Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | ikev1: Move fragment generation to message_t | Tobias Brunner | 2014-10-10 | 5 | -139/+251 |
| | |||||
* | ike: Rename encryption_payload to encrypted_payload | Tobias Brunner | 2014-10-10 | 10 | -102/+98 |
| | |||||
* | ipsec: Remove unsupported listcards and rereadgroups commands | Tobias Brunner | 2014-10-08 | 1 | -10/+0 |
| | |||||
* | ipsec: Document missing commands | Tobias Brunner | 2014-10-08 | 1 | -1/+11 |
| | |||||
* | ipsec: Update usage output | Tobias Brunner | 2014-10-08 | 1 | -18/+17 |
| | |||||
* | ipsec: Remove duplicate check for internal commands | Tobias Brunner | 2014-10-08 | 1 | -4/+0 |
| | |||||
* | ipsec: Only set PATH if it is not already set | Tobias Brunner | 2014-10-08 | 1 | -1/+1 |
| | | | | | | | | | | The comment indicated this but it was always set anyway. All internal commands are called via their absolute paths, so the script only uses PATH for the uname command, but if that is not located in one of the configured directories the script will fail. Also, since the internal commands are called via their absolute paths there is no need to add the directories to PATH. | ||||
* | ikev1: Fix handling of UNITY_LOAD_BALANCE | Tobias Brunner | 2014-10-07 | 1 | -3/+3 |
| | | | | | The re-authentication is now handled within the original IKE_SA if it has not yet been established, so we don't want to destroy it. | ||||
* | ikev1: Don't queue more than one mode config or XAuth task | Tobias Brunner | 2014-10-07 | 1 | -7/+22 |
| | | | | | | | | At the time we reset an IKE_SA (e.g. when re-authenticating a not yet established SA due to a roaming event) such tasks might already be queued by one of the phase 1 tasks. If the SA is initiated again another task will get queued by the phase 1 task. This results in e.g. multiple mode config requests, which most gateways will have problems with. | ||||
* | testing: Don't check for the actual number of SWID tags in PDP scenarios | Tobias Brunner | 2014-10-07 | 2 | -8/+8 |
| | | | | | The number of SWID tags varies depending on the base image, but lets assume the number is in the hundreds. | ||||
* | testing: Make TNC scenarios agnostic to the actual Debian version | Tobias Brunner | 2014-10-07 | 18 | -45/+52 |
| | | | | | The scenarios will work with new or old base images as long as the version in use is included as product in the master data (src/libimcv/imv/data.sql). | ||||
* | testing: Make TKM related build recipes future-proof | Tobias Brunner | 2014-10-07 | 6 | -24/+36 |
| | | | | | | | | The tkm scenarios recently failed due to a segmentation fault on my host because I had an old build of the tkm library already built in the build directory. Because the stamp file was not versioned the new release was never checked out or built and charon-tkm was linked against the old version causing a segmentation fault during key derivation. | ||||
* | version bump to 5.2.1rc1 | Andreas Steffen | 2014-10-06 | 1 | -1/+1 |
| | |||||
* | Merge branch 'ext-auth'5.2.1dr1 | Martin Willi | 2014-10-06 | 18 | -249/+1644 |
|\ | | | | | | | | | | | Integrates the ext-auth plugin by Vyronas Tsingaras. The new child process abstraction simplifies implementation in both the new ext-auth and the existing updown plugin, and makes them available on the Windows platform. | ||||
| * | NEWS: Mention new ext-auth plugin | Martin Willi | 2014-10-06 | 1 | -0/+3 |
| | | |||||
| * | ext-auth: Add an ext-auth plugin invoking an external authorization script | Martin Willi | 2014-10-06 | 9 | -0/+512 |
| | | | | | | | | Original patch courtesy of Vyronas Tsingaras. | ||||
| * | updown: Use process abstraction to invoke updown script | Martin Willi | 2014-10-06 | 1 | -246/+215 |
| | | |||||
| * | process: Add a wrapper to invoke a command under the system default shell | Martin Willi | 2014-10-06 | 3 | -0/+110 |
