144 lines
5.5 KiB
Plaintext
144 lines
5.5 KiB
Plaintext
strongSwan-4.0.0 / R:967
|
|
==========================
|
|
|
|
- removed IKEV2 ifdefs
|
|
- applied patch from andreas
|
|
- added charonstart option to config
|
|
- new ikev2 tests for UML
|
|
- applied patch from andreas
|
|
- pem loading
|
|
- secrets file parsing
|
|
- ikev2 testcase
|
|
- some other additions here and there
|
|
- connection termination is handled cleanly by name now
|
|
- fixed bad bug, certs load now cleanly again
|
|
- fixed make install (subdir order)
|
|
- fixed include path
|
|
- added missing script
|
|
- finished initial import of strongswan file tree
|
|
- removed a lot of old and unused stuff
|
|
- moved RFCs from ikev2 into doc dir
|
|
- added missing files for starter
|
|
- applied patch for charon (this time really)
|
|
- import of strongswan-2.7.0
|
|
- applied patch for charon
|
|
- renamed get_block_size of hasher
|
|
- reworked usage of IDs in various states
|
|
- using ID_ANY for any, not NULL as before
|
|
- initiator sends IDr payload in IKE_AUTH when ID unique
|
|
- fixed charon checks
|
|
- using status & statusall
|
|
- patch for 2.7.0
|
|
- add connection names to connections
|
|
- stroke status / ipsec status shows them
|
|
- added statusall for stroke
|
|
- added status by connection name
|
|
- some tests repaired, more to come
|
|
- fixed spi conversion
|
|
- improved "stroke status" output
|
|
- setup PID file after daemon initilization, to correctly inform
|
|
starter about daemon startup
|
|
- added separate implementation for connection_store, credential_store, policy_store
|
|
- added folder structure to config
|
|
- credentials are fetched solely on IDs now
|
|
- identification_t supports now almost all id types
|
|
- x509 certificates work with identification_t now
|
|
- fixes here, fixes there
|
|
- fixed doxygen build
|
|
- seperates now in lib and charon
|
|
- library initialization done at a central point (library.c)
|
|
- some leak_detective fixes
|
|
- updated Todos
|
|
- fixed log-to-syslog behavior
|
|
- added patch against strongswan-2.6.4
|
|
- x509 certificate loading with pluto asn1 code
|
|
- x509 needs a lot more attention!
|
|
- renamed some files
|
|
- using asn1 pluto stuff now
|
|
- removed, since we use pluto asn1 stuff
|
|
- leak detective is usable, but does not show static function names
|
|
- a script which gets address via ldd and resolves address via addr2line would be nice
|
|
- fixed a leak in child_sa with new detective ;-)
|
|
- some improvements to new asn1 stuff
|
|
- to be continued
|
|
- fixed bad bugs in kernel interface
|
|
- added some logging info
|
|
- works now much more stable
|
|
- startet importing pluto ASN1 stuff
|
|
- der PKCS#1 key loading works (as it did with der_decoder)
|
|
- split up in libstrong, charon, stroke, testing done
|
|
- new leak detective with malloc hook in library
|
|
- useable, but needs improvements
|
|
- logger_manager has now a single instance per library
|
|
- allows use of loggers from any linking prog
|
|
- a LOT of other things
|
|
../svn-commit.tmp
|
|
- added misssing stroke.h
|
|
- improved strokeing
|
|
- down connection
|
|
- status
|
|
- some other tweaks
|
|
- rewrote a lot of RSA stuff
|
|
- done major work for ASN1/decoder
|
|
- allow loading of ASN1 der encoded private keys, public keys and certificates
|
|
- extracting public key from certificates
|
|
- passing certificates from stroke to charon
|
|
=> basic authentication with RSA certificates works!
|
|
- starter work on asn1 with der de/encoder
|
|
- RSA private and public key can load read key from ASN1 DER
|
|
- some other fixes here and there
|
|
- rewrite of logger_manager, uses now one instance per context
|
|
- cleanups for logger here and there
|
|
- removed critical flag check in payload verification (conformance to IKEv2)
|
|
- so thats and theres everywere... ;-)
|
|
- patch for strongswan-2.6.3
|
|
- added charon support for strongswan build process
|
|
- ipsec starter supports charon startup and control
|
|
- removed old diploma thesis scripts
|
|
- some cleanups
|
|
- compatibility to strongswan, Makefile can be called by "make programs"
|
|
and "make install" (ikev2 patch must be applied to strongswan)
|
|
- first version of stroke control utility
|
|
- moved output to doc/api, since doc is used for other docs now
|
|
- some first documentation in english
|
|
- removed old eclipse project files
|
|
- works quite well now with ipsec.conf & ipsec starter
|
|
- belongs to previous commit ;-)
|
|
- reworked configuration framework completly
|
|
- configuration is now split up in: connections, policies, credentials and daemon config
|
|
- further alloc/free fixes needed!
|
|
- first attempt for connection loading and starting via "stroke"
|
|
- some improvements here and there
|
|
- configuration_manager replaced by configuration_t interface
|
|
- current configuration_manager is now static_configuration (testing)
|
|
- first draft of starter_configuration, which should once interact with ipsec starter (via whack?)
|
|
- some cleanups
|
|
- socket_t uses RAW socket, which allows parallel service of pluto/charon
|
|
- comments and cleanups
|
|
- working policy installation and removal
|
|
- fixed policy setup bug
|
|
- proposal setup implementation begun
|
|
- fixed socket code, so we know on which address we receive traffic
|
|
- AH/ESP setup in kernel is working now!!! :-)))
|
|
- installing of child sa works
|
|
- need correct IP adresses to actually use IPsec
|
|
- new RFCs of IKEv2, IKEv2 algs and IPSec arch added
|
|
- update of IKEv2 clarification document
|
|
- refactored ike proposal
|
|
- uses now proposal_t, wich is also used by child proposals
|
|
- ike key derivation refactored
|
|
- crypter_t api has get_key_size now
|
|
- some other improvements here and there
|
|
- config uses uml hosts alice and bob
|
|
- key derivation for child_sa works
|
|
- some fixes here and there
|
|
- fixed memleaks
|
|
- works with new proposal code
|
|
- still some(!) memleaks
|
|
- fixed alot of bugs in child_proposal
|
|
- near to working state ;-)
|
|
- dead end implementation
|
|
|
|
- ... there is a lot more of it, but
|
|
nothing of interest
|