Thomas Egerer
59965aaf96
pluto: Securely wipe quick mode keys from memory.
...
Keying material is derived in two separate steps for local and remote
endpoint. This allows us to securely wipe local/remote secrets
separately, too -- a precondition to wipe quick mode keys from memory in
a secure fashion.
2011-05-10 15:39:00 +02:00
Tobias Brunner
2653c08513
pluto: Make sure connection name is null-terminated during DPD restart.
2011-04-19 13:48:51 +02:00
Martin Willi
3102d8669d
Use IV length of a crypter instead of block size for IV calculations
2010-08-13 17:11:53 +02:00
Martin Willi
0406eeaacb
Support different encoding types in certificate.get_encoding()
2010-07-13 13:53:20 +02:00
Martin Willi
da9724e6d0
Renamed key_encod{ing,der}_t and constants, prepare for generic credential encoding
2010-07-13 11:29:35 +02:00
Andreas Steffen
611368339b
do not destroy xauth_id if phase2 equals phase1 connection
2010-06-08 23:18:00 +02:00
Heiko Hund
52ee813156
inherit XAUTH identities in Phase 2
2010-06-08 12:15:42 +02:00
Andreas Steffen
03b5e4d8d7
refactoring of Mode Config functionality allows transport and handling of any attribute
2010-05-14 17:07:03 +02:00
Heiko Hund
d0f1b3b96f
fixed segfault in pluto with multiple ISAKMP SAs in delete payload
2010-04-20 21:23:05 +02:00
Andreas Steffen
d3d2b7390f
implemented inheritance of virtual IP assigned by Mode Config on the responder side
2010-04-11 19:19:20 +02:00
Tobias Brunner
71baf5a8f0
Adding support for AES GMAC (RFC4543).
2010-02-12 10:57:39 +01:00
Andreas Steffen
f565d0c575
merged pluto's PGP certificate parsing with charon's
2009-11-10 23:54:04 +01:00
Andreas Steffen
a86d534b4c
prepended all ISAKMP notification message types with ISAKMP_
2009-10-12 13:47:22 +02:00
Andreas Steffen
295e92fe36
fixed output of offered CA
2009-10-11 21:24:39 +02:00
Andreas Steffen
17722d4489
replaced struct id by identification_t
2009-10-10 21:19:38 +02:00
Andreas Steffen
0354d5703d
migrated public key IDs to identification_t
2009-10-08 11:25:43 +02:00
Andreas Steffen
ce2f2461e0
pluto and charon now have the same ipsec listall output format
2009-10-06 16:49:46 +02:00
Andreas Steffen
fc12e3cd2e
pluto now uses x509 plugin for attribute certificate handling
2009-10-05 07:24:28 +02:00
Andreas Steffen
eb4544f773
fixes multiple IPsec SAs with IKEv1 Mode Config
2009-10-01 09:41:35 +02:00
Andreas Steffen
c72080cea8
abbreviated struct connection by connection_t
2009-09-27 23:49:37 +02:00
Andreas Steffen
0eff9f6539
pluto and scepclient now use the x509 plugin for certificates
2009-09-27 23:09:30 +02:00
Andreas Steffen
b62ce860c1
enforce coding rules
2009-09-22 20:55:10 +02:00
Martin Willi
3b878dae7e
Removed chunk_from_buf() in favor of a simpler chunk_from_chars() macro
2009-09-11 15:39:35 +02:00
Martin Willi
7daf5226b7
removed trailing spaces ([[:space:]]+$)
2009-09-04 13:46:09 +02:00
Martin Willi
de5784452b
use time_monotonic() instead of gettimeofday() for time difference calculations
2009-08-31 15:25:03 +02:00
Martin Willi
b4b68b64b8
updated pluto to new fingerprinting API
2009-08-26 11:23:52 +02:00
Andreas Steffen
acb34739e4
improved DPD error message
2009-07-22 22:30:21 +02:00
Andreas Steffen
540d02f6c0
pluto supports AES_CCM and AES_GCM ESP algorithms
2009-07-12 00:05:42 +02:00
Andreas Steffen
c71f212627
renamed OAKLEY_ECDSA_512 to OAKLEY_ECDSA_512
2009-06-13 15:16:49 +02:00
Andreas Steffen
8df811146d
fixed broken XAUTH authentication
2009-06-12 21:04:48 +02:00
Andreas Steffen
b34862b14e
not restricted to RSA public keys
2009-06-12 20:17:02 +02:00
Andreas Steffen
11e6d28533
pluto supports ECDSA authentication
2009-06-12 19:59:49 +02:00
Andreas Steffen
23d7e76788
hooray, pluto and scepclient do not depend on libgmp anymore
2009-06-09 11:03:34 +02:00
Andreas Steffen
d17a120598
fixed OpenPGP parsing
2009-06-09 11:03:33 +02:00
Andreas Steffen
8b799d55ce
pluto and scepclient use private and public key plugins of libstrongswan
2009-06-09 11:03:32 +02:00
Andreas Steffen
517895bd05
eliminated ipsec_policy.h
2009-05-26 17:19:26 +02:00
Andreas Steffen
8585af7acb
KE payload of ECP groups has X and Y coordinates
2009-05-24 18:06:49 +02:00
Andreas Steffen
52ccea657b
use the Diffie-Hellman functionality of libstrongswan
2009-05-24 11:26:00 +02:00
Andreas Steffen
42bdf001f0
updated copyright statements
2009-05-22 17:25:32 +02:00
Andreas Steffen
8cabe789a7
st_okley.hash contains hash algorithm
2009-05-15 19:10:42 +02:00
Andreas Steffen
8bdc0327fb
split encrypt/decrypt functionality of crypto_cbc()
2009-05-14 21:04:49 +02:00
Andreas Steffen
62975e30f0
fixed generation of IKEv1 key material
2009-05-07 22:42:45 +02:00
Andreas Steffen
ab87051f23
all hashes, hmacs and prfs use libstrongswan
2009-05-06 20:05:22 +02:00
Andreas Steffen
6eb9bc9bb8
SKEYID derivation based on libstrongswan
2009-05-05 14:28:31 +02:00
Andreas Steffen
bc2e33ca96
pluto and scepclient use the random plugin from libstrongswan
2009-04-30 18:31:48 +00:00
Tobias Brunner
8c5d72cd0b
removing svn keyword $Id$ from all files
2009-04-30 13:19:35 +00:00
Martin Willi
134c9d9db0
fixed a bunch of compiler warnings, pgp end certificate listing
2009-04-21 15:36:58 +00:00
Andreas Steffen
08b2d288a1
scepclient and pluto use asn1 from libstrongswan
2009-04-20 20:53:38 +00:00
Andreas Steffen
d41071802d
support of the enum printf_hook
2009-04-20 09:32:59 +00:00
Andreas Steffen
3d7a244b54
conversion from 8 spaces to 4 spaces per tab
2009-04-19 19:16:09 +00:00