aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Migrated EAP-TTLS to the generic TLS helperMartin Willi2010-08-311-281/+21
|
* Migrated EAP-TLS to the generic TLS helperMartin Willi2010-08-311-272/+19
|
* Implemented a generic TLS EAP helper to implement EAP-TLS, TTLS and other ↵Martin Willi2010-08-313-0/+415
| | | | variants
* Support output fragmentation of TLS recordsMartin Willi2010-08-315-52/+123
|
* Moved EAP type/code definitions to a seprate header file in libstrongswanMartin Willi2010-08-319-179/+228
|
* Implemented buffering of partial records in TLS stackMartin Willi2010-08-311-15/+65
|
* Log TLS handshake subtypes as handshakesMartin Willi2010-08-311-5/+5
|
* Added a TLS debug level option, use debugging hookMartin Willi2010-08-311-13/+38
|
* Do not strdup() zero length strings in identification_create_from_string()Martin Willi2010-08-311-4/+20
|
* Corrected some URLs.Tobias Brunner2010-08-313-3/+3
|
* Enable the generation of unencrypted messages (e.g. ME connectivity checks).Tobias Brunner2010-08-301-9/+10
|
* fixed typosAndreas Steffen2010-08-301-7/+7
|
* fixed copy-and-paste errorsAndreas Steffen2010-08-302-2/+2
|
* created an eap-tnc method hullAndreas Steffen2010-08-309-0/+373
|
* for the time being assume a single request/response exchange for a given EAP ↵Andreas Steffen2010-08-301-2/+3
| | | | method
* Port floating patch partially reversed.Tobias Brunner2010-08-302-12/+8
| | | | | | If MOBIKE is enabled, we do have to switch to port 4500 with the IKE_AUTH request, that is, before we know whether the other peer actually supports MOBIKE or not.
* Slightly refactored port floating.Tobias Brunner2010-08-305-35/+39
| | | | In case of MOBIKE, only float to port 4500 if the other peer actually supports MOBIKE.
* defined EAP-TNCAndreas Steffen2010-08-302-2/+8
|
* Unwrap crlNumber INTEGER in openssl CRL parsingMartin Willi2010-08-301-4/+13
|
* Added crl support to pki --printMartin Willi2010-08-301-7/+52
|
* Typo in doxygen comment fixed.Tobias Brunner2010-08-301-1/+1
|
* Fixed ME after introduction of AEAD wrapper.Tobias Brunner2010-08-301-1/+1
|
* Fixed pluto smartcard support after introducing encryption schemesMartin Willi2010-08-301-2/+2
|
* replaced ikev2/esp-alg-aes-ctr by ikev2/alg-aes-ctrAndreas Steffen2010-08-2910-9/+12
|
* added ctr ccm and gcm plugins to ikev2/rw-cert scenarioAndreas Steffen2010-08-293-3/+3
|
* added ctr ccm and gcm plugins to openssl-ikev2/rw-cert scenarioAndreas Steffen2010-08-293-3/+3
|
* added ctr ccm and gcm plugins to gcrypt-ikev2/rw-cert scenarioAndreas Steffen2010-08-293-3/+3
|
* replaced ikev2/esp-alg-aes-gcm by ikev2/alg-aes-gcmAndreas Steffen2010-08-2910-11/+14
|
* replaced ikev2/esp-alg-aes-ccm by ikev2/alg-aes-ccmAndreas Steffen2010-08-2910-11/+13
|
* Win7 might send up to 7k of certificate requestsAndreas Steffen2010-08-273-3/+3
|
* Fixed documentation of XAUTH in ipsec.secrets.Tobias Brunner2010-08-261-3/+3
|
* Prefer AES/Camellia suites over 3DES/NULL encryptionMartin Willi2010-08-251-16/+16
|
* Send TLS alerts for errors in TLS handshake buildingMartin Willi2010-08-253-0/+12
|
* Refactored fragment building, use correct TLS content type for non-first ↵Martin Willi2010-08-251-67/+82
| | | | fragments
* Update delete_payload length when adding SPIsMartin Willi2010-08-251-0/+1
|
* Migrated delete_payload to INIT/METHOD macros, replaced iteratorMartin Willi2010-08-253-130/+108
|
* Use different return values in payload decryption to distinguish between ↵Martin Willi2010-08-253-12/+16
| | | | integrity and syntax errors
* Implemented a TLS utility to test on any TLS secured TCP connectionMartin Willi2010-08-254-4/+334
|
* Added a simple high level TLS wrapper for socketsMartin Willi2010-08-254-0/+290
|
* Initialize output chunk before appending data to itMartin Willi2010-08-251-0/+1
|
* Added private key support to in-memory credential setMartin Willi2010-08-252-1/+77
|
* Added certificate support to in-memory credential setMartin Willi2010-08-252-2/+121
|
* Check if colliding rekey actually created an IKE_INITThomas Egerer2010-08-251-37/+42
| | | | | | In some cases (especially if a child is half-open) the colliding rekey-job might not have created the ike_init member. If so, the nonce check fails with SIGSEGV.
* Added a ike_name logger option to prefix the IKE_SA name on each lineMartin Willi2010-08-255-19/+69
|
* removed tls_record_t definitionAndreas Steffen2010-08-241-10/+0
|
* Pass NULL peer identity to omit TLS peer authentication, added ↵Martin Willi2010-08-247-49/+36
| | | | eap-ttls.request_peer_auth option
* Skip the close notify if application layer completes successfullyMartin Willi2010-08-242-4/+11
|
* added ikev2/rw-eap-tls-fragments scenarioAndreas Steffen2010-08-2424-0/+119
|
* use correct network diagramAndreas Steffen2010-08-241-2/+2
|
* support fragmentation in AVPsAndreas Steffen2010-08-243-21/+118
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-16 05:57:07 +0000