aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* disable AEAD crypto algorithm if no key size is supportedAndreas Steffen2010-12-251-0/+1
|
* disable crypto algorithm if no key size is supportedAndreas Steffen2010-12-251-8/+27
|
* log if an AEAD algorithm does not support a given key sizeAndreas Steffen2010-12-251-2/+6
|
* log if a crypto algorithm does not support a given key sizeAndreas Steffen2010-12-251-1/+3
|
* wrap list of IKEv2 algorithms after 120 characters per lineAndreas Steffen2010-12-241-20/+43
|
* Migrated stroke_list_t to INIT/METHOD macrosAndreas Steffen2010-12-241-25/+21
|
* printed plugin names have a hyphenAndreas Steffen2010-12-247-5/+9
|
* Fixed public key construction from PKCS#11 private keyMartin Willi2010-12-231-3/+3
|
* eliminated whitespaceAndreas Steffen2010-12-211-1/+1
|
* Migrated child_create_t to INIT/METHOD macrosAndreas Steffen2010-12-211-83/+55
|
* Probe for supported AF_ALG algorithms, register dynamicallyMartin Willi2010-12-2010-161/+212
|
* Register algorithms with dependencies only if dependency availableMartin Willi2010-12-206-64/+133
|
* Register some less common AF_ALG ciphers (cast5, serpent, twofish, blowfish)Martin Willi2010-12-202-0/+18
|
* Implemented PRFs using AF_ALGMartin Willi2010-12-204-0/+253
|
* Use the AF_ALG wrapper in hasher, crypter and signerMartin Willi2010-12-203-278/+39
|
* Use a generic AF_ALG wrapper for common operationsMartin Willi2010-12-203-0/+312
|
* Implemented crypter on top of AF_ALGMartin Willi2010-12-204-1/+362
|
* Implemented signer interface using AF_ALGMartin Willi2010-12-204-1/+334
|
* Implemented hasher based on AF_ALGMartin Willi2010-12-204-2/+285
|
* Added Linux AF_ALG headerMartin Willi2010-12-201-0/+40
|
* Added plugin stub for AF_ALGMartin Willi2010-12-204-0/+119
|
* Added a tfc ipsec.conf keyword to control Traffic Flow ConfidentialityMartin Willi2010-12-208-2/+25
|
* Do not use TFC padding if peer does not support ESPv3Martin Willi2010-12-203-11/+31
|
* Added a TFC padding option to child_cfgMartin Willi2010-12-2012-12/+36
|
* Implemented Traffic Flow Confidentiality padding in kernel_interfaceMartin Willi2010-12-208-13/+35
|
* cast enumerated algorithm type as intAndreas Steffen2010-12-181-3/+4
|
* trace back crypto algorithms to the plugins that registered themAndreas Steffen2010-12-1830-406/+593
|
* Install selectors on transport mode IPsec SAs.Jiri Bohac2010-12-132-1/+2
| | | | | | | | | | | | | | | | This fixes several test cases in IKEv2_Self_Test (part of the IPv6 Ready Logo Program) which is required for USGv6 certification, namely: - IKEv2.EN.I.1.1.7.1, IKEv2.EN.I.1.1.7.1: Narrowing the range of members of the set of traffic selectors - IKEv2.EN.R.1.1.7.3: Narrowing multiple traffic selector When traffic selectors of a triggered SA are narrowed by the responder, the installed policy and the broader trap policy share the same reqid. Without selectors on the IPsec SA packets matching the trap policy, but not the narrowed policy, would incorrectly be handled by that IPsec SA. Since only one selector can be specified per IPsec SA, there is currently no solution for tunnel mode SAs.
* fixed bug in mem_cred.c:add_crl()Andreas Steffen2010-12-121-1/+1
|
* reverted Connection ID to capital lettersAndreas Steffen2010-12-121-2/+2
|
* fixed a bug in enum_from_name() functionAndreas Steffen2010-12-121-1/+1
|
* some more cosmeticsAndreas Steffen2010-12-121-9/+9
|
* final cosmetics in PB-TNC debug outputAndreas Steffen2010-12-122-31/+30
|
* implemented PB-TNC message parsing checksAndreas Steffen2010-12-1225-605/+1195
|
* some code optimizationsAndreas Steffen2010-12-111-42/+67
|
* support handshake retry requestsAndreas Steffen2010-12-101-0/+15
|
* the PB-TNC protocol is workingAndreas Steffen2010-12-102-15/+50
|
* refactored message handlingAndreas Steffen2010-12-101-147/+194
|
* do not accept results and recommendation messages from clientsAndreas Steffen2010-12-101-10/+29
|
* defined some additional Private Enterprise NumbersAndreas Steffen2010-12-101-2/+6
|
* define pb_tnc_state_machine_t objectAndreas Steffen2010-12-106-229/+401
|
* debug cosmeticsAndreas Steffen2010-12-102-13/+21
|
* Renamed purgex509/crl to purgecerts/crls to be consistent with list commandsMartin Willi2010-12-106-17/+17
|
* implemented handling of received PB-TNC messagesAndreas Steffen2010-12-102-14/+179
|
* Added options to flush CRLs/X509 certs from the cert cacheMartin Willi2010-12-106-2/+26
|
* refactored PB-TNC state machine in receive directionAndreas Steffen2010-12-091-83/+90
|
* refactored PB-TNC state machine in send directionAndreas Steffen2010-12-091-91/+95
|
* pb_tnc_batch_t class implements parsing and building of PB-TNC batchesAndreas Steffen2010-12-0912-430/+1155
|
* fixed memory corruptionAndreas Steffen2010-12-081-1/+1
|
* Never register IKE_SA during checkout_new, as rekeying keeps it checked outMartin Willi2010-12-072-18/+2
|