aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * Simplify test starting and stopping logicReto Buerki2013-01-174-36/+0
| | | | | | | | | | | | | | | | | | Reduce the coupling of the different scripts. make-testing : Build the testing environment start-testing : Start switches and guests do-tests : Run tests stop-testing : Stop switches and guests
| * Use key(and password-)less SSH authenticationTobias Brunner2013-01-176-67/+18
| |
| * Adjust strongSwan version handling in HTML outputReto Buerki2013-01-174-25/+29
| |
| * Patch AVP parsing in EAP-TTLS module in FreeRADIUSTobias Brunner2013-01-172-0/+19
| |
| * Add recipes for libtnc and TNC@FHHTobias Brunner2013-01-176-3/+6750
| |
| * Copy and display host specific tcpdump.log filesTobias Brunner2013-01-171-0/+22
| |
| * Drop SHAREDTREE in favor of mounting the compile dirTobias Brunner2013-01-172-15/+4
| |
| * Patch EAP-SIM module in FreeRADIUSTobias Brunner2013-01-173-4/+45
| |
| * Don't generate do-testsTobias Brunner2013-01-172-16/+7
| |
| * Adapt test configurationsReto Buerki2013-01-17394-2576/+791
| | | | | | | | Adapt test configurations to the new Debian-based system.
| * Adapt host configurationReto Buerki2012-12-1894-24813/+680
| | | | | | | | | | Adapt the configuration of the test hosts to the new Debian-based system.
| * Add recipe for iptablesReto Buerki2012-12-181-0/+27
| |
| * Add freeradius recipeReto Buerki2012-12-181-0/+32
| |
| * Factor out building of strongswan into own MakefileReto Buerki2012-12-183-382/+117
| | | | | | | | | | Small Makefiles (recipes) are used to install software from source into the root UML image.
| * testing: Switch to Debian based guest imagesReto Buerki2012-12-1816-655/+189
| | | | | | | | | | | | | | | | | | | | Instead of extracting a downloaded Gentoo filesystem tree into a file containing a reiserfs filesystem, create an ext3 filesystem inside a sparse file, mount it and debootstrap an up-to-date Debian system. Use this image as base for all UML guest images. Also, drop support for the various consoles and use xterm unconditionally.
* | Reseed rdrand after every 128bit sample onlyMartin Willi2013-01-151-2/+2
| |
* | version bump to 5.0.2rc1Andreas Steffen2013-01-151-1/+1
| |
* | android: Properly escape apostrophes in Ukrainian translation5.0.2dr4Tobias Brunner2013-01-141-8/+8
| |
* | android: Implement kernel_net_t.get_interface via JNITobias Brunner2013-01-144-6/+92
| | | | | | | | | | | | This is now required to properly accept/install a virtual IP address. Fixes #275.
* | android: Moved chunk_from_byte_array and byte_array_from_chunk helper functionsTobias Brunner2013-01-142-24/+32
| |
* | android: Set OPENSSL_NO_CMS in Android.mk as it is not set in opensslconf.h ↵Tobias Brunner2013-01-142-0/+2
| | | | | | | | on Android
* | Properly send IKEv1 packets if no ike_cfg is known yetTobias Brunner2013-01-141-2/+5
| | | | | | | | This applies for error notifies.
* | Don't handle right=%any6 as "loose" identity, but as %anyMartin Willi2013-01-141-2/+1
| |
* | Respect given address family when resolving "%any"Martin Willi2013-01-141-1/+5
| |
* | Android.mk of libstrongswan updatedTobias Brunner2013-01-141-2/+2
| |
* | Merge branch 'ikev1-fragmentation'Tobias Brunner2013-01-1237-59/+882
|\ \ | | | | | | | | | | | | | | | | | | This adds support for the proprietary IKEv1 fragmentation extension. Conflicts: NEWS
| * | NEWS for fragmentation extension addedTobias Brunner2013-01-121-0/+4
| | | | | | | | | | | | | | | Conflicts: NEWS
| * | Added an option to configure the maximum size of a fragmentTobias Brunner2013-01-122-3/+14
| | |
| * | Properly detect fragmentation capabilitiesTobias Brunner2013-01-121-3/+27
| | | | | | | | | | | | Cisco sends 0xc0000000 so we check that part of the VID separately.
| * | Added an option that allows to force IKEv1 fragmentationTobias Brunner2013-01-1220-33/+76
| | |
| * | Use a connection specific option to en-/disable IKEv1 fragmentationTobias Brunner2012-12-2425-33/+69
| | |
| * | Include source port in init hash for fragmented messagesTobias Brunner2012-12-241-1/+8
| | |
| * | Add an option to en-/disable IKE fragmentationTobias Brunner2012-12-243-5/+25
| | | | | | | | | | | | | | | Fragments are always accepted but will not be sent if disabled. The vendor ID is only sent if the option is enabled.
| * | Split larger messages into fragments if IKE fragmentation is supported by peerTobias Brunner2012-12-241-14/+114
| | |
| * | Log message size for in- and outbound IKE messagesTobias Brunner2012-12-242-4/+7
| | |
| * | Add support to create IKE fragmentsTobias Brunner2012-12-242-0/+30
| | | | | | | | | | | | | | | All fragments currently use the same fragment ID (1) as that's what other implementations are doing.
| * | Log added NAT-T vendor IDsTobias Brunner2012-12-241-0/+1
| | |
| * | Detect a peer's support for IKE fragmentationTobias Brunner2012-12-242-0/+9
| | | | | | | | | | | | Fragments are accepted even if this vendor ID is not seen.
| * | Map fragmented initial initial Main or Aggressive Mode messages to the same ↵Tobias Brunner2012-12-241-1/+17
| | | | | | | | | | | | IKE_SA
| * | Allow ID_PROT/AGGRESSIVE messages for established IKE_SAs if they contain ↵Tobias Brunner2012-12-241-1/+2
| | | | | | | | | | | | | | | | | | | | | fragments Other implementations send fragments always in an initial message type even for transaction or quick mode exchanges.
| * | Don't handle fragmented messages larger than charon.max_packetTobias Brunner2012-12-241-4/+39
| | |
| * | Don't update an IKE_SA-entry's cached message ID when handling fragmentsTobias Brunner2012-12-241-1/+4
| | |
| * | Store inbound IKE fragments and reassemble the message when all fragments ↵Tobias Brunner2012-12-241-3/+166
| | | | | | | | | | | | are received
| * | Add message rules to properly handle IKE fragmentsTobias Brunner2012-12-241-0/+8
| | | | | | | | | | | | | | | These are sent in unencrypted messages and are the only payload contained in such messages.
| * | Reset the encrypted flag when handling IKE messages that contain a fragmentTobias Brunner2012-12-241-0/+6
| | | | | | | | | | | | | | | Racoon sets the encrypted bit for messages containing a fragment, but these messages are not really encrypted (the fragmented message is though).
| * | Payload added to handle IKE fragmentsTobias Brunner2012-12-246-11/+314
| | |
* | | Don't use bio_writer_t.skip() to write length field when appending more dataMartin Willi2013-01-112-6/+9
| | | | | | | | | | | | | | | If the writer reallocates its buffer, the length pointer might not be valid anymore, or even worse, point to an arbitrary allocation.
* | | Add rdrand NEWSMartin Willi2013-01-111-0/+3
| | |
* | | Use raw opcodes for rdrand to build with older binutilsMartin Willi2013-01-111-6/+6
| | |
* | | Provide RNG_TRUE quality in rdrand by mixing reseeded outputs using AESMartin Willi2013-01-112-8/+108
| | |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-03 08:56:33 +0000