Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | disable AEAD crypto algorithm if no key size is supported | Andreas Steffen | 2010-12-25 | 1 | -0/+1 | |
| | ||||||
* | disable crypto algorithm if no key size is supported | Andreas Steffen | 2010-12-25 | 1 | -8/+27 | |
| | ||||||
* | log if an AEAD algorithm does not support a given key size | Andreas Steffen | 2010-12-25 | 1 | -2/+6 | |
| | ||||||
* | log if a crypto algorithm does not support a given key size | Andreas Steffen | 2010-12-25 | 1 | -1/+3 | |
| | ||||||
* | wrap list of IKEv2 algorithms after 120 characters per line | Andreas Steffen | 2010-12-24 | 1 | -20/+43 | |
| | ||||||
* | Migrated stroke_list_t to INIT/METHOD macros | Andreas Steffen | 2010-12-24 | 1 | -25/+21 | |
| | ||||||
* | printed plugin names have a hyphen | Andreas Steffen | 2010-12-24 | 7 | -5/+9 | |
| | ||||||
* | Fixed public key construction from PKCS#11 private key | Martin Willi | 2010-12-23 | 1 | -3/+3 | |
| | ||||||
* | eliminated whitespace | Andreas Steffen | 2010-12-21 | 1 | -1/+1 | |
| | ||||||
* | Migrated child_create_t to INIT/METHOD macros | Andreas Steffen | 2010-12-21 | 1 | -83/+55 | |
| | ||||||
* | Probe for supported AF_ALG algorithms, register dynamically | Martin Willi | 2010-12-20 | 10 | -161/+212 | |
| | ||||||
* | Register algorithms with dependencies only if dependency available | Martin Willi | 2010-12-20 | 6 | -64/+133 | |
| | ||||||
* | Register some less common AF_ALG ciphers (cast5, serpent, twofish, blowfish) | Martin Willi | 2010-12-20 | 2 | -0/+18 | |
| | ||||||
* | Implemented PRFs using AF_ALG | Martin Willi | 2010-12-20 | 4 | -0/+253 | |
| | ||||||
* | Use the AF_ALG wrapper in hasher, crypter and signer | Martin Willi | 2010-12-20 | 3 | -278/+39 | |
| | ||||||
* | Use a generic AF_ALG wrapper for common operations | Martin Willi | 2010-12-20 | 3 | -0/+312 | |
| | ||||||
* | Implemented crypter on top of AF_ALG | Martin Willi | 2010-12-20 | 4 | -1/+362 | |
| | ||||||
* | Implemented signer interface using AF_ALG | Martin Willi | 2010-12-20 | 4 | -1/+334 | |
| | ||||||
* | Implemented hasher based on AF_ALG | Martin Willi | 2010-12-20 | 4 | -2/+285 | |
| | ||||||
* | Added Linux AF_ALG header | Martin Willi | 2010-12-20 | 1 | -0/+40 | |
| | ||||||
* | Added plugin stub for AF_ALG | Martin Willi | 2010-12-20 | 4 | -0/+119 | |
| | ||||||
* | Added a tfc ipsec.conf keyword to control Traffic Flow Confidentiality | Martin Willi | 2010-12-20 | 8 | -2/+25 | |
| | ||||||
* | Do not use TFC padding if peer does not support ESPv3 | Martin Willi | 2010-12-20 | 3 | -11/+31 | |
| | ||||||
* | Added a TFC padding option to child_cfg | Martin Willi | 2010-12-20 | 12 | -12/+36 | |
| | ||||||
* | Implemented Traffic Flow Confidentiality padding in kernel_interface | Martin Willi | 2010-12-20 | 8 | -13/+35 | |
| | ||||||
* | cast enumerated algorithm type as int | Andreas Steffen | 2010-12-18 | 1 | -3/+4 | |
| | ||||||
* | trace back crypto algorithms to the plugins that registered them | Andreas Steffen | 2010-12-18 | 30 | -406/+593 | |
| | ||||||
* | Install selectors on transport mode IPsec SAs. | Jiri Bohac | 2010-12-13 | 2 | -1/+2 | |
