diff options
author | Martin Willi <martin@strongswan.org> | 2006-06-13 10:00:19 +0000 |
---|---|---|
committer | Martin Willi <martin@strongswan.org> | 2006-06-13 10:00:19 +0000 |
commit | 22ff6f578f4a583495503cdecef3f73e495b5de1 (patch) | |
tree | 93b77d2182f62740087f64954466288798fc0e1a /ChangeLog | |
parent | 64f4d918987275a0065ba4f6680648ca2f5eb7de (diff) | |
download | strongswan-22ff6f578f4a583495503cdecef3f73e495b5de1.tar.bz2 strongswan-22ff6f578f4a583495503cdecef3f73e495b5de1.tar.xz |
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 269 |
1 files changed, 134 insertions, 135 deletions
@@ -1,143 +1,142 @@ strongSwan-4.0.0 / R:967 ========================== -- removed IKEV2 ifdefs -- applied patch from andreas - - added charonstart option to config - - new ikev2 tests for UML -- applied patch from andreas - - pem loading - - secrets file parsing - - ikev2 testcase - - some other additions here and there -- connection termination is handled cleanly by name now -- fixed bad bug, certs load now cleanly again -- fixed make install (subdir order) -- fixed include path -- added missing script -- finished initial import of strongswan file tree -- removed a lot of old and unused stuff -- moved RFCs from ikev2 into doc dir -- added missing files for starter -- applied patch for charon (this time really) -- import of strongswan-2.7.0 -- applied patch for charon -- renamed get_block_size of hasher -- reworked usage of IDs in various states -- using ID_ANY for any, not NULL as before -- initiator sends IDr payload in IKE_AUTH when ID unique -- fixed charon checks -- using status & statusall -- patch for 2.7.0 -- add connection names to connections -- stroke status / ipsec status shows them -- added statusall for stroke -- added status by connection name -- some tests repaired, more to come -- fixed spi conversion -- improved "stroke status" output -- setup PID file after daemon initilization, to correctly inform +removed IKEV2 ifdefs +applied patch from andreas + added charonstart option to config + new ikev2 tests for UML +applied patch from andreas + pem loading + secrets file parsing + ikev2 testcase + some other additions here and there +connection termination is handled cleanly by name now +fixed bad bug, certs load now cleanly again +fixed make install (subdir order) +fixed include path +added missing script +finished initial import of strongswan file tree +removed a lot of old and unused stuff +moved RFCs from ikev2 into doc dir +added missing files for starter +applied patch for charon (this time really) +import of strongswan-2.7.0 +applied patch for charon +renamed get_block_size of hasher +reworked usage of IDs in various states +using ID_ANY for any, not NULL as before +initiator sends IDr payload in IKE_AUTH when ID unique +fixed charon checks +using status & statusall +patch for 2.7.0 +add connection names to connections +stroke status / ipsec status shows them +added statusall for stroke +added status by connection name +some tests repaired, more to come +fixed spi conversion +improved "stroke status" output +setup PID file after daemon initilization, to correctly inform starter about daemon startup -- added separate implementation for connection_store, credential_store, policy_store -- added folder structure to config -- credentials are fetched solely on IDs now -- identification_t supports now almost all id types -- x509 certificates work with identification_t now -- fixes here, fixes there -- fixed doxygen build -- seperates now in lib and charon -- library initialization done at a central point (library.c) -- some leak_detective fixes -- updated Todos -- fixed log-to-syslog behavior -- added patch against strongswan-2.6.4 -- x509 certificate loading with pluto asn1 code -- x509 needs a lot more attention! -- renamed some files -- using asn1 pluto stuff now -- removed, since we use pluto asn1 stuff -- leak detective is usable, but does not show static function names - - a script which gets address via ldd and resolves address via addr2line would be nice -- fixed a leak in child_sa with new detective ;-) -- some improvements to new asn1 stuff -- to be continued -- fixed bad bugs in kernel interface -- added some logging info -- works now much more stable -- startet importing pluto ASN1 stuff -- der PKCS#1 key loading works (as it did with der_decoder) -- split up in libstrong, charon, stroke, testing done -- new leak detective with malloc hook in library - - useable, but needs improvements -- logger_manager has now a single instance per library - - allows use of loggers from any linking prog -- a LOT of other things +added separate implementation for connection_store, credential_store, policy_store +added folder structure to config +credentials are fetched solely on IDs now +identification_t supports now almost all id types +x509 certificates work with identification_t now +fixes here, fixes there +fixed doxygen build +seperates now in lib and charon +library initialization done at a central point (library.c) +some leak_detective fixes +updated Todos +fixed log-to-syslog behavior +added patch against strongswan-2.6.4 +x509 certificate loading with pluto asn1 code +x509 needs a lot more attention! +renamed some files +using asn1 pluto stuff now +removed, since we use pluto asn1 stuff +leak detective is usable, but does not show static function names + a script which gets address via ldd and resolves address via addr2line would be nice +fixed a leak in child_sa with new detective ;-) +some improvements to new asn1 stuff +to be continued +fixed bad bugs in kernel interface +added some logging info +works now much more stable +startet importing pluto ASN1 stuff +der PKCS#1 key loading works (as it did with der_decoder) +split up in libstrong, charon, stroke, testing done +new leak