sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-06 00:00:47 -04:00
Code Issues Projects Releases Wiki Activity
15,306 Commits 101 Branches 327 Tags
Commit Graph

15306 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tobias Brunner
1806ba0890 travis: Add a workaround for a bug regarding libtool installed via Homebrew 2016-08-25 17:21:02 +02:00
Thomas Egerer
8456d6f5a8 ikev1: Don't require AH mapping for integrity algorithm when generating proposal 
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
 2016-08-25 13:34:36 +02:00
Andreas Steffen
d125941802 libtpmtss: TCTI finalization call changed 2016-08-25 13:22:51 +02:00
Andreas Steffen
36bf2b1bc5 conf: aikpub2.opt added to Makefile.am 2016-08-25 13:22:51 +02:00
Tobias Brunner
09d8215d3f pki: Allow to load CRLs from files in --verify 2016-08-25 11:07:35 +02:00
Tobias Brunner
17ecc104fb ikev1: Ignore the last two bytes of the Cisco Unity vendor ID 
These seem to indicate the major and minor version of the protocol, like
e.g. for the DPD vendor ID.  Some implementations seem to send versions
other than 1.0 so we just ignore these for now when checking for known
vendor IDs.

Fixes #2088.
 2016-08-24 17:46:05 +02:00
Tobias Brunner
603a1d3c8f utils: Fix definition of BYTE_ORDER with MinGW 2016-08-24 10:40:57 +02:00
Tobias Brunner
22b839e6e9 ikev1: Accept more than one certificate payload in aggressive mode 
Fixes #2085.
 2016-08-17 10:30:39 +02:00
Andreas Steffen
ce20979ce2 testing: Virtual IPs went missing 2016-08-16 17:18:17 +02:00
Andreas Steffen
3bca51e430 unit-tests: Removed unused variable 2016-08-11 17:01:33 +02:00
Andreas Steffen
5afaf0dba2 Version bump to 5.5.1dr1 5.5.1dr1 2016-08-10 18:11:53 +02:00
Andreas Steffen
53332c9390 Merge branch 'newhope' 2016-08-10 16:23:04 +02:00
Andreas Steffen
c1a1f9f548 testing: Added swanctl/rw-newhope-bliss scenario 2016-08-10 15:14:26 +02:00
Andreas Steffen
1e0dc2c329 testing: Add chapoly, ntru and newhope plugins to crypto and integrity tests 2016-08-10 14:34:27 +02:00
Andreas Steffen
277ef8c2fa testing: Added ikev2/rw-newhope-bliss scenario 2016-08-10 14:22:00 +02:00
Andreas Steffen
1342bd3386 unit-tests: Created newhope unit-tests 2016-08-10 14:22:00 +02:00
Andreas Steffen
393688aea0 Created newhope plugin implementing the New Hope key exchange algorithm 2016-08-10 14:22:00 +02:00
Andreas Steffen
1fddb0b92e xof: Added ChaCha20 stream as XOF 2016-08-06 12:09:05 +02:00
Andreas Steffen
8993cb556e utils: Defined uletoh16() and htole16() 2016-08-06 12:09:05 +02:00
Andreas Steffen
b8070e2c85 integrity-test: Added ntru_param_sets to read-only segment 2016-07-29 12:36:15 +02:00
Andreas Steffen
17e4ca6ac9 integrity-test: Added bliss_param_sets to read-only segment 2016-07-29 12:36:15 +02:00
Andreas Steffen
7256c68da0 integrity-test: check code and ro segments of libnttfft 2016-07-29 12:36:15 +02:00
Andreas Steffen
d305f251a5 Created libnttfft 
This makes Number Theoretic Transforms (NTT) based on the efficient
Fast-Fourier-Transform (FFT) available to multiple plugins.
 2016-07-29 12:36:15 +02:00
Andreas Steffen
65f2ecb86d Share twiddle factors table between 512 and 1024 point FFT 2016-07-29 12:36:14 +02:00
Andreas Steffen
68075fb7a7 Implemented FFT with n = 1024 and q = 11289 using Montgomery arithmetic 2016-07-29 12:36:14 +02:00
Andreas Steffen
a7d626118f bliss: Implemented FFT with fast Montgomery arithmetic 2016-07-29 12:36:14 +02:00
Andreas Steffen
5ff88c9622 xof: Implemented SHAKE128 and SHAKE256 Extended Output Functions 2016-07-29 12:36:14 +02:00
Andreas Steffen
04208ac5d4 xof: Defined Extended Output Functions 2016-07-29 12:36:14 +02:00
Andreas Steffen
7f65a8c271 vici: Increased various string buffers to BUF_LEN (512 bytes) 2016-07-29 12:34:40 +02:00
Andreas Steffen
fa1865094d integrity-test: Added charon-systemd 2016-07-29 12:33:32 +02:00
Andreas Steffen
eda8907b90 Added SHA-3 signature OIDs 2016-07-26 13:34:45 +02:00
Tobias Brunner
a6d7aed78a libcharon: Add exchange_tests to .gitignore 2016-07-25 14:01:26 +02:00
Andreas Steffen
5ce749bcfc unit-tests: Decreased loop count of FFT speed test to 10'000 2016-07-22 21:27:42 +02:00
Andreas Steffen
10ebb3c914 unit-tests: Added bliss_fft_speed test 2016-07-22 11:58:10 +02:00
Andreas Steffen
6f4b73615b Merge branch 'tss2-sapi' 2016-07-20 11:26:45 +02:00
Andreas Steffen
0274163674 libtpmtss: Use pkconfig to configure TSS 2.0 includes and libraries 2016-07-20 11:26:07 +02:00
Tobias Brunner
60d0f52fd6 ike1: Flush active queue when queueing a delete of the IKE_SA 
By aborting the active task we don't have to wait for potential
retransmits if the other peer does not respond to the current task.
Since IKEv1 has no sequential message IDs and INFORMATIONALs are no real
exchanges this should not be a problem.

