143 lines
5.2 KiB
Plaintext
143 lines
5.2 KiB
Plaintext
strongSwan-4.0.0 / R:967
|
|
==========================
|
|
|
|
removed IKEV2 ifdefs
|
|
applied patch from andreas
|
|
added charonstart option to config
|
|
new ikev2 tests for UML
|
|
applied patch from andreas
|
|
pem loading
|
|
secrets file parsing
|
|
ikev2 testcase
|
|
some other additions here and there
|
|
connection termination is handled cleanly by name now
|
|
fixed bad bug, certs load now cleanly again
|
|
fixed make install (subdir order)
|
|
fixed include path
|
|
added missing script
|
|
finished initial import of strongswan file tree
|
|
removed a lot of old and unused stuff
|
|
moved RFCs from ikev2 into doc dir
|
|
added missing files for starter
|
|
applied patch for charon (this time really)
|
|
import of strongswan-2.7.0
|
|
applied patch for charon
|
|
renamed get_block_size of hasher
|
|
reworked usage of IDs in various states
|
|
using ID_ANY for any, not NULL as before
|
|
initiator sends IDr payload in IKE_AUTH when ID unique
|
|
fixed charon checks
|
|
using status & statusall
|
|
patch for 2.7.0
|
|
add connection names to connections
|
|
stroke status / ipsec status shows them
|
|
added statusall for stroke
|
|
added status by connection name
|
|
some tests repaired, more to come
|
|
fixed spi conversion
|
|
improved "stroke status" output
|
|
setup PID file after daemon initilization, to correctly inform
|
|
starter about daemon startup
|
|
added separate implementation for connection_store, credential_store, policy_store
|
|
added folder structure to config
|
|
credentials are fetched solely on IDs now
|
|
identification_t supports now almost all id types
|
|
x509 certificates work with identification_t now
|
|
fixes here, fixes there
|
|
fixed doxygen build
|
|
seperates now in lib and charon
|
|
library initialization done at a central point (library.c)
|
|
some leak_detective fixes
|
|
updated Todos
|
|
fixed log-to-syslog behavior
|
|
added patch against strongswan-2.6.4
|
|
x509 certificate loading with pluto asn1 code
|
|
x509 needs a lot more attention!
|
|
renamed some files
|
|
using asn1 pluto stuff now
|
|
removed, since we use pluto asn1 stuff
|
|
leak detective is usable, but does not show static function names
|
|
a script which gets address via ldd and resolves address via addr2line would be nice
|
|
fixed a leak in child_sa with new detective ;-)
|
|
some improvements to new asn1 stuff
|
|
to be continued
|
|
fixed bad bugs in kernel interface
|
|
added some logging info
|
|
works now much more stable
|
|
startet importing pluto ASN1 stuff
|
|
der PKCS#1 key loading works (as it did with der_decoder)
|
|
split up in libstrong, charon, stroke, testing done
|
|
new leak detective with malloc hook in library
|
|
useable, but needs improvements
|
|
logger_manager has now a single instance per library
|
|
allows use of loggers from any linking prog
|
|
a LOT of other things
|
|
../svn-commit.tmp
|
|
added misssing stroke.h
|
|
improved strokeing
|
|
down connection
|
|
status
|
|
some other tweaks
|
|
rewrote a lot of RSA stuff
|
|
done major work for ASN1/decoder
|
|
allow loading of ASN1 der encoded private keys, public keys and certificates
|
|
extracting public key from certificates
|
|
passing certificates from stroke to charon
|
|
=> basic authentication with RSA certificates works!
|
|
starter work on asn1 with der de/encoder
|
|
RSA private and public key can load read key from ASN1 DER
|
|
some other fixes here and there
|
|
rewrite of logger_manager, uses now one instance per context
|
|
cleanups for logger here and there
|
|
removed critical flag check in payload verification (conformance to IKEv2)
|
|
so thats and theres everywere... ;-)
|
|
patch for strongswan-2.6.3
|
|
added charon support for strongswan build process
|
|
ipsec starter supports charon startup and control
|
|
removed old diploma thesis scripts
|
|
some cleanups
|
|
compatibility to strongswan, Makefile can be called by "make programs"
|
|
and "make install" (ikev2 patch must be applied to strongswan)
|
|
first version of stroke control utility
|
|
moved output to doc/api, since doc is used for other docs now
|
|
some first documentation in english
|
|
removed old eclipse project files
|
|
works quite well now with ipsec.conf & ipsec starter
|
|
belongs to previous commit ;-)
|
|
reworked configuration framework completly
|
|
configuration is now split up in: connections, policies, credentials and daemon config
|
|
further alloc/free fixes needed!
|
|
first attempt for connection loading and starting via "stroke"
|
|
some improvements here and there
|
|
configuration_manager replaced by configuration_t interface
|
|
current configuration_manager is now static_configuration (testing)
|
|
first draft of starter_configuration, which should once interact with ipsec starter (via whack?)
|
|
some cleanups
|
|
socket_t uses RAW socket, which allows parallel service of pluto/charon
|
|
comments and cleanups
|
|
working policy installation and removal
|
|
fixed policy setup bug
|
|
proposal setup implementation begun
|
|
fixed socket code, so we know on which address we receive traffic
|
|
AH/ESP setup in kernel is working now!!! :-)))
|
|
installing of child sa works
|
|
need correct IP adresses to actually use IPsec
|
|
new RFCs of IKEv2, IKEv2 algs and IPSec arch added
|
|
update of IKEv2 clarification document
|
|
refactored ike proposal
|
|
uses now proposal_t, wich is also used by child proposals
|
|
ike key derivation refactored
|
|
crypter_t api has get_key_size now
|
|
some other improvements here and there
|
|
config uses uml hosts alice and bob
|
|
key derivation for child_sa works
|
|
some fixes here and there
|
|
fixed memleaks
|
|
works with new proposal code
|
|
still some(!) memleaks
|
|
fixed alot of bugs in child_proposal
|
|
near to working state ;-)
|
|
dead end implementation
|
|
|
|
... there is a lot more of it, but nothing of interest
|