ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
10,067 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

2044 Commits

Author SHA1 Message Date
Tobias Brunner ed05a1a3b7 'signal' is a keyword in MySQL 5.5 
Fixes #251.
 2012-11-07 12:37:23 +01:00
Tobias Brunner 214c081dd6 Log sent vendor IDs for IKEv1 2012-11-02 15:52:19 +01:00
Tobias Brunner 531f32d62a Compiler warning fixed 2012-11-02 15:39:51 +01:00
Martin Willi 6e8f88dba3 Exclude dynamic TS from Unity Split-Include attributes 2012-10-30 09:14:44 +01:00
Tobias Brunner f30962de74 Fixed log message when no shared secret is found during IKEv1 Main Mode 2012-10-29 10:04:37 +01:00
Tobias Brunner f48e727232 Remove all ESP proposals with non-matching DH group during Quick Mode 
According to RFC 2409, section 5.5, if PFS is used all proposals MUST
include the selected DH group, so we remove proposals without the
proposed group and remove other DH groups from the remaining proposals.
 2012-10-24 16:09:42 +02:00
Tobias Brunner 4eba7269b8 proposal_t.strip_dh() takes a DH group to keep, using MODP_NONE will remove all 2012-10-24 16:09:42 +02:00
Tobias Brunner f05b427265 Moved debug.[ch] to utils folder 2012-10-24 16:00:51 +02:00
Tobias Brunner 12642a6831 Moved data structures to new collections subfolder 2012-10-24 16:00:49 +02:00
Tobias Brunner fdee6b5f5a Moved packet_t and tun_device_t to networking folder 2012-10-24 15:06:18 +02:00
Tobias Brunner 2e7cc07ecd Moved host_t and host_resolver_t to a new networking subfolder 2012-10-24 15:06:18 +02:00
Martin Willi c4894cc172 Send certificate requests in load-tester 2012-10-24 13:25:45 +02:00
Martin Willi 0f3c5f8502 Add load-tester traffic selector configuration options 2012-10-24 13:25:13 +02:00
Martin Willi 1efd6c6f2a Make use of new CIDR string ts constructor where appropriate 2012-10-24 13:25:08 +02:00
Martin Willi aa51d5dd25 Increase the limit of acceptable IKEv1 CERTREQ payloads to 20 2012-10-24 13:07:53 +02:00
Martin Willi 4ce55ffb0b Use explicit, larger buffer sizes for smartcard keyids and modules 2012-10-24 13:07:53 +02:00
Martin Willi 794d713dca Support loading cacert certificates in ipsec.conf ca sections from smartcard 2012-10-24 13:07:53 +02:00
Martin Willi 2abe404927 Refactored stroke smartcard token parsing, support module and slot in leftcert option 2012-10-24 13:07:53 +02:00
Martin Willi 9687cb5100 Load ipsec.conf %smartcard leftcerts with pkcs11 builder 2012-10-24 13:07:52 +02:00
Martin Willi 7ee16e4b85 Only add an implicit PRF based on the MAC alg if no PRF given in proposal 2012-10-24 11:49:37 +02:00
Martin Willi a7f5eb1035 Add an interactive mode in lookip tool, demonstrate lasting connections 2012-10-24 11:43:34 +02:00
Martin Willi 9d422bb1b0 Send a lookip NOT_FOUND reply if a lookup yields no results 2012-10-24 11:43:34 +02:00
Martin Willi f6fb2b98e9 lookup function of lookip listener returns the number of matches 2012-10-24 11:43:34 +02:00
Martin Willi 31576ceddf Handle multiple lookip connections using a single FDSET 2012-10-24 11:43:34 +02:00
Martin Willi 28683ef137 Renamed list to store listening lookip clients 2012-10-24 11:43:34 +02:00
Martin Willi bae50c7393 Handle client subscriptions in lookip plugin 2012-10-24 11:43:34 +02:00
Martin Willi 7650dd9a4f Add a lookip server side UNIX socket processing LOOKUP and DUMP requests 2012-10-24 11:43:34 +02:00
Martin Willi d59e6db614 Add a simple command line utility to query the lookip plugin 2012-10-24 11:43:34 +02:00
Martin Willi 7877c463ea Defined on-the-wire format used on lookip socket 2012-10-24 11:43:34 +02:00
Martin Willi 1edaa79c06 Add a lookip function to register virtual IP notification listeners 2012-10-24 11:43:34 +02:00
Martin Willi 9c54b445e2 Add a lookup method to lookip plugin, using a callback to invoke 2012-10-24 11:43:34 +02:00
Martin Willi 2caa27d42e Add a lookip listener that collects the information we are interested in 2012-10-24 11:43:34 +02:00
Martin Willi e0d7c1eda7 Add a lookip plugin stub to lookup connections by virtual IP 2012-10-24 11:43:33 +02:00
Martin Willi 0c4b9f7cda Add a "ipsec listcounters" command to stroke 2012-10-24 11:34:31 +02:00
Martin Willi f9332e0a8b Add a print method for stroke counters 2012-10-24 11:34:31 +02:00
Martin Willi fc4d1568d1 Add stroke message type counters 2012-10-24 11:34:30 +02:00
Martin Willi 5715af7508 Add stroke counters for invalid IKE messages 2012-10-24 11:34:30 +02:00
Martin Willi 81e0e10344 Add stroke CHILD_SA rekeying counter 2012-10-24 11:34:30 +02:00
Martin Willi a32a8d4a67 Add stroke IKE rekey counters 2012-10-24 11:34:30 +02:00
Martin Willi 418f4bc7a5 Raise a bus alert when IKE message body parsing fails 2012-10-24 11:34:30 +02:00
Martin Willi 2b95ab7620 Raise a bus alert when IKE message header parsing fails 2012-10-24 11:34:30 +02:00
Martin Willi f6f16131d0 Raise a bus alert when a received message contains unknown SPIs 2012-10-24 11:34:30 +02:00
Martin Willi 47904e3c74 Define stroke counter types to implement 2012-10-24 11:34:11 +02:00
Martin Willi 8554895b95 Add a stub for IKE event counters in stroke 2012-10-24 11:34:11 +02:00
Martin Willi b2265a2738 Add a load-tester option to define the IKE version to use for testing 2012-10-24 10:19:33 +02:00
Martin Willi e19b23e0b9 Remove peer_cfg IKE version matching, as it is done in ike_cfg matching 2012-10-24 10:19:33 +02:00
Martin Willi 7910116384 Respect IKE version while selecting an ike_cfg as responder 2012-10-24 10:19:33 +02:00
Martin Willi 1fdd62ffce Remove version argument on peer_cfg constructor, use ike_cfg version instead 2012-10-24 10:19:33 +02:00
Martin Willi 9fc7cc6f9b Add IKE version information to ike_cfg_t 2012-10-24 10:18:35 +02:00
Martin Willi cf62d073f1 Move ike_version_t definition from peer_cfg_t to ike_cfg_t 2012-10-24 10:17:36 +02:00