ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
5,288 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

5288 Commits

Author SHA1 Message Date
Martin Willi f90d465ce2 Added addrblock plugin to RFC3779 test cases 2010-07-13 10:26:07 +02:00
Martin Willi 1f457546c1 Added revocation plugin to ikev2 crl/ocsp test cases 2010-07-13 10:26:07 +02:00
Martin Willi e57a29c731 Moved X509 ipAddrBlock checking to the addrblock plugin 2010-07-13 10:26:07 +02:00
Martin Willi be715344c2 Added a hook to narrow traffic selectors for CHILD_SAs 2010-07-13 10:26:07 +02:00
Martin Willi 88fa56b1ad Moved bus_t to METHOD/INIT macros 2010-07-13 10:26:07 +02:00
Martin Willi 1c8c924610 Moved addrblock plugin to libcharon 2010-07-13 10:26:07 +02:00
Martin Willi c2e5cee413 Moved CRL/OCSP checking to a dedicated plugin called revocation 2010-07-13 10:26:07 +02:00
Martin Willi c1f9dad672 Made some useful methods in the credential manager public 2010-07-13 10:26:07 +02:00
Martin Willi 5f9e62c54f Moved X509 addrBlock validation to a separate addrblock plugin 2010-07-13 10:26:07 +02:00
Martin Willi 2feb16f5dd Added a certificate validation hook to the credential manager 2010-07-13 10:26:07 +02:00
Martin Willi c3a9bef08e Migrated credential manager to INIT/METHOD macros 2010-07-13 10:26:07 +02:00
Martin Willi 2ccc02a4fd Moved credential manager to libstrongswan 2010-07-13 10:26:07 +02:00
Martin Willi 2ca7db1337 Move pathlen constraint checking to X509 specific checks 2010-07-13 10:26:06 +02:00
Martin Willi 5db798c8e0 Charon uses a generic trunstchain length limit, not only for X509 certificates 2010-07-13 10:26:06 +02:00
Martin Willi 01bb70e4ad Combined the OCSP/CRL options to a signle Online check option 2010-07-13 10:26:06 +02:00
Andreas Steffen d5f29da3d2 added mark, mark_in, and mark_out to the ipsec.conf.5 man page 2010-07-13 09:15:53 +02:00
Andreas Steffen c1918dc28f we need some ordering 2010-07-12 22:44:27 +02:00
Andreas Steffen c13a4b4030 changed ordering of statusattr output 2010-07-12 22:38:18 +02:00
Andreas Steffen bb021fbbc9 updated ikev2/ip-two-pools-db scenario to support pool and identity based dns attributes 2010-07-12 20:54:40 +02:00
Andreas Steffen 1cecc6a6ef fixed alignment of caption 2010-07-12 20:48:14 +02:00
Andreas Steffen ab635e029e updated SQL templates to support attribute pool and identity parameters 2010-07-12 20:28:34 +02:00
Andreas Steffen cb0a9d58a3 output identities correctly 2010-07-12 20:28:34 +02:00
Andreas Steffen 5047fe7ad3 added second example scenario 2010-07-12 20:28:34 +02:00
Tobias Brunner dcb4651d8c apidoc is actually a directory not a file. 2010-07-12 15:28:55 +02:00
Tobias Brunner af7b34b13b Added missing pool parameter in DHCP attribute provider. 2010-07-12 12:27:49 +02:00
Martin Willi 52f97c3893 Do not interpret long class attributes (such as from NPS) as group 2010-07-09 13:53:43 +02:00
Martin Willi cfa1c07604 Group membership constraint is fulfilled if subject is member in one of the groups 2010-07-09 13:51:58 +02:00
Heiko Hund ec7adea007 Added support for named attribute groups 
Add the possibility to group attributes by a name and assign these
groups to connections. This allows a more granular configuration of
which client will receive what atrributes.
 2010-07-09 13:09:31 +02:00
Andreas Steffen db4ad736be transport reqid, mark_in and mark_out in whack message 2010-07-09 12:19:39 +02:00
Andreas Steffen f65e0dc80f added ikev2/net2net-psk-dscp2 DiffServ scenario 2010-07-09 11:55:01 +02:00
Andreas Steffen 9f94906815 added ikev2/nat-two-rw-mark-in-out scenario 2010-07-09 09:36:03 +02:00
Andreas Steffen bcf608c848 some changes to the ikev2/nat-two-rw-mark scenario 2010-07-09 09:35:02 +02:00
Andreas Steffen 26c4d0102a configuration of different marks for inbound and outbound direction 2010-07-09 09:06:07 +02:00
Martin Willi 6f07f5e3d4 The file logger supports a time prefix using a strftime() format specifier 2010-07-08 17:44:19 +02:00
Martin Willi 4cc9afe35f Print identity to a lease address on the same line for simpler greping 2010-07-08 17:44:19 +02:00
Martin Willi 6c4cd8fa15 Implemented missing bypass_socket() method in load-testers faked kernel interface 2010-07-07 10:01:32 +02:00
Andreas Steffen a729d17afa added req parameter to ipsec.conf man page 2010-07-06 20:32:33 +02:00
Martin Willi 4f99093235 Show mallinfo() data in statusall, if available 2010-07-06 16:28:25 +02:00
Martin Willi 380106ab0d Avoid relocking while enumerator is alive 2010-07-06 16:28:25 +02:00
Tobias Brunner f395f28e44 Added missing markt_t in load tester, also migrated to INIT/METHOD macros. 2010-07-06 09:29:18 +02:00
Tobias Brunner 83b23011de Some Doxygen fixes. 2010-07-05 15:04:30 +02:00
Tobias Brunner 8f7e8e075a Fixed typo. 2010-07-05 14:53:56 +02:00
Martin Willi a4c0da1669 Added support for group membership information containted in the RADIUS class attribute 2010-07-05 09:41:04 +02:00
Martin Willi 4172574bfb Use the group constraint in a more generic fashion, not only for attribute certificates 2010-07-05 09:41:04 +02:00
Martin Willi 53913d764e Use the responder side configured EAP-Identity directly, if given 2010-07-05 09:41:04 +02:00
Martin Willi ec6caa1367 Copy EAP specific attributes to auth config only 2010-07-05 09:41:04 +02:00
Tobias Brunner 43ab542b66 Disable EAP-GTC on Android. 
The EAP-GTC plugin does not compile due to its dependency on PAM.
 2010-07-05 09:40:26 +02:00
Andreas Steffen ec40c02ad2 added IKEv2 xfrm marks support to NEWS 2010-07-03 22:14:45 +02:00
Andreas Steffen 36b3c0a8dd regenerated loop intermediate CA certificates 2010-07-03 18:18:30 +02:00
Andreas Steffen 342fc85e9e added ikev2/nat-two-rw-mark scenario 2010-07-03 13:25:09 +02:00