Fixes #1537
References #429, #1410
Closes strongswan/strongswan#48
 2016-07-19 11:48:17 +02:00
Andreas Steffen
74de8c3727 Version bump to 5.5.0 5.5.0 2016-07-13 13:26:16 +02:00
Tobias Brunner
b977ef8ec9 NEWS: Some updates for the 5.5.0 release 2016-07-11 15:42:51 +02:00
Tobias Brunner
1fafc56b95 Fixed some typos, courtesy of codespell 2016-07-04 12:18:51 +02:00
Tobias Brunner
5e5dee36b6 testing: Remove obsolete openssl-fips recipe 
This was only required when we initially started and OpenSSL was built
from sources, which was changed with b97dd59ba841 ("install FIPS-aware
OpenSSL Debian packages").
 2016-07-04 12:18:51 +02:00
Tobias Brunner
7b879874d7 Revert "testing: Only load selected plugins in swanctl" 
This reverts commit dee01d019ba9743b2784b417155601d10c173a66.

Thanks to 505c31870162 ("leak-detective: Try to properly free
allocations after deinitialization") this is not required anymore.
 2016-07-01 17:35:52 +02:00
Andreas Steffen
8fafbffdb7 Version bump to 5.5.0rc1 5.5.0rc1 2016-06-30 16:28:28 +02:00
Andreas Steffen
37ffa99cf2 imcv: Added EFI HCRTM event 2016-06-30 16:20:10 +02:00
Andreas Steffen
ee2644dd3f testing: Version bump to 4.6.3 kernel and strongSwan 5.5.0 2016-06-30 16:20:10 +02:00
Tobias Brunner
a8d6501036 aikgen: Fix computation of key ID of the AIK public key 
We don't have direct access to the modulus and exponent of the key anymore.
 2016-06-30 12:56:41 +02:00
Tobias Brunner
c05d49632f libtpmtss: Define missing Doxygen group and fix some comments 2016-06-30 12:12:31 +02:00
Tobias Brunner
a23bde26bd libimcv: Fix Doxygen comment 2016-06-30 12:12:26 +02:00
Tobias Brunner
c3e5109c37 testing: Add ikev1/net2net-esn scenario 2016-06-29 11:16:48 +02:00
Thomas Egerer
40bb4677f7 ikev1: Add support for extended sequence numbers 
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
 2016-06-29 11:16:48 +02:00