| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | pki: Add --dn command to extract the subject DN of a certificate | Tobias Brunner | 2015-08-17 | 1 | -2/+1 |
| | | |||||
| * | scripts: Add script to extract the ASN.1 subject DN from a certificate | Tobias Brunner | 2015-08-17 | 1 | -1/+2 |
| | | | | | | | This can be useful if the subject DN has to be configured with the asn1dn: prefix in ipsec.conf (e.g. because the actual encoding can't be created by strongSwan's string parser/encoder). | ||||
| * | Fix timeattack script compilation under ARM | Andreas Steffen | 2015-06-05 | 1 | -1/+1 |
| | | |||||
| * | scripts: Add a tool that tries to guess MAC/ICV values using validation times | Martin Willi | 2015-04-14 | 1 | -1/+3 |
| | | | | | | | | | | | | | | | | | | | | This tool shows that it is trivial to re-construct the value memcmp() compares against by just measuring the time the non-time-constant memcmp() requires to fail. It also shows that even when running without any network latencies it gets very difficult to reconstruct MAC/ICV values, as the time variances due to the crypto routines are large enough that it gets difficult to measure the time that memcmp() actually requires after computing the MAC. However, the faster/time constant an algorithm is, the more likely is a successful attack. When using AES-NI, it is possible to reconstruct (parts of) a valid MAC with this tool, for example with AES-GCM. While this is all theoretical, and way more difficult to exploit with network jitter, it nonetheless shows that we should replace any use of memcmp/memeq() with a constant-time alternative in all sensitive places. | ||||
| * | scripts: Add test script for settings_t | Tobias Brunner | 2014-05-15 | 1 | -1/+2 |
| | | |||||
| * | aes-test: Add script to test AES implementations according to AESAVS/GCMVS | Tobias Brunner | 2013-08-24 | 1 | -1/+2 |
| | | |||||
| * | scripts: link against librt only if required | Martin Willi | 2013-08-08 | 1 | -3/+3 |
| | | | | | With glibc, this seems to be the case for 2.17 and older versions only. | ||||
| * | scripts: link malloc_speed against librt | Martin Willi | 2013-08-08 | 1 | -1/+1 |
| | | |||||
| * | automake: replace INCLUDES by AM_CPPFLAGS | Martin Willi | 2013-07-18 | 1 | -3/+4 |
| | | | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only. | ||||
| * | scripts: add a simple test utility to do some malloc() benchmarking/profiling | Martin Willi | 2013-05-06 | 1 | -1/+3 |
| | | |||||
| * | Implemented the resolver test script "dnssec" | Reto Guadagnini | 2013-02-19 | 1 | -1/+4 |
| | | |||||
| * | Add a tool to burn hashers | Martin Willi | 2012-07-17 | 1 | -1/+3 |
| | | |||||
| * | Use spaces in Makefile.am identation, autotools don't like tabs | Martin Willi | 2011-05-20 | 1 | -4/+4 |
| | | |||||
| * | Added simple fetcher tool to test fetcher implementations | Martin Willi | 2011-01-17 | 1 | -1/+3 |
| | | |||||
| * | Added command line tool for OID to DER conversion function | Martin Willi | 2011-01-05 | 1 | -1/+3 |
| | | |||||
| * | Conditional exclusion of tls_test script completed. | Tobias Brunner | 2010-09-09 | 1 | -3/+5 |
| | | |||||
| * | Fixed typo. | Tobias Brunner | 2010-09-09 | 1 | -1/+1 |
| | | |||||
| * | Build tls_test script only if TLS stack is enabled | Martin Willi | 2010-09-07 | 1 | -1/+4 |
| | | |||||
| * | Implemented a TLS utility to test on any TLS secured TCP connection | Martin Willi | 2010-08-25 | 1 | -2/+5 |
| | | |||||
| * | Added a crypto transform stress test for profiling | Martin Willi | 2010-08-19 | 1 | -2/+4 |
| | | |||||
| * | Build dedicated plugin lists for each strongSwan component | Martin Willi | 2010-08-12 | 1 | -1/+1 |
| | | |||||
| * | Fixing out-of-tree build after adding dependency to config.status. | Tobias Brunner | 2010-04-29 | 1 | -2/+2 |
| | | |||||
| * | Users of PLUGINS depend on config.status, rebuilding them if plugin ↵ | Martin Willi | 2010-04-29 | 1 | -0/+4 |
| | | | | | configuration is updated | ||||
| * | pass NULL to library_init() to load settings from default file | Martin Willi | 2009-09-10 | 1 | -2/+1 |
| | | |||||
| * | use NULL to load plugins from default plugin directory | Martin Willi | 2009-09-10 | 1 | -1/+0 |
| | | |||||
| * | use ./configured plugins in keyid scripts | Martin Willi | 2009-08-26 | 1 | -0/+1 |
| | | |||||
| * | moved publickey speed test to a standalone program | Martin Willi | 2009-06-10 | 1 | -1/+3 |
| | | | | | This reverts commit 08874d6ae29745de264f269b15afbbf6cd5acaad. | ||||
| * | moved Diffie-Hellman speed test to a standalone program | Martin Willi | 2009-06-10 | 1 | -2/+6 |
| | | | | | This reverts commit 1e6050bfaeadd66e921b3cd8d2128e4235ee6a29. | ||||
| * | set default CFLAGS globally, including -Wno-format | Martin Willi | 2009-04-27 | 1 | -2/+1 |
| | | |||||
| * | suppress format warnings in the scripts directory | Andreas Steffen | 2009-04-21 | 1 | -1/+3 |
| | | |||||
| * | added thread_analysis tool | Andreas Steffen | 2008-09-01 | 1 | -1/+2 |
| | | |||||
| * | added keyid2sql helper script | Andreas Steffen | 2008-07-29 | 1 | -1/+3 |
| | | |||||
| * | configure plugin path in scripts | Andreas Steffen | 2008-06-29 | 1 | -0/+1 |
| | | |||||
| * | created scripts/Makefile.am | Andreas Steffen | 2008-06-29 | 1 | -0/+9 |
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |