tteras/strongswan - tteras' strongSwan tree

	Commit message (Collapse)	Author	Age	Files	Lines
*	charon-tkm: Don't run tests automatically during 'make check'	Tobias Brunner	2013-11-27	1	-5/+5
\| \| \| \| \|	Due to the external dependencies these tests are quite inconvenient. They can be run from the charon-tkm directory with 'make check-tkm'.
*	charon-tkm: Migrate tests to our own test runner	Tobias Brunner	2013-11-27	1	-2/+6
\| \| \| \| \| \|	Due to problems with the external libraries tkm_init/deinit can't be called for each test case. Because of this leak detective has to be disabled for these tests.
*	charon-tkm: Support for out-of-tree build added	Tobias Brunner	2013-11-27	1	-11/+11
\|
*	tkm: Properly refer to includes now that AM_CPPFLAGS is used	Tobias Brunner	2013-07-19	1	-1/+1
\|
*	automake: replace INCLUDES by AM_CPPFLAGS	Martin Willi	2013-07-18	1	-1/+1
\| \| \| \| \| \|	INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only.
*	Provide TKM credential encoder	Reto Buerki	2013-03-19	1	-1/+0
\| \| \| \| \| \| \| \|	The TKM credential encoder creates fingerprints of type KEYID_PUBKEY_INFO_SHA1 and KEYID_PUBKEY_SHA1 using CRED_PART_RSA_PUB_ASN1_DER. This makes the pkcs1 plugin unnecessary.
*	Switch to openssl plugin	Reto Buerki	2013-03-19	1	-8/+1
\|
*	Don't manually register kernel_netlink_net	Reto Buerki	2013-03-19	1	-0/+1
\| \| \| \| \| \| \| \| \|	Load complete kernel_netlink plugin instead. Registering the TKM specific plugins first still ensures that the correct ipsec plugin is used. Lazy initialize the RNG_WEAK plugin to avoid the unsatisfiable soft dependency on startup.
*	Move stroke plugin to the end of PLUGINS list	Reto Buerki	2013-03-19	1	-2/+2
\| \| \| \| \|	This fixes the problem of stroke being unable to load the ca certificates on startup.
*	Implement Esa Event Service (EES)	Reto Buerki	2013-03-19	1	-0/+1
\| \| \| \| \| \|	The Esa Event Service can be used to trigger ESP SA (ESA) events such as acquire or expire. The incoming events are forwarded to the hydra kernel interface for processing.
*	charon-tkm: Register kernel_netlink_net	Adrian-Ken Rueegsegger	2013-03-19	1	-1/+0
\| \| \| \| \| \|	Explicitly register kernel netlink net implementation and avoid loading the whole kernel-netlink plugin since the kernel netlink ipsec part is unwanted.
*	Add initial TKM Diffie-Hellman implementation	Reto Buerki	2013-03-19	1	-1/+0
\| \| \| \| \| \| \| \| \| \|	The tkm_diffie_hellman_t plugin acquires a DH context from the Trusted Key Manager and uses it to get a DH public value and the calculated shared secret. Proper context handling is still missing though, the plugin currently uses context ID 1. The get_shared_secret function will be removed as soon as the TKM specific keymat is ready.
*	charon-tkm: Register tkm nonce generator	Reto Buerki	2013-03-19	1	-1/+0
\|
*	Introduce TKM specific charon daemon (charon-tkm)	Reto Buerki	2013-03-19	1	-0/+63
	Analogous to charon-nm the charon-tkm daemon is a specialized charon instance used in combination with the trusted key manager (TKM) written in Ada. The charon-tkm is basically a copy of the charon-nm code which will register it's own TKM specific plugins. The daemon binary is built using the gprbuild utility. This is needed because it uses the tkm-rpc Ada library and consequently the Ada runtime. gprbuild takes care of the complete binding and linker steps required to properly initialize the Ada runtime.