aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* | Added Dynamic Authorization Extension RADIUS message codesMartin Willi2012-03-052-1/+14
| |
* | Set IKE_SA lifetime based on RADIUS Session-Timeout attributeMartin Willi2012-03-051-0/+26
| |
* | Set hard timeouts when setting a lifetimeMartin Willi2012-03-051-7/+14
| |
* | Fix IKE_SA timeout debug output on 64bit platformsMartin Willi2012-03-051-3/+4
| |
* | Added support for untruncated MD5 and SHA1 HMACs in ESP as used in RFC 4595.Tobias Brunner2012-02-273-3/+25
| | | | | | | | This requires a Linux kernel >= 2.6.33.
* | Encode IPv6 virtual IPs in a Framed-IPv6-Prefix attributeMartin Willi2012-02-241-1/+9
| |
* | Refactored construction of RADIUS accounting messagesMartin Willi2012-02-241-23/+21
| |
* | Include port numbers in Calling-Station-Id, tooMartin Willi2012-02-241-2/+2
| |
* | Use large enough buffers for IPv6 addresses in Calling-Station-IdMartin Willi2012-02-241-2/+2
| |
* | Send client external address as Calling-Station-Id in RADIUS accountingMartin Willi2012-02-241-6/+11
| |
* | handle case where subject = NULL but keyid is set4.6.2Andreas Steffen2012-02-201-1/+2
| |
* | fixed attest sql query in list_measurements()Andreas Steffen2012-02-151-1/+1
| |
* | Compiler warnings fixed.Tobias Brunner2012-02-142-2/+2
| |
* | pluto: Print expiry time more properly.Tobias Brunner2012-02-141-2/+3
| |
* | pluto: Drop support for legacy PSK format.Tobias Brunner2012-02-081-15/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Any line in ipsec.secrets starting with " or ' was treated as PSK without ID selectors by pluto. This prevented it from supporting DNs like "C=CH, O=Linux strongSwan, OU=Sales, CN=alice@strongswan.org" as ID selectors. PSKs defined in this legacy format can easily be updated by changing "thisIsASecret" into : PSK "thisIsASecret"
* | Double check if a cached suite is available, overwrite any old suite stateMartin Willi2012-02-071-2/+3
| |
* | Some Doxygen fixes.Tobias Brunner2012-02-073-11/+11
| |
* | Fix TLS EAP-MSK derivation, uses different order of randoms than key expansionMartin Willi2012-02-071-0/+1
| |
* | Filter TLS suite MAC by HMAC algorithm, as the hash is not necessarily the sameMartin Willi2012-02-071-4/+4
| |
* | Update usage for all children in RADIUS accounting just before sending StopMartin Willi2012-02-061-1/+12
| |
* | Check if ClusterIP directory could be opened before enumerating itMartin Willi2012-02-061-17/+26
| |
* | ipsec attest adds and deletes key/component pairsAndreas Steffen2012-02-051-4/+21
| |
* | check if TNC client has a valid and registered AIKAndreas Steffen2012-02-055-25/+62
| |
* | Trigger DPD not before IKE_SA state gets updatedMartin Willi2012-02-021-6/+8
| |
* | Don't retransmit, rekey, reauth or DPD check SAs when in PASSIVE stateMartin Willi2012-02-021-0/+26
| |
* | Moved log message for unexpected ASN.1 objects to level 2.Tobias Brunner2012-02-011-1/+1
| | | | | | | | This avoids error messages if later builders can successfully decode something.
* | Added support for PKCS#5 v2 schemes when decrypting PKCS#8 files.Tobias Brunner2012-02-013-61/+323
| |
* | Added support for encrypted PKCS#8 files (for some PKCS#5 v1.5 schemes).Tobias Brunner2012-02-013-4/+261
| |
* | Added support to parse PKCS#8 encoded ECDSA private keys.Tobias Brunner2012-02-013-12/+28
| |
* | OpenSSL plugin parses ECDSA private keys with explicitly specified EC ↵Tobias Brunner2012-02-011-9/+30
| | | | | | | | | | | | | | parameters. This is needed in case the key itself does not contain the parameters, which is the case for PKCS#8.
* | Add builder part for parameters from algorithmIdentifier.Tobias Brunner2012-02-012-1/+4
| |
* | Return parsed parameters from algorithmIdentifier if they are an OID (aka EC ↵Tobias Brunner2012-02-011-1/+1
| | | | | | | | | | | | | | named curve). Explicit EC parameters are not supported with this function, but before this change no parameters were actually ever returned.
* | Parse RSA private keys from PKCS#8 encoded blobs.Tobias Brunner2012-02-014-1/+151
| |
* | Added PKCS#8 stub plugin.Tobias Brunner2012-02-014-0/+139
| |
* | Added an option to load CA certificates without CA basic constraint.Tobias Brunner2012-02-011-4/+34
| | | | | | | | | | | | Enabling this option treats all certificates in ipsec.d/cacerts and ipsec.conf ca sections as CA certificates even if they do not contain a CA basic constraint.
* | Support RADIUS accounting messages containing Framed-IP and ↵Martin Willi2012-01-304-0/+376
| | | | | | | | Inbound/Outbound-Octets
* | Open RADIUS accounting sockets to exchange accounting messagesMartin Willi2012-01-305-46/+91
| |
* | Support signing of RADIUS accounting messagesMartin Willi2012-01-303-10/+26
| |
* | RADIUS message constructor accepts a message code parameterMartin Willi2012-01-303-7/+8
| |
* | Disable crypto benchmarking if CLOCK_THREAD_CPUTIME_ID is not available.Tobias Brunner2012-01-301-0/+10
| |
* | Cache list of plugin names to further simplify its usage.Tobias Brunner2012-01-198-73/+62
| | | | | | | | Also helpful for ipsec statusall to avoid having to enumerate plugins.
* | Log list of loaded plugins in main PKI help output.Tobias Brunner2012-01-191-0/+8
| |
* | Simplified logging of list of loaded plugins.Tobias Brunner2012-01-195-59/+22
| |
* | Function added to plugin_loader to get a list of the names of loaded plugins.Tobias Brunner2012-01-192-1/+34
| |
* | Use correct time_t variables to store ARG_TIME optionsMartin Willi2012-01-182-4/+4
| |
* | Destroy active task list before queued tasksThomas Egerer2012-01-181-3/+3
| | | | | | | | | | | | | | Since active task's destruction might result in adopting tasks from a rekeyed ike sa it seems better to first destroy the active task list and then destroy all queued tasks. This way adoption is possible at all, while otherwise the queued task list would be empty.
* | Various style, typo and whitespace correctionsAdrian-Ken Rueegsegger2012-01-131-3/+2
| |
* | Starter depends on whack/stroke on Android.Tobias Brunner2012-01-121-0/+5
| | | | | | | | | | With this change whack and stroke get installed automatically if starter is enabled.
* | Android 4 requires LOCAL_MODULE_TAGS to be set for all modules.Tobias Brunner2012-01-1212-0/+24
| | | | | | | | | | | | | | Because all packages are now marked as optional executables that are to be installed on the final system have to be added to PRODUCT_PACKAGES in build/target/product/core.mk. Dependencies (such as libraries) are installed automatically.
* | Fixed additional typos in comments and log messages.Tobias Brunner2012-01-1214-19/+19
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-28 14:59:05 +0000