduced loadable:
configuration backends
control interfaces
using pluggable modules as in EAP
2007-04-27 14:25:08 +00:00
Martin Willi
04a7b6d868
added most problematic linux headers to distribution
...
other/real linux header may be selected using --with-linux-headers=dir
2007-04-19 08:59:36 +00:00
Martin Willi
3b138b8422
cleaned up apidoc
...
added some comments
removed configuration.[ch], as it does not make sense like it is
2007-04-11 07:20:39 +00:00
Martin Willi
e0fe765152
restructured file layout
...
new configuration structure:
peer_cfg: configuration related to a peer (authenitcation, ...=
ike_cfg: config to use for IKE setup (proposals)
child_Cfg: config for CHILD_SA (proposals, traffic selectors)
a peer_cfg has one ike_cfg and multiple child_cfg's
stroke now uses fixed count of threads
2007-04-10 06:01:03 +00:00
Martin Willi
4deb89485c
removed send_queue, handled internally in sender_t know
...
do header parsing in receiver, ready for cookie integration
2007-03-28 13:34:02 +00:00