| | | | | | | | | | | | | | | | | This fixes several test cases in IKEv2_Self_Test (part of the IPv6 Ready Logo Program) which is required for USGv6 certification, namely: - IKEv2.EN.I.1.1.7.1, IKEv2.EN.I.1.1.7.1: Narrowing the range of members of the set of traffic selectors - IKEv2.EN.R.1.1.7.3: Narrowing multiple traffic selector When traffic selectors of a triggered SA are narrowed by the responder, the installed policy and the broader trap policy share the same reqid. Without selectors on the IPsec SA packets matching the trap policy, but not the narrowed policy, would incorrectly be handled by that IPsec SA. Since only one selector can be specified per IPsec SA, there is currently no solution for tunnel mode SAs. | |||||
* | fixed bug in mem_cred.c:add_crl() | Andreas Steffen | 2010-12-12 | 1 | -1/+1 | |
| | ||||||
* | reverted Connection ID to capital letters | Andreas Steffen | 2010-12-12 | 1 | -2/+2 | |
| | ||||||
* | fixed a bug in enum_from_name() function | Andreas Steffen | 2010-12-12 | 1 | -1/+1 | |
| | ||||||
* | some more cosmetics | Andreas Steffen | 2010-12-12 | 1 | -9/+9 | |
| | ||||||
* | final cosmetics in PB-TNC debug output | Andreas Steffen | 2010-12-12 | 2 | -31/+30 | |
| | ||||||
* | implemented PB-TNC message parsing checks | Andreas Steffen | 2010-12-12 | 25 | -605/+1195 | |
| | ||||||
* | some code optimizations | Andreas Steffen | 2010-12-11 | 1 | -42/+67 | |
| | ||||||
* | support handshake retry requests | Andreas Steffen | 2010-12-10 | 1 | -0/+15 | |
| | ||||||
* | the PB-TNC protocol is working | Andreas Steffen | 2010-12-10 | 2 | -15/+50 | |
| | ||||||
* | refactored message handling | Andreas Steffen | 2010-12-10 | 1 | -147/+194 | |
| | ||||||
* | do not accept results and recommendation messages from clients | Andreas Steffen | 2010-12-10 | 1 | -10/+29 | |
| | ||||||
* | defined some additional Private Enterprise Numbers | Andreas Steffen | 2010-12-10 | 1 | -2/+6 | |
| | ||||||
* | define pb_tnc_state_machine_t object | Andreas Steffen | 2010-12-10 | 6 | -229/+401 | |
| | ||||||
* | debug cosmetics | Andreas Steffen | 2010-12-10 | 2 | -13/+21 | |
| | ||||||
* | Renamed purgex509/crl to purgecerts/crls to be consistent with list commands | Martin Willi | 2010-12-10 | 6 | -17/+17 | |
| | ||||||
* | implemented handling of received PB-TNC messages | Andreas Steffen | 2010-12-10 | 2 | -14/+179 | |
| | ||||||
* | Added options to flush CRLs/X509 certs from the cert cache | Martin Willi | 2010-12-10 | 6 | -2/+26 | |
| | ||||||
* | refactored PB-TNC state machine in receive direction | Andreas Steffen | 2010-12-09 | 1 | -83/+90 | |
| | ||||||
* | refactored PB-TNC state machine in send direction | Andreas Steffen | 2010-12-09 | 1 | -91/+95 | |
| | ||||||
* | pb_tnc_batch_t class implements parsing and building of PB-TNC batches | Andreas Steffen | 2010-12-09 | 12 | -430/+1155 | |
| | ||||||
* | fixed memory corruption | Andreas Steffen | 2010-12-08 | 1 | -1/+1 | |
| | ||||||
* | Never register IKE_SA during checkout_new, as rekeying keeps it checked out | Martin Willi | 2010-12-07 | 2 | -18/+2 | |
| |