Martin Willi
0b04bdde30
Added a DPD option for load-tester
2011-05-16 15:24:14 +02:00
Martin Willi
015c15688c
Don't simulate traffic on load-tester kernel interface
2011-05-16 15:24:14 +02:00
Martin Willi
c726b1a6a5
Show how many threads are active in each class in statusall
2011-05-16 15:24:14 +02:00
Martin Willi
a694b481ee
Added a statusallnb stroke command to show status non-blocking
2011-05-16 15:24:14 +02:00
Martin Willi
a1bf879a43
Added preshared_key/eap_password load_tester options to set custom credentials
2011-05-16 15:24:14 +02:00
Martin Willi
ac96ca80eb
Added initiator/responder_id load tester options to enforce different identities
2011-05-16 15:24:14 +02:00
Martin Willi
187bf24e4d
Migrated load_tester_config to INIT/METHOD macros
2011-05-16 15:24:13 +02:00
Martin Willi
8e67b5413c
Migrated load_tester_creds to INIT/METHOD macros
2011-05-16 15:24:13 +02:00
Martin Willi
e13819507e
Fix load tester shared key enumerator, provide dedicated EAP password
2011-05-16 15:24:13 +02:00
Martin Willi
69c3eca0e9
Added a non-blocking, skipping variant of IKE_SA enumerator
2011-05-16 15:24:13 +02:00
Martin Willi
c73d4f53f5
Processor job scheduling respects job priority classes
2011-05-16 15:24:13 +02:00
Martin Willi
dfe9bad981
Added a stroke memusage command to show memory usage
2011-05-16 15:22:21 +02:00
Andreas Steffen
19ae24f0ea
fixed whitelist enabling
2011-05-14 17:09:45 +02:00
Andreas Steffen
706ae005c6
do not call recommendations if recs does not exist
2011-05-14 16:36:05 +02:00
Andreas Steffen
cc546c3ce6
Restrict IMCs and IMVs to call SendMessage()
2011-05-14 13:31:16 +02:00
Martin Willi
6fd23444ea
Disable whitelist plugin by default
2011-05-12 09:07:14 +02:00
Duncan Salerno
4b6ebf9995
Protect the communication with the SIM card during a transaction from access by a second application
2011-05-12 06:20:11 +02:00
Andreas Steffen
e8a512f800
protection against insane IMCs and IMVs
2011-05-11 19:34:01 +02:00
Andreas Steffen
261d5f22db
terminate imc/imv that couldn't be initialized properly
2011-05-10 07:03:50 +02:00
Andreas Steffen
bb6b2fbb81
lock the set_message_types() method for imvs
2011-05-09 16:46:08 +02:00
Andreas Steffen
375ac27609
cosmetics
2011-05-09 16:46:08 +02:00
Andreas Steffen
d6eec513f1
adapted state_machine for retry batches
2011-05-09 00:49:36 +02:00
Andreas Steffen
ff30e06bf0
lock the set_message_types() method
2011-05-07 17:51:53 +02:00
Andreas Steffen
2c3464af46
added missing comma
2011-05-07 10:22:57 +02:00
Andreas Steffen
50a43c79a6
refactored tnccs->remove_connection()
2011-05-06 15:13:05 +02:00
Martin Willi
33bad71ce9
Accept name fields in EAP-MD5 messages
2011-05-02 09:57:58 +02:00
Andreas Steffen
083fe967e5
adapted debug output
2011-04-28 13:28:40 +02:00
Andreas Steffen
7d39f3e1b9
log unsupported IMC_IMV message types
2011-04-28 02:27:08 +02:00
Andreas Steffen
e7f21e33b1
list registered TNCCS message types
2011-04-28 01:35:45 +02:00
Andreas Steffen
6ab1a83059
Migrated eap_sim_file to INIT/METHOD macros
2011-04-22 11:30:42 +02:00
Andreas Steffen
406051ea4e
fixed segmentation fault due to null pointer
2011-04-22 10:11:16 +02:00
Andreas Steffen
2778b6644b
do not include length field in non-fragmented EAP-PEAP packets
2011-04-21 19:52:49 +02:00
Andreas Steffen
c223ccd174
Win 7 accepts compressed EAP Identity request
2011-04-21 19:52:49 +02:00
Andreas Steffen
20c428b670
added level 3 debug output of forwarded EAP payloads
2011-04-21 19:52:49 +02:00
Martin Willi
f9a552f011
Resolve and connect to RADIUS servers not before required
2011-04-21 14:01:25 +02:00
Martin Willi
5b0bcfb1fc
Revert alloc_str changes
...
This reverts commit fdead26ffe
.
This reverts commit 3e2419ebe3
.
This reverts commit 17ce69b47a
.
