6d1b4b6baf
Version bump to 5.2.0dr1
2014-04-15 09:20:38 +02:00
266fcdce2b
Version bump to 5.1.3
2014-04-14 15:18:38 +02:00
c0efaaebe3
tls: Create a unit-test runner
2014-04-01 14:28:55 +02:00
dbd4fc074a
openac: Remove obsolete openac utility
...
The same functionality is now provided by the pki --acert subcommand.
2014-03-31 11:39:25 +02:00
5ac0e66879
acert: Implement a plugin finding, validating and evaluating attribute certs
...
This validator checks for any attribute certificate it can find for validated
end entity certificates and tries to extract group membership information
used for connection authorization rules.
2014-03-31 11:14:58 +02:00
6e8c665a51
pki: Add acert and extend pki/print manpages
2014-03-31 11:14:58 +02:00
045f25fc81
Version bump to 5.1.3rc1
2014-03-26 22:00:00 +01:00
4ffe02a75d
configure: Add an option to select a specific printf hook implementation
2014-03-20 15:49:05 +01:00
0e6f3a380a
configure: Add an option to enable all optional features/plugins
...
This has probably no real practical use, but it simplifies testing.
2014-03-20 15:29:27 +01:00
1c26ce2dc3
configure: Reorder and group feature options
2014-03-20 15:29:27 +01:00
9483f8ec59
Version bump to 5.1.3dr1
2014-03-07 21:56:34 +01:00
af15c71bfb
configure: Fix autoreconf with older autotools
...
Older autoconf versions (e.g. on CentOS 6.5) produce an empty else block
for the removed empty argument, which the shell then trips over when
executing ./configure.
Fixes #536 .
2014-03-03 17:14:26 +01:00
1d252e9dec
Version bump to 5.1.2
2014-02-27 22:46:52 +01:00
2ed241aeb3
utils: Add memrchr(3) replacement for platforms that don't support it
...
For instance, on Mac OS X memrchr(3) is not provided by the C library.
2014-02-26 11:05:07 +01:00
8f57961f4c
Version bump to 5.1.2rc2
2014-02-17 12:02:23 +01:00
7573a7ed56
conf: Only install config snippets for enabled components
2014-02-12 14:34:34 +01:00
c4bb26b849
conf: Split strongswan.conf(5) man page and use generated snippet
2014-02-12 14:34:33 +01:00
91cc523ca7
conf: Generate strongswan.conf(5) man page in different directory
2014-02-12 14:34:33 +01:00
1b98f85821
conf: Generate and install config sippets for option descriptions
...
The strongswan.d directory is also created relative to the configured
location of strongswan.conf.
2014-02-12 14:34:33 +01:00
c75acc4c44
conf: Install strongswan.conf template from a separate directory
2014-02-12 14:34:33 +01:00
b3613c49a2
array: Add fallback for qsort_r using thread-local value
...
Cygwin for example does not support qsort_r.
2014-02-12 14:34:33 +01:00
132b00ce02
array: Add array_sort function
2014-02-12 14:34:33 +01:00
37374a292a
chunk: Provide a fallback chunk_map() if mmap is not available
2014-01-23 15:55:32 +01:00
2d7852d29a
configure: Add -Wno-format-security to default CFLAGS
...
Either due to a change in Ubuntu 13.10 or GCC 4.8 -Wno-format has no
effect if -Wformat-security is enabled (which it is on Ubuntu) so we
also disable the latter by default.
2014-01-23 10:08:53 +01:00
800b361e19
Version bump to 5.1.2rc1
2014-01-16 01:47:34 +01:00
f74c8be19b
Version bump to 5.1.2dr3
2014-01-13 12:12:52 +01:00
bced16ee11
Version bump to 5.1.2dr2
2013-12-06 10:10:24 +01:00
d33df7ed51
charon-tkm: Abort if gprbuild binary is not found
2013-12-04 10:42:03 +01:00
146ad86be5
Prototype implementation of IKE key exchange via NTRU encryption
2013-11-27 20:21:40 +01:00
228db0433d
configure: Remove obsolete --enable-unit-tests option
2013-11-27 18:35:44 +01:00
194b69f0b8
Version bump to 5.1.2dr1
2013-11-19 10:27:07 +01:00
20c99edab9
android: Remove dependency on libvstr
2013-11-13 11:40:47 +01:00
6531afb557
automake: Don't use parallel test harness being the default with automake 1.13
...
We have no need for the parallel test harness, and we prefer to have the output
of make check on the console
2013-11-06 10:30:59 +01:00
c501c78c5f
Version bump to 5.1.1
2013-10-31 09:42:15 +01:00
2077d996a9
utils: Provide a fmemopen(3) fallback using BSD funopen()
2013-10-24 13:17:05 +02:00
8e8e97d10d
kernel-netlink: Check existence of linux/fib_rules.h, don't include it in distribution
...
This reverts commit b0761f1f0a
2013-10-18 09:52:54 +02:00
b638c131de
dnscert: Add DNS CERT support for pubkey authentication
...
Add DNSSEC protected CERT RR delivered certificate authentication.
The new dnscert plugin is based on the ipseckey plugin and relies on the
existing PEM decoder as well as x509 and PGP parsers. As such the plugin
expects PEM encoded PKIX(x509) or PGP(GPG) certificate payloads.
The plugin is targeted to improve interoperability with Racoon, which
supports this type of authentication, ignoring in-stream certificates
and using only DNS provided certificates for FQDN IDs.
2013-10-11 15:45:42 +02:00
ec6ad6b086
pool: Move the pool utility to its own directory in src
2013-10-11 15:16:05 +02:00
cabe5c0ff4
printf-hook-builtin: Add a new "builtin" backend using its own printf() routines
...
Overloads printf C library functions by a self-contained implementation,
based on klibc. Does not yet feature all the required default formatters,
including those for floating point values.
2013-10-11 11:06:02 +02:00
4524e128f8
Version bump to 5.1.1rc1
2013-10-11 09:53:42 +02:00
f4dd49a5fd
Version bump to 5.1.1dr4
2013-09-17 10:57:46 +02:00
21626bdf77
pki: Add support to encode public keys in SSH key format
2013-09-13 15:23:49 +02:00
a3232fa802
pki: Load dnskey plugin to encode public keys in RFC 3110 format
2013-09-13 15:23:48 +02:00
0dc8ba8779
pki: Install pki(1) as utility directly in $prefix/bin
...
ipsec pki is maintained as alias.
2013-09-13 15:07:36 +02:00
b068c4ec9d
pki: Add pki --verify man page
2013-09-13 15:07:36 +02:00
4adeaa5eb9
pki: Add pki --pub man page
2013-09-13 15:07:36 +02:00
a319eff80d
pki: Add pki --print man page
2013-09-13 15:07:35 +02:00
e69fd30538
pki: Add pki --keyid man page
2013-09-13 15:07:35 +02:00
558771400e
pki: Add pki --pkcs7 man page
2013-09-13 15:07:35 +02:00
bb8e2e1759
pki: Add pki --req man page
2013-09-13 15:07:35 +02:00
Andreas Steffen