sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-15 00:00:16 -04:00
Code Issues Projects Releases Wiki Activity
16,880 Commits 101 Branches 327 Tags
Commit Graph

16880 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tobias Brunner
01f50bdddc conftest: Sanity check for proposal number modifier 2018-11-12 17:36:22 +01:00
Tobias Brunner
f92174dcd1 botan: Initialize p and q before calling calculate_pq() 2018-11-12 17:36:22 +01:00
Tobias Brunner
de80946f6a Remove useless break statements 2018-11-12 17:36:22 +01:00
Andreas Steffen
ff3f09af45 Version bump to 5.7.2dr3 5.7.2dr3 2018-11-12 16:24:53 +01:00
Andreas Steffen
b5747192bd testing: Added botan/net2net-pkcs12 scenario 2018-11-12 13:51:01 +01:00
Andreas Steffen
440e6a03c1 testing: Migrated openssl-ikev2/net2net-pkcs12 scenario to swanctl 2018-11-12 13:46:16 +01:00
Andreas Steffen
836e870912 testing: Removed openssl-ikev2/rw-eap-tls-only scenario 2018-11-12 12:41:11 +01:00
Andreas Steffen
280cf56411 testing: Removed openssl-ikev2/net2net-pgp-v3 scenario 2018-11-12 12:35:37 +01:00
Andreas Steffen
e259ff3979 testing: migrated openssl-ikev2/critical-extension to swanctl 2018-11-12 11:50:05 +01:00
Andreas Steffen
97493cbe17 testing: Migrated openssl/rw-cert scenario to swanctl 2018-11-09 21:45:12 +01:00
Andreas Steffen
6617341390 testing: Migrated openssl-ikev2/ecdsa-pkcs8 scenario to swanctl 2018-11-09 16:38:33 +01:00
Andreas Steffen
6ea531d926 testing: Migrated openssl brainpool scenarios to swanctl 2018-11-09 15:00:26 +01:00
Andreas Steffen
1cab8ed5f8 testing: Migrated openssl alg-ecp-low scenarios to swanctl 2018-11-09 12:42:14 +01:00
Andreas Steffen
21735750df testing: Migrated openssl alg-ecp-high scenarios 2018-11-09 11:52:59 +01:00
Andreas Steffen
a4c085978c testing: Migrated openssl alg-camellia scenarios to swanctl 2018-11-09 10:02:26 +01:00
Andreas Steffen
873a6ab0ef testing: Removed openssl alg-aes-gcm and alg-blowfish scenarios 2018-11-08 21:28:19 +01:00
Andreas Steffen
fcaa081825 testing: Removed openssl suite B scenarios 2018-11-08 21:23:10 +01:00
Andreas Steffen
99b66151fd testing: Moved openssl ecdsa-certs scenarios to swanctl 2018-11-08 21:16:32 +01:00
Tobias Brunner
8eea28063d leak-detective: Use hashtable to cache ignored/whitelisted backtraces 
Checking for whitelisted functions in every backtrace is not very
efficient.  And because OpenSSL 1.1 does no proper cleanup anymore until
the process is terminated there are now a lot more "leaks" to ignore.
For instance, in the openssl-ikev2/rw-cert scenario, just starting and
stopping the daemon (test vectors are checked) now causes 3594 whitelisted
leaks compared to the 849 before.  This prolonged the shutdown of the
daemon on each guest in every scenario, amounting to multiple seconds of
additional runtime for every affected scenario.  But even with this
patch there is still some overhead, compared to running the scenarios on
jessie.
 2018-11-06 12:27:16 +01:00
Tobias Brunner
0f7055b22c leak-detective: Whitelist additional OpenSSL functions used by libcurl 2018-11-06 12:27:01 +01:00
Tobias Brunner
b959532f68 scripts: Include botan in dh_speed.sh and pubkey_speed.sh 
Also, using sudo is not necessary in dh_speed.sh.
 2018-10-31 15:50:36 +01:00
Tobias Brunner
8b4c2a1d8e openssl: Fix some const issues with OpenSSL 1.1.0 2018-10-31 15:50:36 +01:00
Tobias Brunner
fd3947d9e5 openssl: Don't use functions deprecated with OpenSSL 1.1.0 2018-10-31 15:50:36 +01:00
Andreas Steffen
0e80eb235d Version bump to 5.7.2dr2 5.7.2dr2 2018-10-31 14:22:03 +01:00
Andreas Steffen
9be6dee6a4 botan: SHA-3 support 2018-10-30 16:06:15 +01:00
Tobias Brunner
ae271810dc Use Botan 2.8.0 for tests 2018-10-30 15:08:31 +01:00
Tobias Brunner
a29f70e4fb testing: Use AES-GCM for SSH connections 
RC4, which was previously used for performance reasons, is not supported
anymore with newer versions of SSH (stretch still supports it, but it
requires explicit configuration on the guests when they act as clients
too - the version in Ubuntu 18.04 apparently doesn't support it anymore
at all).

