tteras/strongswan - tteras' strongSwan tree

	Commit message (Collapse)	Author	Age	Files	Lines
*	charon-tkm: Call esa_reset() when the inbound SA is deleted	Tobias Brunner	2017-08-07	6	-7/+19
\| \| \| \| \| \| \| \| \|	After a rekeying the outbound SA and policy is deleted immediately, however, the inbound SA is not removed until a few seconds later, so delayed packets can still be processed. This adds a flag to get_esa_id() that specifies the location of the given SPI.
*	testing: Add tkm/xfrmproxy-rekey scenario	Tobias Brunner	2017-08-07	11	-0/+119
\| \| \| \| \|	Similar to the xfrmproxy-expire scenario but here the TKM host is the responder to a rekeying.
*	testing: Update test scenarios for Debian jessie	Tobias Brunner	2016-06-16	7	-8/+8
\| \| \| \| \| \| \|	The main difference is that ping now reports icmp_seq instead of icmp_req, so we match for icmp_.eq, which works with both releases. tcpdump now also reports port 4500 as ipsec-nat-t.
*	testing: Update TKM assert strings	Reto Buerki	2015-05-05	7	-10/+10
\|
*	testing: Add tkm xfrmproxy-expire test	Reto Buerki	2015-02-20	11	-0/+121
\| \| \| \| \| \|	This test asserts that the handling of XFRM expire messages from the kernel are handled correctly by the xfrm-proxy and the Esa Event Service (EES) in charon-tkm.
*	testing: Assert ees acquire messages in xfrmproxy tests	Reto Buerki	2015-02-20	2	-0/+2
\|
*	testing: Assert proper ESA deletion	Reto Buerki	2015-02-20	1	-0/+4
\| \| \| \| \|	Extend the tkm/host2host-initiator testcase by asserting proper ESA deletion after connection shutdown.
*	testing: Update tkm/multiple-clients/evaltest.dat	Reto Buerki	2014-10-31	1	-2/+1
\| \| \| \| \| \|	Since the CC context is now properly reset in the bus listener plugin, the second connection from host dave re-uses the first CC ID. Adjust the expect string on gateway sun accordingly.
*	configure: Load fetcher plugins after crypto base plugins	Martin Willi	2014-09-24	7	-7/+7
\| \| \| \| \| \| \| \| \| \|	Some fetcher plugins (such as curl) might build upon OpenSSL to implement HTTPS fetching. As we set (and can't unset) threading callbacks in our openssl plugin, we must ensure that OpenSSL functions don't get called after openssl plugin unloading. We achieve that by loading curl and all other fetcher plugins after the base crypto plugins, including openssl.
*	testing: Update certs and keys in tkm tests	Reto Buerki	2014-09-17	6	-0/+0
\| \| \| \|	References #705.
*	charon-tkm: Update integration tests	Reto Buerki	2013-12-04	6	-0/+48
\|
*	Add type=transport to tkm/host2host-* connections	Reto Buerki	2013-06-29	2	-0/+2
\| \| \| \| \|	Explicitly specify transport mode in connection configuration of the responding host (sun).
*	Implement multiple-clients integration test	Reto Buerki	2013-03-19	12	-0/+158
\| \| \| \| \| \| \| \|	Two transport connections to gateway sun are set up, one from client carol and the other from client dave. The gateway sun uses the Trusted Key Manager (TKM) and is the responder for both connections. The authentication is based on X.509 certificates. In order to test the connections, both carol and dave ping gateway sun.
*	Implement net2net-xfrmproxy integration test	Reto Buerki	2013-03-19	10	-0/+108
\|
*	Implement net2net-initiator integration test	Reto Buerki	2013-03-19	9	-0/+104
\|
*	Add xfrm_proxy integration test	Reto Buerki	2013-03-19	10	-0/+102
\|
*	Add TKM responder integration test	Reto Buerki	2013-03-19	10	-0/+97
\|
*	Add initial TKM integration test	Reto Buerki	2013-03-19	10	-0/+96
	A connection between the hosts moon and sun is set up. The host moon uses the Trusted Key Manager (TKM) and is the initiator of the transport connection. The authentication is based on X.509 certificates.