aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan
Commit message (Collapse)AuthorAgeFilesLines
...
| | * Added support for iKEIntermediate X.509 extended key usage flag.Tobias Brunner2012-03-203-6/+19
| | | | | | | | | | | | Mac OS X requires server certificates to have this flag set.
| | * Some whitespace fixes.Tobias Brunner2012-03-202-26/+26
| | |
| | * Added an XAUTH identity to use or require for XAuth authenticationMartin Willi2012-03-202-0/+11
| | |
| | * Stop checking once a key size constraint is not fulfilledMartin Willi2012-03-201-0/+3
| | |
| | * Fixed IKEv1 prf+ keymat expansion beyond 320 bitsMartin Willi2012-03-201-1/+1
| | |
| | * Remove executable flag from source code filesMartin Willi2012-03-201-0/+0
| | |
| | * Free list after removing the last local credential set, fixes a leak reportMartin Willi2012-03-201-0/+5
| | |
| | * Remove unused status typeMartin Willi2012-03-201-5/+0
| | |
| | * Added missing XAuth auth_class enum nameMartin Willi2012-03-201-1/+2
| | |
| | * Be less verbose if plugin dependecy not satisfiedMartin Willi2012-03-201-1/+1
| | |
| | * Added auth_cfg option to select XAUTH backend to useMartin Willi2012-03-203-2/+14
| | |
| | * Use a string to identify xauth backends, no need for integer typesMartin Willi2012-03-204-110/+4
| | |
| | * Use a second authentication config to configure XAUTH authenticationMartin Willi2012-03-201-4/+2
| | |
| | * Replace xauth_request task with a new stub where we reimplement itMartin Willi2012-03-201-2/+2
| | |
| | * Added status code to status_tClavister OpenSource2012-03-201-0/+5
| | | | | | | | | | | | New status_t enum to allow packets to be sent to peer in task_manager->process
| | * Implement htoun/untoh64 with potentially faster htobe64/be64toh macros, if ↵Martin Willi2012-03-201-0/+14
| | | | | | | | | | | | available
| | * fixed copy-and-paste errorAndreas Steffen2012-03-201-1/+1
| | |
| | * extended bio_reader and bio_writer to handle u_int64_tAndreas Steffen2012-03-205-0/+84
| | |
| | * IKEv1 XAuth: Added a "NULL" XAuth plugin which sends a hardcoded user/pass, ↵Clavister OpenSource2012-03-202-6/+10
| | | | | | | | | | | | and blindly accepts whatever user/pass is sent it. Changed the xauth_request task to use this new plugin. Add --enable-xauth-null to your configure line to build with the new plugin.
| | * IKEv1 XAuth: Added plugin support for XAuth, which allows us to have plugins ↵Clavister OpenSource2012-03-202-0/+20
| | | | | | | | | | | | to talk to servers with different quirks for XAuth authentication.
| | * IKEv1 XAuth: Add XAuth defines for plugin types.Clavister OpenSource2012-03-203-1/+102
| | |
| | * Revert "IKEv1 XAuth: Added new MIGRATE status type to status_t."Clavister OpenSource2012-03-201-6/+0
| | | | | | | | | | | | | | | | | | | | | | | | This reverts commit b57df8310a867a0a65abf17279bf1b6e6bb2f5d3. Conflicts: src/libcharon/sa/task_manager_v1.c
| | * Compiler warning fixed in prf_plus_t.Tobias Brunner2012-03-201-5/+5
| | |
| | * Map auth_class to auth method and IKEv1 proposal attributeMartin Willi2012-03-201-0/+2
| | |
| | * IKEv1 XAuth: Added new MIGRATE status type to status_t.Clavister OpenSource2012-03-201-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | When a task returns this status from a build or process method, it is a signal to the task manager that it should treat it as if the task returned SUCCESS. Additionally it will migrate all remaining tasks from the current queue to a different one, calling swap_initiator for each applicable task. Finally, the task manager will call "initiate", if applicable, to kick off tasks in the "queued_tasks" queue. Task queue relocation mapping: passive_tasks moves to queued_tasks (which is then fed to active by the initiate call). active_tasks moves to passive_tasks
| | * IKEv1 XAUTH: Added ability to configure XAUTH+PSK. Added task to handle ↵Clavister OpenSource2012-03-201-0/+2
| | | | | | | | | | | | XAUTH requests. Modified task_manager_v1 to enable it to initiate new tasks immediately after finishing a response.
