aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* farp: Only remove one tracked entryTobias Brunner2017-07-271-0/+1
| | | | | | | | | Multiple CHILD_SAs sharing the same traffic selectors (e.g. during make-before-break reauthentication) also have the same reqid assigned. If all matching entries are removed we could end up without entry even though an SA exists that still uses these traffic selectors. Fixes #2373.
* ike: Trigger CHILD_INSTALLED state change after corresponding log messageTobias Brunner2017-07-272-10/+9
| | | | | | | | This way we get the log message in stroke and swanctl as last message when establishing a connection. It's already like this for the IKE_SA where IKE_ESTABLISHED is set after the corresponding log message. Fixes #2364.
* sw-collector: sw-collector.first_file setting retrieves creation date from ↵Andreas Steffen2017-07-262-2/+52
| | | | file stats
* swima-collector: Fix compile error if SWID_DIRECTORY is not definedTobias Brunner2017-07-241-1/+10
|
* libimcv: Add missing files to Android.mkTobias Brunner2017-07-241-0/+11
|
* Version bump to 5.6.0dr35.6.0dr3Andreas Steffen2017-07-182-2/+2
|
* testing: Fixed the path of pt-tls-clientAndreas Steffen2017-07-183-5/+5
|
* checksum: Compile sw-collector before checksumAndreas Steffen2017-07-181-4/+4
|
* checksum: Added pt-tls-client and sw-collectorAndreas Steffen2017-07-181-0/+8
|
* sw-collector: Moved to its own directory and added man pageAndreas Steffen2017-07-1818-22/+133
|
* pt-tls-client: Added man pageAndreas Steffen2017-07-164-4/+140
|
* Version bump to 5.6.0dr25.6.0dr2Andreas Steffen2017-07-133-2/+21
|
* sw-collector: strip arch suffix from package namesAndreas Steffen2017-07-135-34/+22
|
* sw-collector: Check for epoch-less Debian package versionsAndreas Steffen2017-07-1212-314/+881
|
* libtpmtss: Support of Intel TABRMD interfaceAndreas Steffen2017-07-122-17/+93
|
* Version bump to 5.6.0dr15.6.0dr1Andreas Steffen2017-07-082-2/+2
| | | | | | | This major version includes the new SWIMA IMC/IMV pair which implements the "draft-ietf-sacm-nea-swima-patnc" Internet Draft. Full compliance to the ISO 19770-2:2015 SWID tag standard has been achieved.
* Merge branch 'swima'Andreas Steffen2017-07-08113-629/+10005
|\
| * testing: Added tnc/tnccs-20-nea-pt-tls scenarioAndreas Steffen2017-07-0829-0/+455
| |
| * testing: Adaptation to ISO 19770-2:2015 SWID standardAndreas Steffen2017-07-082-1/+3
| |
| * pt-tls-client: Support for TPM keyidsAndreas Steffen2017-07-081-10/+27
| |
| * imv-swima: Implemented SW event processingAndreas Steffen2017-07-086-87/+164
| |
| * sw-collector: Query central collector databaseAndreas Steffen2017-07-089-42/+601
| |
| * libimcv: Moved REST API from imv_swid and imv_swima to libimcvAndreas Steffen2017-07-0810-241/+114
| |
| * swidtag: strongSwan swidtag file with double underscoresAndreas Steffen2017-07-084-12/+10
| |
| * sw-collector: Collects endpoint software eventsAndreas Steffen2017-07-0810-3/+1434
| |
| * imv-swima: Created SWIMA IMV pluginAndreas Steffen2017-07-0812-2/+1682
| |
| * imc-swima: Created SWIMA IMC pluginAndreas Steffen2017-07-0810-1/+711
| |
| * unit-tests: Added IETF SWIMA PA-TNC attribute testsAndreas Steffen2017-07-083-2/+1127
| |
| * libimcv: Implemented IETF SW PA-TNC attributesAndreas Steffen2017-07-0826-14/+3532
| |
| * libimcv: Fixed memory leakAndreas Steffen2017-07-081-0/+2
| |
| * libimcv: Corrected order of subscription flagsAndreas Steffen2017-07-082-4/+4
| |
| * libimcv: Added IETF Software PA-TNC attributesAndreas Steffen2017-07-084-13/+70
| |
| * libtncif: Added IETF Software PA-TNC message subtypeAndreas Steffen2017-07-082-6/+7
| |
| * libimcv: SWID tag generation and discoveryAndreas Steffen2017-07-0811-271/+40
| |
| * libimcv: Update database to ISO 19770-2:2015 SWID standardAndreas Steffen2017-07-086-155/+257
|/
* testing: Fixed typo in openssl-ikev2/rw-suite-b-192 scenarioAndreas Steffen2017-07-081-1/+1
|
* testing: Support running multiple tests with * as wildcard (e.g. ikev2/ocsp-*)Tobias Brunner2017-07-071-6/+10
|
* x509: Correctly encode nonce in OCSP requestTobias Brunner2017-07-071-1/+2
| | | | | The nonce value is encoded as OCTET STRING, however, the extension values themselves must also be encoded as OCTET STRING.
* swanctl: Document eap_id in remote sectionsTobias Brunner2017-07-051-0/+6
|
* kernel-pfroute: Make sure there is a netmask when enumerating subnetsTobias Brunner2017-07-051-2/+2
|
* pki: Load pubkey plugin to print public keysTobias Brunner2017-07-051-1/+1
| | | | | | | | Since 3317d0e77b1a the public keys are printed via certificate printer, but that only works if the public key is actually wrapped, which requires the pubkey plugin. Fixes: 3317d0e77b1a ("Standardized printing of certificate information")
* pki: Fix typo in --print man pageTobias Brunner2017-07-051-3/+3
|
* sql: Use qualified names in SQL query statementsTobias Brunner2017-07-052-49/+54
| | | | | | | VIRTUAL is a new reserved keyword in MySQL 5.7.6 that caused some of these queries to fail. Fixes #2359.
* stroke: Don't load configs with invalid proposalsTobias Brunner2017-07-051-7/+20
| | | | References #2347.
* ikev1: Determine transform ID before mapping integrity algorithm IDTobias Brunner2017-07-051-1/+1
| | | | | | | | | Due to the lookup based on the mapped algorithm ID the resulting AH proposals were invalid. Fixes #2347. Fixes: 8456d6f5a8e9 ("ikev1: Don't require AH mapping for integrity algorithm when generating proposal")
* eap-aka-3gpp: Add plugin that implements 3GPP MILENAGE algorithm in softwareTobias Brunner2017-07-0516-2/+1395
| | | | | | | | | | This is similar to the eap-aka-3gpp2 plugin. K (optionally concatenated with OPc) may be configured as binary EAP secret in ipsec.secrets or swanctl.conf. Based on a patch by Thomas Strangert. Fixes #2326.
* utils: Make second argument to memxor() constTobias Brunner2017-07-052-2/+2
|
* android: New release after fixing issues with older Android versions and DB ↵Tobias Brunner2017-07-041-2/+2
| | | | upgrade
* android: Fix database update from older versionsTobias Brunner2017-07-041-50/+80
|
* android: Fix version string on older Android releasesTobias Brunner2017-07-041-2/+6
| | | | SECURITY_PATCH is apparently only available since Android 6.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 07:34:45 +0000