Martin Willi
|
6bf1352032
|
fixed testing build
|
2006-06-21 12:58:02 +00:00 |
Martin Willi
|
b29bfa7c76
|
fixed whitelist detection
|
2006-06-20 11:03:47 +00:00 |
Martin Willi
|
986d23bd6e
|
reworked function ignore mechanism to not-report whitelist
rather than overriding functions
|
2006-06-20 10:05:56 +00:00 |
Martin Willi
|
13b8fa0e8d
|
fixed execv call args to work when using strictcrl and syslog
|
2006-06-20 10:04:35 +00:00 |
Martin Willi
|
5c6b5bf599
|
fixed bug: usage of already freed mem
|
2006-06-20 09:53:25 +00:00 |
Martin Willi
|
aed58dcc93
|
readded local_credential_store
added sendcert policy to connection
some other cleanups
|
2006-06-20 08:43:57 +00:00 |
Andreas Steffen
|
76dafed7a7
|
implemented rereadcrls rereadcacerts
|
2006-06-20 06:08:33 +00:00 |
Andreas Steffen
|
a8ed64c494
|
implemented rereadcrls rereadcacerts
|
2006-06-20 06:07:37 +00:00 |
Andreas Steffen
|
21b433c641
|
implemented rereadcrls rereadcacerts
|
2006-06-20 06:05:01 +00:00 |
Andreas Steffen
|
db959e6ea3
|
removed local_credential_store
|
2006-06-20 05:57:52 +00:00 |
Martin Willi
|
b965b8456b
|
fixed SPI when acting as initiator of rekeying
|
2006-06-19 09:27:14 +00:00 |
Martin Willi
|
c65a4fff3f
|
fixed SPI when rekeying and deleting CHILD_SAs
|
2006-06-19 08:54:19 +00:00 |
Martin Willi
|
891dfaf983
|
change key derivation order to fullfill RFC
|
2006-06-19 08:11:42 +00:00 |
Martin Willi
|
f7eb60dd5e
|
|
2006-06-16 14:10:49 +00:00 |
Andreas Steffen
|
21e7a724d0
|
added crl support
|
2006-06-16 05:55:30 +00:00 |
Andreas Steffen
|
d92cca4a72
|
added listcrls
|
2006-06-16 05:55:02 +00:00 |
Andreas Steffen
|
23e9fda8a5
|
added chunk_equals_or_null()
|
2006-06-16 05:53:47 +00:00 |
Andreas Steffen
|
307b4ded5e
|
added crl support
|
2006-06-16 05:52:52 +00:00 |
Andreas Steffen
|
277379620c
|
changed tabs from 8 to 4 spaces
|
2006-06-16 05:52:26 +00:00 |
Andreas Steffen
|
c345ff0b1e
|
added crl support
|
2006-06-16 05:51:36 +00:00 |
Andreas Steffen
|
63b86f5641
|
cosmetics
|
2006-06-16 05:51:16 +00:00 |
Andreas Steffen
|
d2c9d37d6f
|
cosmetics (space)
|
2006-06-16 05:50:28 +00:00 |
Martin Willi
|
c859ec9592
|
fixed compilation error
|
2006-06-15 13:41:06 +00:00 |
Martin Willi
|
147fe5095d
|
fixed aes code, we support now aes128, aes192, aes256 in IKE
|
2006-06-15 13:14:09 +00:00 |
Martin Willi
|
c095388f7f
|
added support for "ike" and "esp" keywords
fixed bugs in proposal code
algorithm selection for charon works now with ipsec.conf
a lot of other fixes
|
2006-06-15 11:09:11 +00:00 |
Martin Willi
|
3efbf98312
|
implemented clean spi allocation behavior when using multiple proposals
|
2006-06-15 11:06:22 +00:00 |
Martin Willi
|
525a5538db
|
fixed logleve(l) keyword typo
|
2006-06-15 11:03:41 +00:00 |
Martin Willi
|
56f1a8f2d6
|
handling of "rekey=no" parameter added
|
2006-06-15 11:02:15 +00:00 |
Martin Willi
|
ad038f770d
|
changed default algorithms to:
ike: aes128-sha-modp2048
esp: aes128-sha1, 3des-md5
|
2006-06-15 11:01:17 +00:00 |
Andreas Steffen
|
b98e0927f4
|
added default CRL directory path
|
2006-06-14 12:44:12 +00:00 |
Andreas Steffen
|
311b225740
|
added strictcrlpolicy command line argument
|
2006-06-14 12:43:51 +00:00 |
Andreas Steffen
|
03442041a9
|
added option parsing
|
2006-06-14 12:42:36 +00:00 |
Andreas Steffen
|
b3b4c0e44b
|
corrected some descriptions
|
2006-06-13 11:33:13 +00:00 |
Andreas Steffen
|
3c846c630a
|
moved RSA key size constraints to definitions.h
|
2006-06-13 11:32:12 +00:00 |
Martin Willi
|
b7e3329f17
|
fixed down keyword
|
2006-06-13 10:11:45 +00:00 |
Martin Willi
|
fa32cd3c47
|
debug and logging improvements
|
2006-06-13 10:01:04 +00:00 |
Andreas Steffen
|
64f4d91898
|
support for stroke listcerts|listcacerts|listcrls|listall
|
2006-06-12 08:47:28 +00:00 |
Andreas Steffen
|
5347233204
|
support for stroke listcerts|listcacerts|listall and left|rightca=
|
2006-06-12 08:43:46 +00:00 |
Andreas Steffen
|
299dbc604f
|
gperf creates optimum hash table for stroke keywords
|
2006-06-12 08:42:32 +00:00 |
Martin Willi
|
50f98119dd
|
using same reqid if a child sa rekeys an existing one
|
2006-06-12 08:36:41 +00:00 |
Andreas Steffen
|
fec9cb332f
|
NULL string argument is treated as %any
|
2006-06-12 08:26:14 +00:00 |
Andreas Steffen
|
bc35460db7
|
add_certificate() now returns pointer to added cert
|
2006-06-12 07:57:14 +00:00 |
Andreas Steffen
|
c4a7413e72
|
cosmetics
|
2006-06-12 07:55:37 +00:00 |
Martin Willi
|
a2a3fb3e25
|
workaround for peers rekeying at the same time
loading lifetime policies from ipsec.conf
|
2006-06-12 07:33:20 +00:00 |
Martin Willi
|
695723d4e8
|
old child_sa gets deleted after rekeying
rekeying almost complete, but:
IKE_SA get in an invalid state when both initiate rekeying at the same time,
|
2006-06-09 15:12:43 +00:00 |
Andreas Steffen
|
2a13996de0
|
corrected type
|
2006-06-09 11:06:37 +00:00 |
Martin Willi
|
b543bef50c
|
improved kernel interface logging
|
2006-06-09 08:41:41 +00:00 |
Martin Willi
|
0bb32cb5f3
|
fixed clone/destroy behavior when not using CAs
|
2006-06-09 07:40:40 +00:00 |
Martin Willi
|
5c131a016b
|
specifying keysize in bits, as it is required in IKEv2
added generic kernel SA algorithm handling, which brings us:
aes-128, aes-256, blowfish, des, 3des and null encryption for CHILD_SAs
|
2006-06-09 07:31:30 +00:00 |
Andreas Steffen
|
b7f9ca5837
|
added support for leftsendcert= and left|rightca= parameters
|
2006-06-09 05:50:41 +00:00 |