aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/stroke/stroke_cred.c
Commit message (Collapse)AuthorAgeFilesLines
* Avoid a race condition when reloading secrets from ipsec.secretsTobias Brunner2013-03-201-18/+25
| | | | | | | With the previous implementation that cleared the secrets in the active credential set and then loaded the secrets, IKE SA establishment would fail (as initiator or responder) if secrets are concurrently reloaded and the required secret was not yet loaded.
* Don't try to mmap() empty ipsec.secret filesMartin Willi2013-03-191-1/+5
|
* Use proper buffer sizes for parse_smartcard()Tobias Brunner2013-01-241-7/+10
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-241-1/+1
|
* Use explicit, larger buffer sizes for smartcard keyids and modulesMartin Willi2012-10-241-8/+8
|
* Support loading cacert certificates in ipsec.conf ca sections from smartcardMartin Willi2012-10-241-19/+37
|
* Refactored stroke smartcard token parsing, support module and slot in ↵Martin Willi2012-10-241-62/+101
| | | | leftcert option
* Load ipsec.conf %smartcard leftcerts with pkcs11 builderMartin Willi2012-10-241-8/+20
|
* Fix leak of PINs from ipsec.secretsMartin Willi2012-10-091-1/+2
|
* Make sure first argument is an int when using %.*s to print e.g. chunksTobias Brunner2012-09-281-1/+1
|
* Use name from initialization to access settings in libcharon.Tobias Brunner2012-05-031-1/+2
| | | | Also fixes several whitespace errors.
* Merge branch 'ikev1'Martin Willi2012-05-021-4/+4
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c
| * Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-201-4/+4
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| | * Added a flag to register local credential sets exclusively, disabling all othersMartin Willi2012-03-201-4/+4
| | |
* | | added support for raw RSA public keys to strokeAndreas Steffen2012-04-301-0/+73
| | |
* | | Added method to add additional shared secrets to stroke_cred_t.Tobias Brunner2012-04-171-1/+8
|/ /
* / Added an option to load CA certificates without CA basic constraint.Tobias Brunner2012-02-011-4/+34
|/ | | | | | Enabling this option treats all certificates in ipsec.d/cacerts and ipsec.conf ca sections as CA certificates even if they do not contain a CA basic constraint.
* Added fallback to ipsec.secrets parser if glob(3) is not available.Tobias Brunner2011-10-111-11/+22
|
* Migrated stroke_cred_t to INIT/METHOD macros.Tobias Brunner2011-10-031-40/+32
|
* Cast size_t len arguments to %.*s to intMartin Willi2011-04-201-5/+6
|
* Use strncpy when reading smartcard keyids from ipsec.secrets.Tobias Brunner2011-04-191-1/+1
|
* Proper cleanup if IDs in ipsec.secrets cannot be parsed.Tobias Brunner2011-04-141-0/+2
|
* Fix compiler warnings at creation of CRL cache filenames.Tobias Brunner2011-04-141-1/+1
| | | | | | This was not really a problem because ptr is the first member of a chunk_t and it contains a null-terminated string at that point. But it's clearer this way.
* Refactored stroke_cred_t to use mem_cred_t.Tobias Brunner2010-12-031-378/+30
|
* Avoid calling globfree twice on failure.Tobias Brunner2010-12-031-1/+0
|
* Respect key types in stroke key/certificate backendMartin Willi2010-09-021-15/+24
|
* Fixed loading of secrets with IDs.Tobias Brunner2010-08-041-1/+1
| | | | | Since the ID string is manually terminated by a null character, write permission is required for the mmapped ipsec.secrets.
* Fixed loading of private keys without password.Tobias Brunner2010-08-041-1/+1
| | | | | The chunk storing the password was not correctly initialized, resulting in a segmentation fault when no password was specified in ipsec.secrets.
* Pass type of requested key in the callback credential setMartin Willi2010-08-041-1/+12
|
* Obseleted BUILD_PASSPHRASE(_CALLBACK) for private key loading, use ↵Martin Willi2010-08-041-37/+77
| | | | credential sets
* Use credential sets to load smartcard keysMartin Willi2010-08-041-29/+82
|
* Implemented a callback based credential set, currently for shared keys onlyMartin Willi2010-08-041-61/+39
|
* mmap() ipsec.secrets instead malloc(), proper error checkingMartin Willi2010-08-041-18/+30
|
* Splitted up the load_secrets() functionMartin Willi2010-08-041-263/+301
|
* %prompt support for smartcard PIN via "ipsec secrets"Martin Willi2010-08-041-28/+95
|
* Pass the PKCS11 keyid as chunk, not as stringMartin Willi2010-08-041-3/+6
|
* Reuse generic passphrase build part, not a dedicated PIN partMartin Willi2010-08-041-7/+4
|
* Support module names in %smartcard specifier, streamlined smartcard buildingMartin Willi2010-08-041-12/+51
|
* Support different encoding types in certificate.get_encoding()Martin Willi2010-07-131-3/+5
|
* Added generic implementations for crl_is_newer/certificate_is_newerMartin Willi2010-05-211-1/+1
|
* Moving charon to libcharon.Tobias Brunner2010-03-191-0/+1175
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-15 21:49:30 +0000