aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* kernel-netlink: add outer addresses to policy when using BEET modeMichael Rossberg2013-05-241-1/+1
|
* openssl: add support for IP addr blocks in X.509 certificatesMichael Rossberg2013-05-241-1/+115
|
* Make plugins in standalone libimcv configurableAndreas Steffen2013-05-241-1/+2
|
* host-resolver: don't try to resolve a plain v4 address to an IPv6 addressVolker Rümelin2013-05-161-3/+17
| | | | | Suppress 'Address family for hostname not supported' errors if a IPv6 client connects in a mixed IPv4/IPv6 environment.
* traffic-selector: inet_pton is successful only if it returns 1Martin Willi2013-05-161-23/+17
|
* updown: pass IKE_SA unique ID in PLUTO_UNIQUEIDEmanuil Hristov2013-05-162-1/+5
|
* capabilities: leak-detective using dlsym() does not need CAP_SYS_NICE anymoreMartin Willi2013-05-151-6/+0
|
* capabilities: initialize supplementary groups only when doing a setuid()Martin Willi2013-05-151-1/+1
|
* af-alg: fix number of signers after adding untruncated HMAC-SHA-512 (1f2a34d6)Martin Willi2013-05-151-1/+1
|
* Raise LOCAL_AUTH_FAILED alert after receiving AUTHENTICATION_FAILUREMartin Willi2013-05-152-1/+2
|
* testing: Set terminal title when logging in via SSHTobias Brunner2013-05-151-0/+11
| | | | | Since we always log in as root use a simpler command prompt. And don't store duplicate commands in the bash command history.
* openssl: Only warn about unavailable FIPS mode if the user requested itTobias Brunner2013-05-081-1/+1
|
* Merge branch 'charon-cmd-pkcs12'Tobias Brunner2013-05-0855-556/+3465
|\ | | | | | | | | | | Adds support for PKCS#12 files in charon-cmd and ipsec.secrets. Also fixes the cleanup of the OpenSSL library in the openssl plugin.
| * stroke: Add second password if providedTobias Brunner2013-05-081-0/+13
| |
| * Load pkcs7 plugin in charon (and while we are at it in nm)Tobias Brunner2013-05-081-1/+1
| |
| * stroke: Fail silently if another builder calls PW callback after giving upTobias Brunner2013-05-081-9/+14
| | | | | | | | Also reduced the number of tries to 3.
| * stroke: Cache passwords so the user is not prompted multiple times for the ↵Tobias Brunner2013-05-081-1/+13
| | | | | | | | | | | | | | | | | | | | same password To verify/decrypt a PKCS#12 container a password might be needed multiple times. If it was entered correctly we don't want to bother the user again with another password prompt. The passwords for MAC creation and encryption could be different so the user might be prompted multiple times after all.
| * stroke: Fix prompt and error messages in passphrase callbackTobias Brunner2013-05-081-11/+13
| |
| * stroke: Load credentials from PKCS#12 files (P12 token)Tobias Brunner2013-05-082-19/+109
| |
| * openssl: Cleanup thread specific error bufferTobias Brunner2013-05-081-5/+38
| |
| * openssl: Don't use deprecated CRYPTO_set_id_callback() with OpenSSL >= 1.0.0Tobias Brunner2013-05-081-17/+29
| |
| * openssl: Add PKCS#12 parsing via OpenSSLTobias Brunner2013-05-084-0/+307
| |
| * openssl: Properly cleanup OpenSSL libraryTobias Brunner2013-05-082-9/+7
| |
| * charon-cmd: Add support for PKCS#12 filesTobias Brunner2013-05-085-3/+54
| |
| * PEM plugin loads PKCS#12 containers from (DER-encoded) filesTobias Brunner2013-05-083-0/+24
| | | | | | | | | | It is not actually able to handle PEM encoded PKCS#12 files produced by OpenSSL.
| * Remove pluto specific certificate typesTobias Brunner2013-05-083-14/+1
| |
| * charon-cmd: match_me/match_other are optional in callback credentialsTobias Brunner2013-05-081-1/+8
| |
| * charon-cmd: Request password for private keysTobias Brunner2013-05-081-0/+3
| |
| * Add support for untruncated HMAC-SHA-512Tobias Brunner2013-05-085-1/+13
| |
| * Also support 128-bit RC2Tobias Brunner2013-05-081-1/+2
| |
| * Add pkcs12 plugin which adds support for decoding PKCS#12 containersTobias Brunner2013-05-0811-2/+808
| |
| * Function added to convert a hash algorithm to an HMAC integrity algorithmTobias Brunner2013-05-082-0/+77
| |
| * Support the PKCS#5/PKCS#12 encryption scheme used by OpenSSL for private keysTobias Brunner2013-05-081-0/+6
| |
| * Register PKCS#8 builder for KEY_ANYTobias Brunner2013-05-081-0/+1
| |
| * Add support for PKCS#7/CMS encrypted-dataTobias Brunner2013-05-086-5/+267
| |
| * Move PKCS#12 key derivation to a separate fileTobias Brunner2013-05-085-147/+238
| |
| * PKCS#5 wrapper can decrypt PKCS#12-like schemesTobias Brunner2013-05-082-4/+180
| |
| * Add test vectors for RC2Tobias Brunner2013-05-083-0/+118
| |
| * Fix cleanup in crypto_tester if a crypter failsTobias Brunner2013-05-081-1/+4
| |
| * Add implementation of the RC2 block cipher (RFC 2268)Tobias Brunner2013-05-089-4/+559
| |
| * Extract function to convert ASN.1 INTEGER object to u_int64_tTobias Brunner2013-05-083-23/+28
| |
| * Extract PKCS#5 handling from pkcs8 plugin to separate helper classTobias Brunner2013-05-085-458/+710
|/
* Merge branch 'charon-cmd-agent'Tobias Brunner2013-05-0831-117/+593
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds support for authentication via ssh-agent to charon-cmd (RSA and ECDSA keys are currently supported). The new sshkey plugin parses SSH public keys in RFC 4253 format. SSH public keys can be configured with the left|rightsigkey ipsec.conf option, which replaces left|rightrsasigkey and takes a public key in one of three formats: SSH (RFC 4253, ssh: prefix), DNSKEY (RFC 3110, dns: prefix, not the full RR, only the actual RSA key), or PKCS#1 (the default, no prefix). As before the keys are either encoded in hex (0x) or base64 (0s). left|rightsigkey also accepts the path to a file containing a PEM or DER encoded public key.
| * charon-cmd: Changed formatting of optional arguments in usage informationTobias Brunner2013-05-081-8/+10
| | | | | | | | Optional arguments have to be specified with = after the option.
| * charon-cmd: --agent optionally takes the path to an ssh-agent socketTobias Brunner2013-05-083-16/+24
| | | | | | | | If not given it is read from the SSH_AUTH_SOCK environment variable.
| * charon-cmd: Stop processing options if an argument is missing or an option ↵Tobias Brunner2013-05-081-0/+3
| | | | | | | | not recognized
| * charon-cmd: Properly initialize options with no additional linesTobias Brunner2013-05-071-10/+10
| |
| * agent: Use sshkey plugin to parse keys, adds support for ECDSATobias Brunner2013-05-074-58/+70
| |
| * sshkey: Add support for ECDSA keysTobias Brunner2013-05-071-0/+70
| |
| * Load any type (RSA/ECDSA) of public key via left|rightsigkeyTobias Brunner2013-05-0715-39/+43
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-08 03:24:09 +0000