aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
* Use CAs subjectKeyIdentifier as CRLs authorityKeyIdentifierMartin Willi2010-05-211-1/+1
|
* Added support for CRL generation to x509 pluginMartin Willi2010-05-213-3/+199
|
* Removed is_newer() from certificate_t, obsoleting all implementationsMartin Willi2010-05-219-175/+2
|
* Migrated x509_crl_t to INIT/METHOD macrosMartin Willi2010-05-211-95/+70
|
* Implemented X.509 CRL reading using OpenSSLMartin Willi2010-05-214-1/+606
|
* Implemented X.509 certificate reading using OpenSSLMartin Willi2010-05-216-2/+1054
|
* Fixed doxygen groupMartin Willi2010-05-201-1/+1
|
* Explicitly link gpg-error to gcrypt pluginMartin Willi2010-05-171-1/+1
|
* Support decoding of subjectPublicKeyInfo in openssl without pkcs1 pluginMartin Willi2010-05-052-2/+16
|
* Do not check pointer, but length of a chunkMartin Willi2010-05-051-1/+1
|
* Do not print filename twice if plugin loading fails, dlerror() contains the ↵Martin Willi2010-05-051-2/+1
| | | | filename
* Fixed RSA key generation with gcryptMartin Willi2010-04-291-1/+1
|
* PEM encoder supports encoding from RSA components directly, allowing gcrypt ↵Martin Willi2010-04-293-37/+42
| | | | plugin to encode in PEM
* Added support for DH groups 22, 23 and 24, patch contributed by Joy LattenMartin Willi2010-04-194-1/+29
|
* Fixed OpenSSL engine_id setting, i.e. do not use 'library.' prefix for ↵Tobias Brunner2010-04-101-1/+1
| | | | settings in libstrongswan.
* Store DH generator in a chunk, hide non-public data in a private structMartin Willi2010-04-083-18/+27
|
* Some whitespace fixes.Tobias Brunner2010-04-065-8/+8
|
* Adding DBG_LIB to all calls of libstrongswan's version of DBG*.Tobias Brunner2010-04-0641-283/+340
|
* PEM encoding for OpenSSL RSA and EC public and private keysAndreas Steffen2010-04-045-12/+72
|
* PEM encoding for GMP RSA public and private keysAndreas Steffen2010-04-046-3/+167
|
* fixed doxygen groupAndreas Steffen2010-04-031-1/+1
|
* change #define to PEM_BUILDER_H_Andreas Steffen2010-04-031-3/+3
|
* Moving attr-sql plugin from libstrongswan to libhydra.Tobias Brunner2010-03-247-1989/+0
|
* Fixed ipsec pool --batch commandHeiko Hund2010-03-241-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | --batch mode has shown to be buggy in very obscure ways in the first real life tests. For example a batch file --del pool1 --replace pool2 --addresses file1 returned the error "/usr/libexec/ipsec/pool: unrecognized option '--lace'" which was gone after moving the --del behind --replace. With the patch from below applied everything works like a charm. From the info on the man page it seem to be unrelated to this problem, though: A program that scans multiple argument vectors, or rescans the same vector more than once, and wants to make use of GNU extensions such as '+' and '-' at the start of optstring, or changes the value of POSIXLY_CORRECT between scans, must reinitialize getopt() by resetting optind to 0, rather than the traditional value of 1. (Resetting to 0 forces the invocation of an internal initialization routine that rechecks POSIXLY_CORRECT and checks for GNU exten- sions in optstring.) Signed-off-by: Heiko Hund <hhund@astaro.com>
* Removed strayed code fragmentMartin Willi2010-03-191-20/+4
|
* ipsec pool --batch commandHeiko Hund2010-03-191-60/+200
| | | | | | | | Introduce the --batch command which reads several ipsec pool commands and their arguments from a file or STDIN. Useful if you need to run serveral commands atomically from a configuration daemon or likewise. Signed-off-by: Heiko Hund <hhund@astaro.com>
* ipsec pool error return statusHeiko Hund2010-03-191-49/+51
