aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* | | Added method to add additional shared secrets to stroke_cred_t.Tobias Brunner2012-04-172-2/+20
| | |
* | | Additional prompt keyword added to stroke.Tobias Brunner2012-04-171-1/+3
| | |
* | | Typo fixed.Tobias Brunner2012-04-171-1/+1
| | |
* | | Keep COOKIEs enabled once threshold is hit, until we see no COOKIEs for a ↵Martin Willi2012-04-171-5/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | few secs Toggling COOKIEs on/off is problematic: After doing a COOKIE exchange as initiator, we can't know if the completing IKE_SA_INIT message is to our first request or the one with the COOKIE. If the responder just enabled/disabled COOKIEs and packets get retransmitted, both might be true. Avoiding COOKIE behavior toggling improves the situation, but does not solve the problem during the initial COOKIE activation.
* | | Added a note about DH/keymat lifecycle for custom implementationsMartin Willi2012-04-171-1/+6
| | |
* | | Reuse existing DH value when retrying IKE_SA_INIT with a COOKIEMartin Willi2012-04-171-2/+5
| | |
* | | Use IP address as ID as responder if not configured or no IDr received.Tobias Brunner2012-04-161-3/+11
| | |
* | | Fall back on IP address as IDi if none is configured at all.Tobias Brunner2012-04-161-7/+7
| | |
* | | Use auth_cfg_t.replace_value where appropriate.Tobias Brunner2012-04-162-26/+5
| | |
* | | Added a simple method to replace the value of a rule in auth_cfg_t.Tobias Brunner2012-04-162-32/+74
| | |
* | | Fixed IDi in case neither left nor leftid is configured.Tobias Brunner2012-04-161-0/+21
| | |
* | | fixed parsing of port ranges in Scanner IMVAndreas Steffen2012-04-151-4/+4
| | |
* | | Typo fixed in NEWS.Tobias Brunner2012-04-141-1/+1
| | |
* | | Don't invoke child_updown hook twice as responderMartin Willi2012-04-111-3/+8
| | |
* | | Accept zero-length certificate request payloadsMartin Willi2012-04-111-2/+1
| | |
* | | Properly initialize src in ike_sa_t.is_any_path_valid().Tobias Brunner2012-04-061-1/+1
| | |
* | | checksum need a libradius_init() symbolAndreas Steffen2012-04-052-0/+13
| | |
* | | version bump to 4.6.3rc1Andreas Steffen2012-04-051-1/+1
| | |
* | | remove leading zero in ASN.1 encoded serial numbersAndreas Steffen2012-04-056-12/+14
| | |
* | | ASN.1 two's complement encoding prevents overflow in CRL serial numberAndreas Steffen2012-04-041-10/+18
| | |
* | | Make AES-CMAC actually usable for IKEv2.Tobias Brunner2012-04-042-0/+6
| | |
* | | represent 0 as a single byteAndreas Steffen2012-04-031-5/+1
| | |
* | | moved chunk_skip_zero to chunk.hAndreas Steffen2012-04-033-19/+21
| | |
* | | added IKEv2 Generic Secure Password Authentication MethodAndreas Steffen2012-04-032-3/+10
| | |
* | | added IKEv2 Generic Secure Password Authentication MethodAndreas Steffen2012-04-032-6/+17
| | |
* | | added GSPM IKEv2 payloadAndreas Steffen2012-04-032-8/+20
| | |
* | | fixed typoAndreas Steffen2012-04-031-2/+2
| | |
* | | Doxygen fixes.Tobias Brunner2012-04-032-2/+2
| | |
* | | Added NEWS about cmac plugin.Tobias Brunner2012-04-031-0/+3
| | |
* | | Added test vectors for AES-CMAC.Tobias Brunner2012-04-033-0/+153
| | |
* | | Implemented AES-CMAC based PRF and signer.Tobias Brunner2012-04-0311-0/+926
| | | | | | | | | | | | | | | | | | The cmac plugin implements AES-CMAC as defined in RFC 4493 and the signer and PRF based on it as defined in RFC 4494 and RFC 4615, respectively.
* | | Fixed GNU license header in hmac and xcbc plugins.Tobias Brunner2012-04-032-4/+4
| | |
* | | More detailed NEWS about RADIUS extensionsMartin Willi2012-04-021-2/+9
| | |
* | | updated supported EAP methodsAndreas Steffen2012-03-301-5/+14
| | |
* | | Add support for dnQualifier in DNs.Tobias Brunner2012-03-293-1/+6
| | |
* | | remove leading zeros in ASN.1 encoded serial numbersAndreas Steffen2012-03-271-2/+22
| | |
* | | Added NEWS about resolvconf support.Tobias Brunner2012-03-271-0/+2
| | |
* | | Make resolvconf interface prefix configurable.Tobias Brunner2012-03-272-2/+16
| | |
* | | Added support for the resolvconf framework in resolve plugin.Tobias Brunner2012-03-271-52/+149
| | | | | | | | | | | | | | | If /sbin/resolvconf is found nameservers are not written directly to /etc/resolv.conf but instead resolvconf is invoked.
* | | Don't cast second argument of mem_printf_hook (%b) to size_t.Tobias Brunner2012-03-279-19/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also treat the given number as unsigned int. Due to the printf hook registration the second argument of mem_printf_hook (if called via printf etc.) is always of type int*. Casting this to a size_t pointer and then dereferencing that as int does not work on big endian machines if int is smaller than size_t (e.g. on ppc64). In order to make this change work if the argument is of a type larger than int, size_t for instance, the second argument for %b has to be casted to (u_)int.
* | | smp: Use proper signed type to get return value of read(2).Tobias Brunner2012-03-271-1/+1
| | |
* | | pluto: Use time_monotonic() instead of a custom implementation.Tobias Brunner2012-03-271-12/+1
| | |
* | | Don't include individual glib headers in nm plugin.Tobias Brunner2012-03-261-1/+1
| | | | | | | | | | | | | | | Expections are glib/gi18n.h, glib/gi18n-lib.h, glib/gprintf.h and glib/gstdio.h.
* | | fixed parsing of IF-MAP SOAP responsesAndreas Steffen2012-03-211-35/+30
|/ /
* | corrected descriptionAndreas Steffen2012-03-171-1/+1
| |
* | added ikev2/esp-alg-sha1-160 scenarioAndreas Steffen2012-03-179-0/+103
| |
* | added ikev2/esp-alg-md5-128 scenarioAndreas Steffen2012-03-179-0/+103
| |
* | version bump to 4.6.3dr2Andreas Steffen2012-03-161-1/+1
| |
* | added the strongswan.conf options of the tnc-pdp pluginAndreas Steffen2012-03-162-1/+13
| |
* | keep a copy of refreshed carolCert-ocsp.pemAndreas Steffen2012-03-151-0/+95
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-24 15:13:01 +0000