detective with malloc hook in library + useable, but needs improvements +logger_manager has now a single instance per library + allows use of loggers from any linking prog +a LOT of other things ../svn-commit.tmp -- added misssing stroke.h -- improved strokeing - - down connection - - status -- some other tweaks -- rewrote a lot of RSA stuff -- done major work for ASN1/decoder -- allow loading of ASN1 der encoded private keys, public keys and certificates -- extracting public key from certificates -- passing certificates from stroke to charon +added misssing stroke.h +improved strokeing + down connection + status +some other tweaks +rewrote a lot of RSA stuff +done major work for ASN1/decoder +allow loading of ASN1 der encoded private keys, public keys and certificates +extracting public key from certificates +passing certificates from stroke to charon => basic authentication with RSA certificates works! -- starter work on asn1 with der de/encoder -- RSA private and public key can load read key from ASN1 DER -- some other fixes here and there -- rewrite of logger_manager, uses now one instance per context -- cleanups for logger here and there -- removed critical flag check in payload verification (conformance to IKEv2) -- so thats and theres everywere... ;-) -- patch for strongswan-2.6.3 -- added charon support for strongswan build process -- ipsec starter supports charon startup and control -- removed old diploma thesis scripts -- some cleanups -- compatibility to strongswan, Makefile can be called by "make programs" +starter work on asn1 with der de/encoder +RSA private and public key can load read key from ASN1 DER +some other fixes here and there +rewrite of logger_manager, uses now one instance per context +cleanups for logger here and there +removed critical flag check in payload verification (conformance to IKEv2) +so thats and theres everywere... ;-) +patch for strongswan-2.6.3 +added charon support for strongswan build process +ipsec starter supports charon startup and control +removed old diploma thesis scripts +some cleanups +compatibility to strongswan, Makefile can be called by "make programs" and "make install" (ikev2 patch must be applied to strongswan) -- first version of stroke control utility -- moved output to doc/api, since doc is used for other docs now -- some first documentation in english -- removed old eclipse project files -- works quite well now with ipsec.conf & ipsec starter -- belongs to previous commit ;-) -- reworked configuration framework completly -- configuration is now split up in: connections, policies, credentials and daemon config -- further alloc/free fixes needed! -- first attempt for connection loading and starting via "stroke" -- some improvements here and there -- configuration_manager replaced by configuration_t interface -- current configuration_manager is now static_configuration (testing) -- first draft of starter_configuration, which should once interact with ipsec starter (via whack?) -- some cleanups -- socket_t uses RAW socket, which allows parallel service of pluto/charon -- comments and cleanups -- working policy installation and removal -- fixed policy setup bug -- proposal setup implementation begun -- fixed socket code, so we know on which address we receive traffic -- AH/ESP setup in kernel is working now!!! :-))) -- installing of child sa works -- need correct IP adresses to actually use IPsec -- new RFCs of IKEv2, IKEv2 algs and IPSec arch added -- update of IKEv2 clarification document -- refactored ike proposal -- uses now proposal_t, wich is also used by child proposals -- ike key derivation refactored -- crypter_t api has get_key_size now -- some other improvements here and there -- config uses uml hosts alice and bob -- key derivation for child_sa works -- some fixes here and there -- fixed memleaks -- works with new proposal code -- still some(!) memleaks -- fixed alot of bugs in child_proposal -- near to working state ;-) -- dead end implementation +first version of stroke control utility +moved output to doc/api, since doc is used for other docs now +some first documentation in english +removed old eclipse project files +works quite well now with ipsec.conf & ipsec starter +belongs to previous commit ;-) +reworked configuration framework completly +configuration is now split up in: connections, policies, credentials and daemon config +further alloc/free fixes needed! +first attempt for connection loading and starting via "stroke" +some improvements here and there +configuration_manager replaced by configuration_t interface +current configuration_manager is now static_configuration (testing) +first draft of starter_configuration, which should once interact with ipsec starter (via whack?) +some cleanups +socket_t uses RAW socket, which allows parallel service of pluto/charon +comments and cleanups +working policy installation and removal +fixed policy setup bug +proposal setup implementation begun +fixed socket code, so we know on which address we receive traffic +AH/ESP setup in kernel is working now!!! :-))) +installing of child sa works +need correct IP adresses to actually use IPsec +new RFCs of IKEv2, IKEv2 algs and IPSec arch added +update of IKEv2 clarification document +refactored ike proposal +uses now proposal_t, wich is also used by child proposals +ike key derivation refactored +crypter_t api has get_key_size now +some other improvements here and there +config uses uml hosts alice and bob +key derivation for child_sa works +some fixes here and there +fixed memleaks +works with new proposal code +still some(!) memleaks +fixed alot of bugs in child_proposal +near to working state ;-) +dead end implementation -- ... there is a lot more of it, but - nothing of interest +... there is a lot more of it, but nothing of interest |