AES-GCM should actually be faster (at least for larger amounts of data and
in particular with hardware acceleration).
 2018-10-30 15:06:57 +01:00
Tobias Brunner
67fd36e884 testing: Avoid unnecessary rebuilds of components built from Git repos 
Installing apparently changes the timestamp on the repo dir triggering make
to checkout and build the whole thing again.
 2018-10-30 15:06:47 +01:00
Tobias Brunner
3a4372c1eb testing: Disable predictable network interface names assigned by systemd/udev 2018-10-30 15:06:33 +01:00
Tobias Brunner
3fbeeef908 testing: Remove unused custom OIDs from openssl.cnf files 
ClientAuthentication is known in OpenSSL 1.1 and the redefinition, therefore,
causes an error.  These two OIDs are not used anyway in these config
files.
 2018-10-30 15:03:34 +01:00
Andreas Steffen
e660f4579b testing: Fixed evaluation in swanctl/rw-cert-pss scenario 2018-10-27 08:47:57 +02:00
Andreas Steffen
f5565683b9 Version bump to 5.7.2dr1 5.7.2dr1 2018-10-26 18:47:48 +02:00
Andreas Steffen
534ab34df6 testing: Added botan/net2net-ed25519 scenario 2018-10-26 18:46:59 +02:00
Tobias Brunner
d1acfeec7b NEWS: Add some recent changes 2018-10-26 15:27:15 +02:00
Tobias Brunner
ce381883a1 dhcp: Ignore DHCP OFFER messages without assigned address 
FreeRADIUS seems to respond that way if it can't allocate an address to
the client.
 2018-10-26 11:26:50 +02:00
Tobias Brunner
6e9cfe9751 vici: Properly handle absence of peer ID on mediation connections 
Fixes #2794.
 2018-10-26 11:25:31 +02:00
Tobias Brunner
46bea1add9 task-manager-v2: Reject requests for incomplete IKE_SAs as initiator 
Based on a patch by Thomas Egerer.
 2018-10-26 11:22:08 +02:00
Tobias Brunner
a61b1a6ee4 mysql: Don't release the connection if transactions are still using it 
Fixes #2779.
 2018-10-26 11:18:43 +02:00
Tobias Brunner
6c641377c3 Merge branch 'botan-algos' 
This adds wrappers for additional algorithms (Ed25519, ChaCha20/Poly1305,
AES-CCM) to the botan plugin and fixes some potential compile issues.
 2018-10-26 11:11:04 +02:00
Tobias Brunner
147363c169 botan: Fix build without specific asymmetric crypto 2018-10-26 11:06:45 +02:00
Tobias Brunner
37ae912271 botan: Fix build without AES and its modes 2018-10-26 11:06:45 +02:00
Tobias Brunner
3f960e38a1 botan: Add support for AES-CCM 2018-10-26 11:06:45 +02:00
Tobias Brunner
b1ab9782e2 test-vectors: Add another ChaCha20/Poly1305 test vector from RFC 7539 2018-10-26 11:06:45 +02:00
Tobias Brunner
cb7b83017d botan: Add support for ChaCha20/Poly1305 AEAD algorithm 2018-10-26 11:06:45 +02:00
Tobias Brunner
4bcc4bacd4 botan: Add support for Ed25519 keys 2018-10-26 11:06:45 +02:00
Tobias Brunner
5cd24d26e2 botan: Add helper function for signature verification 2018-10-26 11:06:45 +02:00
Tobias Brunner
8d8e7a9c8b Merge branch 'ssh-eddsa' 
This adds support for Ed25519/Ed448 SSH keys and their signatures via
agent plugin.
 2018-10-26 11:04:37 +02:00
Tobias Brunner
8f23e64ee5 agent: Support signatures with Ed25519/Ed448 keys 2018-10-26 11:01:10 +02:00
Tobias Brunner
87dd08b139 sshkey: Support encoding Ed25519/Ed448 SSH public keys 2018-10-26 11:01:10 +02:00
Tobias Brunner
7de0729357 sshkey: Add support for parsing Ed25519/Ed448 SSH keys 2018-10-26 11:01:10 +02:00