aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* | | exit if TBOOT dummy measurements are not definedAndreas Steffen2012-04-221-0/+5
| | |
* | | Option added to set identifier for syslog(3) logging.Tobias Brunner2012-04-202-1/+15
| | | | | | | | | | | | This identifier is added to each log message by syslog.
* | | Removed auth_cfg_t.replace_value() and replaced usages with add().Tobias Brunner2012-04-185-93/+39
| | | | | | | | | | | | | | | replace_value() was used to replace identities. Since for these the latest is now returned by get(), adding the new identity with add() is sufficient.
* | | Changed the order and semantics of rules we expect only once in auth_cfg_t.Tobias Brunner2012-04-182-114/+212
| | | | | | | | | | | | | | | | | | | | | These rules are now inserted at the front of the internal list, this allows to retrieve the rule added last with get(). For other rules the order in which they are added is maintained (this allows to properly enumerate them).
* | | Store password with remote ID to tie it stronger to a specific connection.Tobias Brunner2012-04-181-12/+50
| | |
* | | Added stroke user-creds command, to set username/password for a connection.Tobias Brunner2012-04-177-2/+204
| | |
* | | Added method to add additional shared secrets to stroke_cred_t.Tobias Brunner2012-04-172-2/+20
| | |
* | | Additional prompt keyword added to stroke.Tobias Brunner2012-04-171-1/+3
| | |
* | | Typo fixed.Tobias Brunner2012-04-171-1/+1
| | |
* | | Keep COOKIEs enabled once threshold is hit, until we see no COOKIEs for a ↵Martin Willi2012-04-171-5/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | few secs Toggling COOKIEs on/off is problematic: After doing a COOKIE exchange as initiator, we can't know if the completing IKE_SA_INIT message is to our first request or the one with the COOKIE. If the responder just enabled/disabled COOKIEs and packets get retransmitted, both might be true. Avoiding COOKIE behavior toggling improves the situation, but does not solve the problem during the initial COOKIE activation.
* | | Added a note about DH/keymat lifecycle for custom implementationsMartin Willi2012-04-171-1/+6
| | |
* | | Reuse existing DH value when retrying IKE_SA_INIT with a COOKIEMartin Willi2012-04-171-2/+5
| | |
* | | Use IP address as ID as responder if not configured or no IDr received.Tobias Brunner2012-04-161-3/+11
| | |
* | | Fall back on IP address as IDi if none is configured at all.Tobias Brunner2012-04-161-7/+7
| | |
* | | Use auth_cfg_t.replace_value where appropriate.Tobias Brunner2012-04-162-26/+5
| | |
* | | Added a simple method to replace the value of a rule in auth_cfg_t.Tobias Brunner2012-04-162-32/+74
| | |
* | | Fixed IDi in case neither left nor leftid is configured.Tobias Brunner2012-04-161-0/+21
| | |
* | | fixed parsing of port ranges in Scanner IMVAndreas Steffen2012-04-151-4/+4
| | |
* | | Typo fixed in NEWS.Tobias Brunner2012-04-141-1/+1
| | |
* | | Don't invoke child_updown hook twice as responderMartin Willi2012-04-111-3/+8
| | |
* | | Accept zero-length certificate request payloadsMartin Willi2012-04-111-2/+1
| | |
* | | Properly initialize src in ike_sa_t.is_any_path_valid().Tobias Brunner2012-04-061-1/+1
| | |
* | | checksum need a libradius_init() symbolAndreas Steffen2012-04-052-0/+13
| | |
* | | version bump to 4.6.3rc1Andreas Steffen2012-04-051-1/+1
| | |
* | | remove leading zero in ASN.1 encoded serial numbersAndreas Steffen2012-04-056-12/+14
| | |
* | | ASN.1 two's complement encoding prevents overflow in CRL serial numberAndreas Steffen2012-04-041-10/+18
| | |
* | | Make AES-CMAC actually usable for IKEv2.Tobias Brunner2012-04-042-0/+6
| | |
* | | represent 0 as a single byteAndreas Steffen2012-04-031-5/+1
| | |
* | | moved chunk_skip_zero to chunk.hAndreas Steffen2012-04-033-19/+21
| | |
* | | added IKEv2 Generic Secure Password Authentication MethodAndreas Steffen2012-04-032-3/+10
| | |
* | | added IKEv2 Generic Secure Password Authentication MethodAndreas Steffen2012-04-032-6/+17
| | |
* | | added GSPM IKEv2 payloadAndreas Steffen2012-04-032-8/+20
| | |
* | | fixed typoAndreas Steffen2012-04-031-2/+2
| | |
* | | Doxygen fixes.Tobias Brunner2012-04-032-2/+2
| | |
* | | Added NEWS about cmac plugin.Tobias Brunner2012-04-031-0/+3
| | |
* | | Added test vectors for AES-CMAC.Tobias Brunner2012-04-033-0/+153
| | |
* | | Implemented AES-CMAC based PRF and signer.Tobias Brunner2012-04-0311-0/+926
| | | | | | | | | | | | | | | | | | The cmac plugin implements AES-CMAC as defined in RFC 4493 and the signer and PRF based on it as defined in RFC 4494 and RFC 4615, respectively.
* | | Fixed GNU license header in hmac and xcbc plugins.Tobias Brunner2012-04-032-4/+4
| | |
* | | More detailed NEWS about RADIUS extensionsMartin Willi2012-04-021-2/+9
| | |
* | | updated supported EAP methodsAndreas Steffen2012-03-301-5/+14
| | |
* | | Add support for dnQualifier in DNs.Tobias Brunner2012-03-293-1/+6
| | |
* | | remove leading zeros in ASN.1 encoded serial numbersAndreas Steffen2012-03-271-2/+22
| | |
* | | Added NEWS about resolvconf support.Tobias Brunner2012-03-271-0/+2
| | |
* | | Make resolvconf interface prefix configurable.Tobias Brunner2012-03-272-2/+16
| | |
* | | Added support for the resolvconf framework in resolve plugin.Tobias Brunner2012-03-271-52/+149
| | | | | | | | | | | | | | | If /sbin/resolvconf is found nameservers are not written directly to /etc/resolv.conf but instead resolvconf is invoked.
* | | Don't cast second argument of mem_printf_hook (%b) to size_t.Tobias Brunner2012-03-279-19/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also treat the given number as unsigned int. Due to the printf hook registration the second argument of mem_printf_hook (if called via printf etc.) is always of type int*. Casting this to a size_t pointer and then dereferencing that as int does not work on big endian machines if int is smaller than size_t (e.g. on ppc64). In order to make this change work if the argument is of a type larger than int, size_t for instance, the second argument for %b has to be casted to (u_)int.
* | | smp: Use proper signed type to get return value of read(2).Tobias Brunner2012-03-271-1/+1
| | |
* | | pluto: Use time_monotonic() instead of a custom implementation.Tobias Brunner2012-03-271-12/+1
| | |
* | | Don't include individual glib headers in nm plugin.Tobias Brunner2012-03-261-1/+1
| | | | | | | | | | | | | | | Expections are glib/gi18n.h, glib/gi18n-lib.h, glib/gprintf.h and glib/gstdio.h.
* | | fixed parsing of IF-MAP SOAP responsesAndreas Steffen2012-03-211-35/+30
|/ /
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-23 20:05:45 +0000