| | | | | | | Fix the error return status of the ipsec pool command. Also make --del for attributes succeed if no --server option was given. Signed-off-by: Heiko Hund <hhund@astaro.com>
* ipsec pool --replace commandHeiko Hund2010-03-191-23/+61
| | | | | | | | | Introduce the pool --replace command as an alternative to --add. Also change the current behavior of allowing duplicate pool names so that, --add with an existing name fails and --replace removes the existing pool before adding the new one. Signed-off-by: Heiko Hund <hhund@astaro.com>
* --addresses option for ipsec pool --add commandHeiko Hund2010-03-191-5/+187
| | | | | | | | | Introduce the --addresses option for --add that can be used to add a pool containing non-contiguous addresses. Additionally it allows to preclaim certain addresses for certain roadwarrior IDs. See the second chunk of the patch for a more detailed description. Signed-off-by: Heiko Hund <hhund@astaro.com>
* setting the two most significant bits assures an RSA modulus of maximum bit sizeAndreas Steffen2010-03-151-2/+2
|
* fix 64bit issue with time_t from databaseAndreas Steffen2010-03-101-2/+8
|
* Provide the Diffie Hellman parameters from a central location, so that we do ↵Tobias Brunner2010-03-093-730/+34
| | | | | | | | not have to replicate them in every plugin that implements the DH interface. The main reason for this change is that Android's libcrypto does not include the get_rfcX_prime_Y functions by default. Therefore we would have had to replicate the primes a third time.
* Adding a helper function that translates single characters in a string.Tobias Brunner2010-03-081-19/+2
|
* Replaced the deprecated RSA_generate_key with RSA_generate_key_ex.Tobias Brunner2010-03-081-2/+25
|
* Implemented the PRF_KEYED_SHA1 algorithm in the openssl pluginMartin Willi2010-03-084-0/+195
|
* critical keyUsage extension must be parsedAndreas Steffen2010-03-071-0/+3
|
* set Certificate Sign and CRL Sign flags in keyUsage extension if CA is trueAndreas Steffen2010-03-071-4/+13
|
* Reverting eba28948a584b9d02474cf5d256b04b8d2adbe6a which was only necessary ↵Tobias Brunner2010-03-0228-42/+7
| | | | | | | when cross-compiling the plugins for Android 2.0. With the coming monolithic build using Android.mk files this won't be necessary anymore.
* Streamlined the source file list formatting in plugin makefiles.Tobias Brunner2010-03-0228-52/+96
|
* Link all enabled libstrongswan plugins into the library, link all enabled ↵Tobias Brunner2010-03-0228-50/+155
| | | | charon plugins into libcharon.
* Enabling the plugin loader to be able to load plugins without explicitly ↵Tobias Brunner2010-03-021-0/+37
| | | | loading a shared object file first.
* Changed plugin constructors from plugin_create to plugin_name_plugin_create.Tobias Brunner2010-03-0230-35/+60
|
* Removing the plugin constructor declarations from the header files.Tobias Brunner2010-03-0228-140/+0
|
* Link all plugins to libstrongswan.Tobias Brunner2010-02-2528-7/+28
|
* Use side-channel secured mpz_powm_sec of libgmp 5, if availableMartin Willi2010-02-183-0/+14
|
* initialize variables to avoid compiler warningAndreas Steffen2010-02-051-2/+2
|
* Support TLS client authentication Extended Key Usage in x509 generationMartin Willi2010-01-141-8/+16
|
* ipsec pki --self|issue supports --pathlen option setting a path length ↵Andreas Steffen2009-12-311-2/+18
| | | | constraint
* Using the thread wrapper in charon, libstrongswan and their plugins.Tobias Brunner2009-12-232-12/+9
|
* Separated the public interfaces of the threading primitives.Tobias Brunner2009-12-234-4/+4
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-06 11:05:32 +0000