f35578acb1
Renamed 'use' database column as that is a keyword in MySQL.
...
Reported by Stefan Tomas.
2011-09-01 09:59:37 +02:00
d0e1b237be
Properly remove listener when listen() times out
2011-08-31 16:50:06 +02:00
e59a50009c
starter passes unresolved DNS names to charon
...
Based on an initial patch by Mirko Parthey.
2011-08-29 09:58:18 +02:00
88d180c7d8
Fix file descriptor leak
...
Credit goes to "cppcheck".
Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
2011-08-29 09:10:28 +02:00
f50ee82573
Remove redundant assignment
...
Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
2011-08-29 09:10:28 +02:00
848567fdf2
Fix file descriptor leak on error
...
Credit goes to cppcheck.
Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
2011-08-29 09:10:28 +02:00
8e3f14baab
bus->listen() and the controller wrappers accept a timeout to wait for callbacks
2011-08-26 10:44:25 +02:00
4a2ecc4147
support optional SSL passphrase for Axis2/C connection
2011-08-24 21:27:34 +02:00
071903235a
Register manager of pkcs11 plugin as library object
2011-08-24 15:45:59 +02:00
a8bbdb1f26
log entry for outbound hash-and-url
2011-08-24 06:05:44 +02:00
2fee7bfe87
auto-detect OS name
2011-08-23 07:54:15 +02:00
3f455c739d
Added a certexpire empty_string option
2011-08-22 18:42:33 +02:00
e64fdfa172
Implemented CSV export functionality in certexpire plugin
2011-08-22 18:42:33 +02:00
d2aeb8fdfd
Added generic cron style callback execution to certexpire plugin
2011-08-22 18:42:33 +02:00
f4bdc6a3aa
Cache trustchain lifetimes for export
2011-08-22 18:42:33 +02:00
b274f20a1d
Register a certexpire listener collecting trustchain information
2011-08-22 18:42:33 +02:00
87ddfcc655
Added missing auth_rule_names
2011-08-22 18:42:32 +02:00
c991645ff5
Moved auth_rule_names back to auth_cfg.c
2011-08-22 18:42:32 +02:00
ba2201edf0
Added plugin stub of certexpire plugin
2011-08-22 18:42:32 +02:00
bff1025201
Don't rekey but delete CHILD_SA to resying against NATed Windows clients
2011-08-19 09:16:17 +02:00
f54bcf35af
Sync newer IKE_SA condition/extension flags in ha plugin
2011-08-19 09:16:16 +02:00
61cf9f512c
Try to detect Windows Clients by looking for INTERNAL_IP4/6_SERVER attribute
2011-08-19 09:16:16 +02:00
5c0ab65cae
shortened XAUTH and UNITY attribute short names
2011-08-16 23:37:09 +02:00
f69f067958
fix double delete of old IKE_SA during reauthentication
2011-08-16 23:25:45 +02:00
a022f0863d
increased message buffer to cope with NCP's innumerable UNITY Configuration Payloads
2011-08-16 23:22:20 +02:00
65d5f6bc2b
some more typos
2011-08-15 21:43:26 +02:00
7ebf021d37
typos: initator->initiator, authenticaion->authentication.
2011-08-15 16:31:04 +02:00
19e12db79c
pluto: Some whitespace cleanup.
2011-08-15 15:53:26 +02:00
6224a34481
converted libimcv into a dynamic library
2011-08-14 09:27:43 +02:00
756fd15f55
version bump to 4.6.0dr3
2011-08-14 09:26:21 +02:00
49c03672a3
updated strongswan.conf
2011-08-12 18:11:32 +02:00
7e85bbda19
implement MAP client certificate authentication
2011-08-12 15:16:05 +02:00
c7b8512cc0
cosmetics
2011-08-12 13:18:49 +02:00
537205fa9d
implemented enforcement-report metadata
2011-08-12 13:16:02 +02:00
ae8a984b5a
use EAP identity
2011-08-12 11:34:56 +02:00
d6a69acba4
defined mapping of IKEv2 identity types to IF-MAP identity types
2011-08-12 11:07:29 +02:00
9af9c6772b
If we close a duplicate SA, it is also no authentication failure.
2011-08-12 10:11:39 +02:00
d9eaecd373
If local authentication fails, it is not really a peer auth failure.
2011-08-12 10:04:02 +02:00
ccbe380377
Throw an alert if authentication of the peer fails (not only for initiator).
2011-08-12 10:04:02 +02:00
7ab19d571d
Throw an alert when the peer address cannot be resolved during initiation.
2011-08-12 09:59:27 +02:00
ff4b25f9b7
Throw an alert via bus_t when remote authentication fails.
2011-08-12 09:59:27 +02:00
d0a9173ec9
support capability metadata
2011-08-11 15:06:19 +02:00
45048eae23
Verify that executables are available and set (pluto|charon)start accordingly.
...
Some distributions enable both daemons but then distribute the
executables in two separate packages. If only one package is installed
but both daemons are enabled in ipsec.conf, starter will try to start
the non existing daemon over and over again, and will each time readd
the configs to the other daemon.
2011-08-11 13:38:05 +02:00
92a1b234b4
version bump to 4.6.0dr2
2011-08-11 07:56:42 +02:00
535798cfe3
added tnc-ifmap attributes to manpage
2011-08-10 15:58:18 +02:00
5a2e2e0b8c
version bump to 4.6.0dr1
2011-08-10 09:29:35 +02:00
3205e3be7a
define server_cert in strongswan.conf
2011-08-10 09:29:35 +02:00
dcae107b5a
getting rid of axis2.html configuration
2011-08-10 09:29:34 +02:00
9d690477c9
output PEP device addresses as metadata
2011-08-10 09:29:34 +02:00
e37f1fd6b7
classify an EAP identity as a username
2011-08-10 09:29:34 +02:00
Tobias Brunner