2011-04-21 13:35:31 +02:00
Martin Willi
3e2419ebe3
Use thread save settings alloc_str function where appropriate
2011-04-21 10:48:16 +02:00
Martin Willi
4778655726
Cast size_t len arguments to %.*s to int
2011-04-20 13:08:32 +02:00
Martin Willi
98788537be
Synchronize ESN support in HA plugin
2011-04-20 12:26:58 +02:00
Martin Willi
4876d4f3b3
Added an esn parameter to the kernel interface add_sa functions
2011-04-20 12:26:57 +02:00
Tobias Brunner
dd0696ec8e
Use strncpy when reading smartcard keyids from ipsec.secrets.
2011-04-19 18:00:16 +02:00
Tobias Brunner
c8bb9a2ec6
Fixed typo in unit-tester plugin.
2011-04-19 13:48:49 +02:00
Andreas Steffen
733813c7fb
send an empty EAP Ack client message if TLS was successful and handle it on the server
2011-04-15 15:02:39 +02:00
Andreas Steffen
ad5033a67c
Windows 7 expects an uncompressed EAP Identity request
2011-04-15 15:02:39 +02:00
Martin Willi
2b3c87b49a
Set broadcast flag in DHCP requests when sending broadcasts
2011-04-15 13:00:23 +02:00
Martin Willi
f0331baf1a
Added reload support to eap-radius plugin
2011-04-15 10:07:13 +02:00
Martin Willi
c55818ebb0
Added a (not yet implemented) plugin_t method to reload plugin configuration
2011-04-15 10:07:13 +02:00
Martin Willi
787b5884aa
Added a get_name() function to plugin_t, create_plugin_enumerator enumerates over plugin_t
2011-04-15 10:07:12 +02:00
Martin Willi
6e2791715b
Migrated remaining plugin_t implementations to INIT/METHOD macros
2011-04-15 10:07:12 +02:00
Tobias Brunner
b0fd7d1482
Proper cleanup if IDs in ipsec.secrets cannot be parsed.
2011-04-14 18:11:45 +02:00
Tobias Brunner
e51cae33a9
Fix compiler warnings at creation of CRL cache filenames.
...
This was not really a problem because ptr is the first member of a chunk_t
and it contains a null-terminated string at that point. But it's clearer
this way.
2011-04-14 18:10:27 +02:00
Tobias Brunner
aee071ed8b
Fixed check for member of stroke_msg_t in pop_string.
...
Because of the cast to char** the length of the message was multiplied
by sizeof(char*), i.e. 4 or 8 bytes (depending on the architecture) instead
of by 1 (sizeof(char)).
2011-04-13 18:18:03 +02:00
Duncan Salerno
be4caf7d3e
fixed bit mask
2011-04-07 21:41:41 +02:00
Andreas Steffen
e4444c7b4a
define MSCHAPv2 as default phase2 algorithm for EAP-PEAP
2011-04-06 20:07:59 +02:00
Andreas Steffen
30c42831a0
allow multi-pass authentication schemes as e.g. MSCHAPv2
2011-04-06 19:39:00 +02:00
Andreas Steffen
c98ed04de0
display EAP identifiers in HEX format
2011-04-06 17:34:27 +02:00
Andreas Steffen
0ef9744123
no EAP identifier offset required in build() function
2011-04-06 17:33:01 +02:00
Andreas Steffen
915aa1f198
added missing function pointers in eap_identity_create_server()
2011-04-06 15:47:49 +02:00
Andreas Steffen
1be296dfb2
implemented the PEAP tunneling protocol as an EAP plugin
2011-04-06 14:42:02 +02:00
Andreas Steffen
0e83847088
added get|set_identifier() methods to eap_tnc_t
2011-04-06 07:50:42 +02:00
Andreas Steffen
555a8ca238
added EAP identifier to debug output
2011-04-05 20:53:46 +02:00
Andreas Steffen
934216df2d
added get|set_identifier() methods to eap_tls_t and eap_ttls_t
2011-04-05 18:35:22 +02:00
Andreas Steffen
2e44a2753f
eap_packet_t definition moved to libstrongswan/eap/eap.h
2011-04-05 18:04:45 +02:00
Andreas Steffen
dcfb8177b3
implemented get|set_identifier() for eap_sim_t
2011-04-05 17:01:28 +02:00
Andreas Steffen
125fadb3e0
Migrated eap_sim plugin to INIT/METHOD macros
2011-04-05 16:12:38 +02:00
Andreas Steffen
ab5e087309
implemented get|set_identifier() for eap_radius_t
2011-04-05 15:57:00 +02:00
Andreas Steffen
07313dbe38
store EAP identifier on peer side
