tteras/strongswan/src/libtnccs/plugins, branch master

libtnccs: Correctly read dlopen_use_rtld_now option

2017-09-18T10:07:26+00:00

Fixes: 50e4aeb22f49 ("libtnccs: Optionally use RTLD_NOW to load IMC/IMVs with dlopen()")

libtnccs: Fixed memory leak of global variables in libxml2

2017-05-29T08:57:34+00:00

Change interface for enumerator_create_filter() callback

2017-05-26T11:56:44+00:00

This avoids the unportable 5 pointer hack, but requires enumerating in
the callback.

Use standard unsigned integer types

2016-03-24T17:52:48+00:00

Fix of the mutual TNC measurement use case

2016-02-16T17:00:27+00:00

If the IKEv2 initiator acting as a TNC server receives invalid TNC measurements
from the IKEv2 responder acting as a TNC clienti, the exchange of PB-TNC batches
is continued until the IKEv2 responder acting as a TNC server has also finished
its TNC measurements.

In the past if these measurements in the other direction were correct
the IKEv2 responder acting as EAP server declared the IKEv2 EAP authentication
successful and the IPsec connection was established even though the TNC
measurement verification on the EAP peer side failed.

The fix adds an "allow" group membership on each endpoint if the corresponding
TNC measurements of the peer are successful. By requiring a "allow" group
membership in the IKEv2 connection definition the IPsec connection succeeds
only if the TNC measurements on both sides are valid.

libtnccs: Optionally use RTLD_NOW to load IMC/IMVs with dlopen()

2015-11-09T13:37:08+00:00

Fixed AR identities in mutual TNC measurements case

2015-08-15T20:46:21+00:00

Fixed PB-TNC directionality debug message

2015-04-24T09:16:16+00:00

Fix years in some copyright statements

2015-04-16T07:21:00+00:00

Added tnc/tnccs-20-fail-init and tnc/tnccs-20-fail-resp scenarios

2015-03-27T19:56:44+00:00