aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* starter: Parse left|rightprotoport directly in confread.c.Tobias Brunner2012-06-113-6/+53
|
* starter: No special handling for left|rightsubnet, just pass it on as string.Tobias Brunner2012-06-114-39/+1
|
* starter: Use host_t to parse left|rightsourceip.Tobias Brunner2012-06-111-18/+17
| | | | Also for the yet unused natip option.
* starter: Remove left|rightsubnetwithin option (charon narrows ↵Tobias Brunner2012-06-116-25/+0
| | | | left|rightsubnet down accordingly).
* starter: Don't resolve any addresses in starter.Tobias Brunner2012-06-116-129/+10
| | | | Also removed remains of some unknown iface option.
* starter: Removed pfs and pfsgroup options (handled via esp option).Tobias Brunner2012-06-115-28/+2
|
* starter: Store mode of the IPsec SA/policy in a separate member.Tobias Brunner2012-06-114-51/+32
|
* starter: Use custom type to mark seen keywords.Tobias Brunner2012-06-113-23/+27
|
* starter: Remove left|rightnexthop option.Tobias Brunner2012-06-116-26/+0
| | | | Charon does this lookup dynamically.
* Implement strdupnull() macro as static inline function.Tobias Brunner2012-06-111-1/+4
| | | | This avoids compiler warnings if the argument is a const char*.
* starter: Replaced all usages of clone_str() with strdupnull().Tobias Brunner2012-06-113-19/+19
|
* starter: Parse authby as string.Tobias Brunner2012-06-114-61/+29
|
* starter: Remove main parts of pluto support (invoke, whack).Tobias Brunner2012-06-117-966/+47
|
* starter: Drop support for %defaultroute.Tobias Brunner2012-06-1110-352/+16
|
* starter: Migrated logging to libstrongswan.Tobias Brunner2012-06-1114-550/+285
|
* starter: Remove unneeded starter_exec function.Tobias Brunner2012-06-115-78/+4
|
* scepclient: Option added to read PKCS#10 certificate request from a file.Tobias Brunner2012-06-112-11/+30
|
* scepclient: Option added to read self-signed certificate from a file.Tobias Brunner2012-06-112-21/+53
|
* scepclient: Generate uppercase transaction ID.Tobias Brunner2012-06-111-1/+1
|
* scepclient: Use HTTP 1.0 for all requests.Tobias Brunner2012-06-111-0/+2
|
* scepclient: Options added to specify digest/signature algorithms.Tobias Brunner2012-06-112-27/+92
| | | | | Also changed the defaults to DES/MD5 as that's what should be used if GetCACaps is not used to learn the issuers capabilities.
* Added function to convert integrity algorithms to hash algorithms (if based ↵Tobias Brunner2012-06-112-4/+50
| | | | on one).
* Properly encode 0 in ASN.1.Tobias Brunner2012-06-111-10/+7
| | | | | According to X.690 an INTEGER object always has at least one content octet.
* Don't use chunk_skip() in asn1_length().Tobias Brunner2012-06-111-1/+2
| | | | | | | | chunk_skip() returns chunk_empty if the length of the chunk is equal to the number of bytes to skip, this is problematic as asn1_length() modifies the original chunk. asn1_parser_t for instance uses the modified chunk to later calculate the length of the resulting ASN.1 object which produces incorrect results if it is based on chunk_empty.
* Changed memory management and call logic in PKCS#7 parser/generator.Tobias Brunner2012-06-112-85/+86
|
* Changed memory management and attribute handling in PKCS#9 wrapper.Tobias Brunner2012-06-113-112/+40
|
* scepclient: Also number CA certificates in case there is more than one.Tobias Brunner2012-06-112-14/+51
| | | | Also, only number them if there are multiple certificates.
* scepclient: Store received RA certificates, using CA cert name as base.Tobias Brunner2012-06-111-5/+67
|
* scepclient: Use pkcs7_t and pkcs9_t, remove all dependencies to ↵Tobias Brunner2012-06-114-289/+119
| | | | pluto/libfreeswan.
* Added get_attributes() method to pkcs7_t.Tobias Brunner2012-06-112-1/+15
|
* scepclient: Local generation of file names.Tobias Brunner2012-06-111-10/+48
|
* scepclient: Replaced usages of datatot().Tobias Brunner2012-06-111-6/+6
|
* scepclient: Migrated logging to libstrongswan.Tobias Brunner2012-06-115-513/+147
|
* Log group added for applications other than daemons.Tobias Brunner2012-06-112-0/+4
|
* scepclient: Some code cleanup.Tobias Brunner2012-06-113-335/+319
|
* Updated PKCS#7 parser/generator in libstrongswan.Tobias Brunner2012-06-114-201/+226
| | | | | Added some functionality from pluto's version, updated usage of asn1 and crypto primitives. It does compile but is not really tested yet.
* added missing parameter in get_my_addr() and get_other_addr() callsAndreas Steffen2012-06-091-2/+4
|
* version bump to 5.0.0rc1Andreas Steffen2012-06-091-1/+1
|
* added ikev1/dynamic scenarios using allow-anyAndreas Steffen2012-06-0840-0/+676
|
* removed whitespaceAndreas Steffen2012-06-082-2/+2
|
* added ikev2/dynamic-two-peers scenarioAndreas Steffen2012-06-0812-0/+239
|
* added ikev2/dynamic-responder scenarioAndreas Steffen2012-06-0814-0/+219
|
* added ikev2/dynamic-initiator scenarioAndreas Steffen2012-06-0814-0/+218
|
* implemented the right|leftallowany featureAndreas Steffen2012-06-0819-77/+137
|
* Enforce uniqueness policy in IKEv1 main and aggressive modesMartin Willi2012-06-082-0/+29
|
* starter: Go back to single threaded mode.Tobias Brunner2012-06-082-22/+7
| | | | | Mixing multiple threads and fork(2) wasn't a very good idea it seems. At least in some environments this caused strange side-effects.
* Disabled listening for kernel events in starter.Tobias Brunner2012-06-084-74/+110
|
* Try to rekey without KE exchange if peer returns INVALID_KE_PAYLOAD(NONE)Martin Willi2012-06-081-1/+8
| | | | | | According to RFC5996, implementations should just ignore the KE payload if they select a non-PFS proposals. Some implementations don't, but return MODP_NONE in INVALID_KE_PAYLOAD, hence we accept that, too.
* While checking for redundant quick modes, compare traffic selectorsMartin Willi2012-06-081-0/+22
| | | | | If a configuration is instanced more than once using narrowing, we should keep all unique quick modes up during rekeying.
* Store shorter soft lifetime of in- and outbound SAs onlyMartin Willi2012-06-081-1/+8
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-23 20:07:28 +0000