| | * Extended PRF+ by a non-counting variant as used by IKEv1Martin Willi2012-03-202-63/+48
| | |
| | * ts.get_subnet() returns TRUE if the selector actually is a subnetMartin Willi2012-03-202-3/+6
| | |
* | | added missing whitespaceAndreas Steffen2012-04-302-1/+2
| | |
* | | Properly initialize optional subject in PEM builder.Tobias Brunner2012-04-301-1/+1
| | |
* | | added support for raw RSA public keys to strokeAndreas Steffen2012-04-301-9/+24
| | |
* | | CERT_TRUSTED_PUBKEY stores notBefore, notAfter and subject informationAndreas Steffen2012-04-251-7/+41
| | |
* | | Removed auth_cfg_t.replace_value() and replaced usages with add().Tobias Brunner2012-04-182-76/+35
| | | | | | | | | | | | | | | replace_value() was used to replace identities. Since for these the latest is now returned by get(), adding the new identity with add() is sufficient.
* | | Changed the order and semantics of rules we expect only once in auth_cfg_t.Tobias Brunner2012-04-182-114/+212
| | | | | | | | | | | | | | | | | | | | | These rules are now inserted at the front of the internal list, this allows to retrieve the rule added last with get(). For other rules the order in which they are added is maintained (this allows to properly enumerate them).
* | | Added a simple method to replace the value of a rule in auth_cfg_t.Tobias Brunner2012-04-162-32/+74
| | |
* | | Make AES-CMAC actually usable for IKEv2.Tobias Brunner2012-04-041-0/+1
| | |
* | | represent 0 as a single byteAndreas Steffen2012-04-031-5/+1
| | |
* | | moved chunk_skip_zero to chunk.hAndreas Steffen2012-04-031-0/+18
| | |
* | | fixed typoAndreas Steffen2012-04-031-2/+2
| | |
* | | Added test vectors for AES-CMAC.Tobias Brunner2012-04-033-0/+153
| | |
* | | Implemented AES-CMAC based PRF and signer.Tobias Brunner2012-04-0310-0/+922
| | | | | | | | | | | | | | | | | | The cmac plugin implements AES-CMAC as defined in RFC 4493 and the signer and PRF based on it as defined in RFC 4494 and RFC 4615, respectively.
* | | Fixed GNU license header in hmac and xcbc plugins.Tobias Brunner2012-04-032-4/+4
| | |
* | | Add support for dnQualifier in DNs.Tobias Brunner2012-03-293-1/+6
| | |
* | | Don't cast second argument of mem_printf_hook (%b) to size_t.Tobias Brunner2012-03-274-7/+8
|/ / | | | | | | | | | | | | | | | | | | | | | | | | Also treat the given number as unsigned int. Due to the printf hook registration the second argument of mem_printf_hook (if called via printf etc.) is always of type int*. Casting this to a size_t pointer and then dereferencing that as int does not work on big endian machines if int is smaller than size_t (e.g. on ppc64). In order to make this change work if the argument is of a type larger than int, size_t for instance, the second argument for %b has to be casted to (u_)int.
* | Added support for untruncated MD5 and SHA1 HMACs in ESP as used in RFC 4595.Tobias Brunner2012-02-271-0/+2
| | | | | | | | This requires a Linux kernel >= 2.6.33.
* | Compiler warnings fixed.Tobias Brunner2012-02-142-2/+2
| |
* | Moved log message for unexpected ASN.1 objects to level 2.Tobias Brunner2012-02-011-1/+1
| | | | | | | | This avoids error messages if later builders can successfully decode something.
* | Added support for PKCS#5 v2 schemes when decrypting PKCS#8 files.Tobias Brunner2012-02-013-61/+323
| |
* | Added support for encrypted PKCS#8 files (for some PKCS#5 v1.5 schemes).Tobias Brunner2012-02-013-4/+261
| |
* | Added support to parse PKCS#8 encoded ECDSA private keys.Tobias Brunner2012-02-013-12/+28
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-16 16:48:51 +0000