2011-04-05 15:45:51 +02:00
Andreas Steffen
1b80fdd9e0
implemented get|set_identifier() for eap_aka_t
2011-04-05 15:40:20 +02:00
Andreas Steffen
b5240b7c64
Migrated eap_aka plugin to INIT/METHOD macros
2011-04-05 15:20:22 +02:00
Andreas Steffen
05aa206dcd
implemented get|set_identifier() for eap_gtc_t
2011-04-05 14:47:19 +02:00
Andreas Steffen
e053961dcc
Migrated eap_gtc plugin to INIT/METHOD macros
2011-04-05 14:44:26 +02:00
Andreas Steffen
4ea837d951
implemented get|set_identifier() for eap_mschapv2_t
2011-04-05 14:44:09 +02:00
Andreas Steffen
dae5a088c5
Migrated eap_mschapv2 plugin to INIT/METHOD macros
2011-04-05 14:23:59 +02:00
Andreas Steffen
689f887147
implemented get|set_identifier() for eap_identity_t and eap_md5_t
2011-04-05 14:22:58 +02:00
Martin Willi
ce9352b3d7
Migrated eap_sim_pcsc plugin to INIT/METHOD macros
2011-04-04 09:31:45 +02:00
Martin Willi
13d72e90c1
Slightly reformatted SIM pcsc code
2011-04-04 09:21:54 +02:00
Duncan Salerno
80dca77a50
Added SIM card backend based on pcsc-lite
2011-04-04 08:51:50 +02:00
Andreas Steffen
7aa2d1ca49
log TNC PEP decision with level 0
2011-03-25 12:49:05 +01:00
Martin Willi
952fb7b5a1
Increase whitelist message identity buffer to 128 bytes
2011-03-23 14:18:15 +01:00
Andreas Steffen
16ee58e036
TNC server did not issue a TNC_CONNECTION_STATE_HANDSHAKE NotifyConnection message
2011-03-19 16:43:22 +01:00
Martin Willi
f8d2f903bf
Added a strongswan.conf "enabled" option for duplicheck plugin
2011-03-17 17:34:11 +01:00
Martin Willi
c236b214f2
Added strongswan.conf and runtime option to enable/disable whitelist plugin
2011-03-17 17:15:16 +01:00
Andreas Steffen
25ed5672a6
initiate or route all child configs if they have different names from their parent peer config
2011-03-04 07:02:31 +01:00
Andreas Steffen
ea1c20d14b
initiate or route child configs which don't have a peer config of the same name
2011-03-01 22:24:19 +01:00
Andreas Steffen
a2ebc1bd69
put DN in double quotes
2011-03-01 22:19:59 +01:00
Martin Willi
007c47088c
Implemented permanent certificate coupling plugin
2011-02-28 16:39:40 +01:00
Martin Willi
0d6d992589
Update duplicheck entry during IKE rekeying
2011-02-28 15:37:18 +00:00
Martin Willi
b85be69079
Remove entry from active duplicate list only if it was not in checking
2011-02-28 15:37:18 +00:00
Martin Willi
ee0f53e189
Added an example application listening to duplicheck notifications
2011-02-28 15:37:18 +00:00
Martin Willi
3883150779
Notify duplicate detections over a UNIX sockets to listening applications
2011-02-28 15:37:18 +00:00
Martin Willi
3e74ebbecc
Added an advanced duplicate checking plugin with liveness check of old SA
2011-02-28 15:37:18 +00:00
Martin Willi
c893bf7e5c
Added a whitelist command line utility to control whitelist plugin
2011-02-28 15:00:46 +01:00
Martin Willi
53f2a7c712
Added a UNIX socket based control backend to whitelist plugin
2011-02-28 15:00:46 +01:00
Martin Willi
5e603aba4e
Implemented a in-memory peer identity whitelist plugin
2011-02-28 15:00:46 +01:00
Andreas Steffen
d390b3b901
[hopefully] fixed pathlen problem on ARM platforms
2011-02-10 15:51:18 +01:00
Andreas Steffen
f04d1c2dfe
replaced ipsec up %startall command by start_action job
2011-02-09 22:27:04 +01:00
Tobias Brunner
feb8ada613
maemo: Create DBUS service file with correct path to charon.
2011-02-08 15:17:36 +01:00
Martin Willi
234955d1ea
Check for libxml when building tnccs_11, use autoconf libxml CFLAGS/LIBS
2011-02-08 11:11:01 +01:00
Martin Willi
91f8ce562d
tnccs_11 does not link against libtls, just uses its headers
2011-02-08 11:09:27 +01:00
Martin Willi
6ccb23e80b
Whitespace cleanups in tnc code
2011-02-08 11:03:10 +01:00