aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* | Support signing of RADIUS response messagesMartin Willi2012-03-053-15/+26
| |
* | Act on RADIUS DAE Disconnect requestsMartin Willi2012-03-051-1/+56
| |
* | Verify received RADIUS DAE requestsMartin Willi2012-03-051-9/+51
| |
* | Support verification of RADIUS request messagesMartin Willi2012-03-052-3/+10
| |
* | Rename RADIUS message constructors to handle both, requests and responsesMartin Willi2012-03-056-15/+15
| |
* | Enable RADIUS DAE listening if configuredMartin Willi2012-03-051-0/+13
| |
* | Added infrastructure to listen to RADIUS Dynamic Authorization Extension ↵Martin Willi2012-03-053-0/+228
| | | | | | | | requests
* | Added Dynamic Authorization Extension RADIUS message codesMartin Willi2012-03-052-1/+14
| |
* | Set IKE_SA lifetime based on RADIUS Session-Timeout attributeMartin Willi2012-03-051-0/+26
| |
* | Set hard timeouts when setting a lifetimeMartin Willi2012-03-051-7/+14
| |
* | Fix IKE_SA timeout debug output on 64bit platformsMartin Willi2012-03-051-3/+4
| |
* | Added support for untruncated MD5 and SHA1 HMACs in ESP as used in RFC 4595.Tobias Brunner2012-02-273-3/+25
| | | | | | | | This requires a Linux kernel >= 2.6.33.
* | Encode IPv6 virtual IPs in a Framed-IPv6-Prefix attributeMartin Willi2012-02-241-1/+9
| |
* | Refactored construction of RADIUS accounting messagesMartin Willi2012-02-241-23/+21
| |
* | Include port numbers in Calling-Station-Id, tooMartin Willi2012-02-241-2/+2
| |
* | Use large enough buffers for IPv6 addresses in Calling-Station-IdMartin Willi2012-02-241-2/+2
| |
* | Send client external address as Calling-Station-Id in RADIUS accountingMartin Willi2012-02-241-6/+11
| |
* | handle case where subject = NULL but keyid is set4.6.2Andreas Steffen2012-02-201-1/+2
| |
* | fixed attest sql query in list_measurements()Andreas Steffen2012-02-151-1/+1
| |
* | Compiler warnings fixed.Tobias Brunner2012-02-142-2/+2
| |
* | pluto: Print expiry time more properly.Tobias Brunner2012-02-141-2/+3
| |
* | pluto: Drop support for legacy PSK format.Tobias Brunner2012-02-081-15/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Any line in ipsec.secrets starting with " or ' was treated as PSK without ID selectors by pluto. This prevented it from supporting DNs like "C=CH, O=Linux strongSwan, OU=Sales, CN=alice@strongswan.org" as ID selectors. PSKs defined in this legacy format can easily be updated by changing "thisIsASecret" into : PSK "thisIsASecret"
* | Double check if a cached suite is available, overwrite any old suite stateMartin Willi2012-02-071-2/+3
| |
* | Some Doxygen fixes.Tobias Brunner2012-02-073-11/+11
| |
* | Fix TLS EAP-MSK derivation, uses different order of randoms than key expansionMartin Willi2012-02-071-0/+1
| |
* | Filter TLS suite MAC by HMAC algorithm, as the hash is not necessarily the sameMartin Willi2012-02-071-4/+4
| |
* | Update usage for all children in RADIUS accounting just before sending StopMartin Willi2012-02-061-1/+12
| |
* | Check if ClusterIP directory could be opened before enumerating itMartin Willi2012-02-061-17/+26
| |
* | ipsec attest adds and deletes key/component pairsAndreas Steffen2012-02-051-4/+21
| |
* | check if TNC client has a valid and registered AIKAndreas Steffen2012-02-055-25/+62
| |
* | Trigger DPD not before IKE_SA state gets updatedMartin Willi2012-02-021-6/+8
| |
* | Don't retransmit, rekey, reauth or DPD check SAs when in PASSIVE stateMartin Willi2012-02-021-0/+26
| |
* | Moved log message for unexpected ASN.1 objects to level 2.Tobias Brunner2012-02-011-1/+1
| | | | | | | | This avoids error messages if later builders can successfully decode something.
* | Added support for PKCS#5 v2 schemes when decrypting PKCS#8 files.Tobias Brunner2012-02-013-61/+323
| |
* | Added support for encrypted PKCS#8 files (for some PKCS#5 v1.5 schemes).Tobias Brunner2012-02-013-4/+261
| |
* | Added support to parse PKCS#8 encoded ECDSA private keys.Tobias Brunner2012-02-013-12/+28
| |
* | OpenSSL plugin parses ECDSA private keys with explicitly specified EC ↵Tobias Brunner2012-02-011-9/+30
| | | | | | | | | | | | | | parameters. This is needed in case the key itself does not contain the parameters, which is the case for PKCS#8.
* | Add builder part for parameters from algorithmIdentifier.Tobias Brunner2012-02-012-1/+4
| |
* | Return parsed parameters from algorithmIdentifier if they are an OID (aka EC ↵Tobias Brunner2012-02-011-1/+1
| | | | | | | | | | | | | | named curve). Explicit EC parameters are not supported with this function, but before this change no parameters were actually ever returned.
* | Parse RSA private keys from PKCS#8 encoded blobs.Tobias Brunner2012-02-014-1/+151
| |
* | Added PKCS#8 stub plugin.Tobias Brunner2012-02-014-0/+139
| |
* | Added an option to load CA certificates without CA basic constraint.Tobias Brunner2012-02-011-4/+34
| | | | | | | | | | | | Enabling this option treats all certificates in ipsec.d/cacerts and ipsec.conf ca sections as CA certificates even if they do not contain a CA basic constraint.
* | Support RADIUS accounting messages containing Framed-IP and ↵Martin Willi2012-01-304-0/+376
| | | | | | | | Inbound/Outbound-Octets
* | Open RADIUS accounting sockets to exchange accounting messagesMartin Willi2012-01-305-46/+91
| |
* | Support signing of RADIUS accounting messagesMartin Willi2012-01-303-10/+26
| |
* | RADIUS message constructor accepts a message code parameterMartin Willi2012-01-303-7/+8
| |
* | Disable crypto benchmarking if CLOCK_THREAD_CPUTIME_ID is not available.Tobias Brunner2012-01-301-0/+10
| |
* | Cache list of plugin names to further simplify its usage.Tobias Brunner2012-01-198-73/+62
| | | | | | | | Also helpful for ipsec statusall to avoid having to enumerate plugins.
* | Log list of loaded plugins in main PKI help output.Tobias Brunner2012-01-191-0/+8
| |
* | Simplified logging of list of loaded plugins.Tobias Brunner2012-01-195-59/+22
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-28 04:13:54 +0000