| | | |||||
| * | process: Port child process spawning to the Windows platform | Martin Willi | 2014-10-06 | 2 | -1/+315 |
| | | |||||
| * | process: Provide an abstraction to spawn child processes with redirected I/O | Martin Willi | 2014-10-06 | 7 | -3/+490 |
|/ | |||||
* | testing: Updated certificates and keys in sql scenarios | Andreas Steffen | 2014-10-06 | 35 | -121/+121 |
| | |||||
* | Added IF-M Segmentation support to NEWS | Andreas Steffen | 2014-10-05 | 1 | -0/+5 |
| | |||||
* | Incremental parsing fixes | Andreas Steffen | 2014-10-05 | 2 | -14/+9 |
| | |||||
* | Updated revoked certificate in ikev2/ocsp-revoked scenario | Andreas Steffen | 2014-10-05 | 2 | -42/+42 |
| | |||||
* | The critical-extension scenarios need the old private keys | Andreas Steffen | 2014-10-05 | 4 | -0/+108 |
| | |||||
* | Added add_segment() method to TCG/PTS attributes | Andreas Steffen | 2014-10-05 | 18 | -26/+157 |
| | |||||
* | Added add_segment() method to TCG/SEG attributes | Andreas Steffen | 2014-10-05 | 3 | -25/+49 |
| | |||||
* | OS IMV proposes IF-M segmentation contract | Andreas Steffen | 2014-10-05 | 6 | -108/+153 |
| | | | | | | | The OS IMV sends a TCG IF-M Segmentation contract request. All IETF standard attributes support segmentation. Additionally the IETF Installed Packages standard attributes supports incremental processing while segments are received. | ||||
* | SWID IMC proposes IF-M segmentation contracts | Andreas Steffen | 2014-10-05 | 3 | -24/+42 |
| | |||||
* | unit-tests: Updated libimcv test suite | Andreas Steffen | 2014-10-05 | 1 | -22/+125 |
| | |||||
* | Added add_segment() method to IETF attributes | Andreas Steffen | 2014-10-05 | 12 | -0/+95 |
| | |||||
* | Added add_segment() method to ITA attributes | Andreas Steffen | 2014-10-05 | 6 | -0/+47 |
| | |||||
* | Implemented incremental processing of SWID tag [ID] inventory attribute | Andreas Steffen | 2014-10-05 | 8 | -199/+253 |
| | |||||
* | Implemented add_segment method for PA-TNC attributes | Andreas Steffen | 2014-10-05 | 11 | -90/+208 |
| | |||||
* | Added total length parameter in PA-TNC attribute constructor | Andreas Steffen | 2014-10-05 | 91 | -319/+957 |
| | |||||
* | Assignment of flags starts with bit 0 | Andreas Steffen | 2014-10-05 | 2 | -5/+5 |
| | |||||
* | Register the reception of the AIK attribute | Andreas Steffen | 2014-10-05 | 3 | -2/+9 |
| | |||||
* | Unit tests for libimcv | Andreas Steffen | 2014-10-05 | 5 | -0/+649 |
| | |||||
* | Compacted chunk creation in ita_attr_command constructor | Andreas Steffen | 2014-10-05 | 1 | -2/+1 |
| | |||||
* | Merged libpts into libimcv | Andreas Steffen | 2014-10-05 | 159 | -440/+233 |
| | |||||
* | Added out message queue for imv_msg receive method | Andreas Steffen | 2014-10-05 | 8 | -86/+81 |
| | |||||
* | Implemented IF-M segmentation | Andreas Steffen | 2014-10-05 | 24 | -320/+1660 |
| | |||||
* | Added request variable to get_info_string method | Andreas Steffen | 2014-10-03 | 5 | -11/+12 |
| | |||||
* | Implemented IF-M segmentation contracts | Andreas Steffen | 2014-10-03 | 32 | -63/+1354 |
| | |||||
* | Allow to treat specified Attribute-Type-Not-Supported errors as non-fatal | Andreas Steffen | 2014-10-03 | 10 | -16/+110 |
| | |||||
* | testing: Updated swanctl certificates and keys | Tobias Brunner | 2014-10-03 | 14 | -292/+292 |
| | |||||
* | testing: Wait a bit in swanctl scenarios before interacting with the daemon | Tobias Brunner | 2014-10-03 | 7 | -9/+16 |
| | |||||
* | testing: Actually build swanctl | Tobias Brunner | 2014-10-03 | 1 | -1/+2 |
| | |||||
* | testing: Make sure the whitelist plugin is ready before configuring it | Tobias Brunner | 2014-10-03 | 1 | -1/+3 |
| | |||||
* | testing: Update PKCS#12 containers | Tobias Brunner | 2014-10-03 | 4 | -0/+0 |
| |