sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity
9,113 Commits 101 Branches 327 Tags
Commit Graph

9113 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tobias Brunner
5c7a219804 Revert "starter: Don't treat unsupported keywords as fatal errors just report them." 
This reverts commit e55876a657ae9d4bbf14320e5a14f86cc5c31c7f.
 2012-06-12 16:15:03 +02:00
Martin Willi
5a6e5e0d2d NEWS about specifying trustchain HASH algorithm requirements 2012-06-12 15:01:39 +02:00
Martin Willi
7c4214bd38 Add documentation for signature hash algorithm enforcing to man ipsec.conf 2012-06-12 15:01:39 +02:00
Martin Willi
e35bbb9740 Added signature scheme options left/rightauth 2012-06-12 15:01:39 +02:00
Martin Willi
918e92c4c9 Support multiple different public key strength types in constraints 2012-06-12 14:24:49 +02:00
Martin Willi
fd4ff11858 Add signature schemes to auth_cfg during trustchain validation 2012-06-12 14:24:49 +02:00
Martin Willi
a37f2d2006 certificate_t->issued_by takes an argument to receive signature scheme 2012-06-12 14:24:49 +02:00
Martin Willi
439d0742e9 Define auth_cfg rules for signature schemes 2012-06-12 14:24:49 +02:00
Tobias Brunner
e7c01bed49 starter: Fixed parsing of left|right=%any. 2012-06-12 10:16:51 +02:00
Andreas Steffen
4745fce666 deleted IKEv1 charon-pluto interoperability scenarios 2012-06-12 10:00:21 +02:00
Tobias Brunner
4d21846912 starter: Fix comparison of connections. 2012-06-11 17:33:32 +02:00
Tobias Brunner
3e2ff81e5d starter: Removed all unsupported keywords. 2012-06-11 17:33:32 +02:00
Tobias Brunner
e55876a657 starter: Don't treat unsupported keywords as fatal errors just report them. 2012-06-11 17:33:32 +02:00
Tobias Brunner
fff4b74db2 Bye bye Pluto! 
Charon will take over IKEv1 duties from here.  This also removes
libfreeswan and whack.
 2012-06-11 17:33:32 +02:00
Tobias Brunner
4a54860986 _copyright: Replicate copyright text here instead of calling libfreeswan. 2012-06-11 17:33:32 +02:00
Tobias Brunner
ee3026a1e2 starter: Remove all ties to pluto/libfreeswan. 
Moved some types/constants in the process.
 2012-06-11 17:33:32 +02:00
Tobias Brunner
5b09310e67 starter: Use custom type for SA specific options (flags). 2012-06-11 17:33:31 +02:00
Tobias Brunner
29906e0eab starter: Parse left|rightprotoport directly in confread.c. 2012-06-11 17:33:31 +02:00
Tobias Brunner
eca839b0a7 starter: No special handling for left|rightsubnet, just pass it on as string. 2012-06-11 17:33:31 +02:00
Tobias Brunner
6ce841b213 starter: Use host_t to parse left|rightsourceip. 
Also for the yet unused natip option.
 2012-06-11 17:33:31 +02:00
Tobias Brunner
0ac29be793 starter: Remove left|rightsubnetwithin option (charon narrows left|rightsubnet down accordingly). 2012-06-11 17:33:31 +02:00
Tobias Brunner
8dd094e185 starter: Don't resolve any addresses in starter. 
Also removed remains of some unknown iface option.
 2012-06-11 17:33:31 +02:00
Tobias Brunner
efc69e9f38 starter: Removed pfs and pfsgroup options (handled via esp option). 2012-06-11 17:33:31 +02:00
Tobias Brunner
6d065f14ae starter: Store mode of the IPsec SA/policy in a separate member. 2012-06-11 17:33:30 +02:00
Tobias Brunner
f82365ad27 starter: Use custom type to mark seen keywords. 2012-06-11 17:33:30 +02:00
Tobias Brunner
57323f6259 starter: Remove left|rightnexthop option. 
Charon does this lookup dynamically.
 2012-06-11 17:33:30 +02:00
Tobias Brunner
753ca22f9c Implement strdupnull() macro as static inline function. 
This avoids compiler warnings if the argument is a const char*.
 2012-06-11 17:33:30 +02:00
Tobias Brunner
7cce0e96f2 starter: Replaced all usages of clone_str() with strdupnull(). 2012-06-11 17:33:30 +02:00
Tobias Brunner
e838c39ba9 starter: Parse authby as string. 2012-06-11 17:33:30 +02:00
Tobias Brunner
041e763b77 starter: Remove main parts of pluto support (invoke, whack). 2012-06-11 17:33:30 +02:00
Tobias Brunner
95e41fb80a starter: Drop support for %defaultroute. 2012-06-11 17:33:29 +02:00
Tobias Brunner
163b227386 starter: Migrated logging to libstrongswan. 2012-06-11 17:33:29 +02:00
Tobias Brunner
bcfb6b8efc starter: Remove unneeded starter_exec function. 2012-06-11 17:33:29 +02:00
Tobias Brunner
d7c3fd5421 scepclient: Option added to read PKCS#10 certificate request from a file. 2012-06-11 17:33:29 +02:00
Tobias Brunner
cea9bf563a scepclient: Option added to read self-signed certificate from a file. 2012-06-11 17:33:29 +02:00
Tobias Brunner
3a7c6b39b5 scepclient: Generate uppercase transaction ID. 2012-06-11 17:33:29 +02:00
Tobias Brunner
f79b665243 scepclient: Use HTTP 1.0 for all requests. 2012-06-11 17:33:28 +02:00
Tobias Brunner
1d81b1ab18 scepclient: Options added to specify digest/signature algorithms. 
Also changed the defaults to DES/MD5 as that's what should be used
if GetCACaps is not used to learn the issuers capabilities.
 2012-06-11 17:33:28 +02:00
Tobias Brunner
cc55783f36 Added function to convert integrity algorithms to hash algorithms (if based on one). 2012-06-11 17:33:28 +02:00
Tobias Brunner
82e526ce81 Properly encode 0 in ASN.1. 
According to X.690 an INTEGER object always has at least one content
octet.
 2012-06-11 17:09:20 +02:00
Tobias Brunner
e8120632ae Don't use chunk_skip() in asn1_length(). 
chunk_skip() returns chunk_empty if the length of the chunk is equal to
the number of bytes to skip, this is problematic as asn1_length() modifies
the original chunk.  asn1_parser_t for instance uses the modified chunk to
later calculate the length of the resulting ASN.1 object which produces
incorrect results if it is based on chunk_empty.
 2012-06-11 17:09:20 +02:00
Tobias Brunner
6e6d78a561 Changed memory management and call logic in PKCS#7 parser/generator. 2012-06-11 17:09:20 +02:00
Tobias Brunner
2bf125f0ed Changed memory management and attribute handling in PKCS#9 wrapper. 2012-06-11 17:09:20 +02:00
Tobias Brunner
f912fedc9b scepclient: Also number CA certificates in case there is more than one. 
Also, only number them if there are multiple certificates.
 2012-06-11 17:09:19 +02:00
Tobias Brunner
04ff78aa33 scepclient: Store received RA certificates, using CA cert name as base. 2012-06-11 17:09:19 +02:00
Tobias Brunner
c6a2aa49b4 scepclient: Use pkcs7_t and pkcs9_t, remove all dependencies to pluto/libfreeswan. 2012-06-11 17:09:19 +02:00
Tobias Brunner
ea92d4f305 Added get_attributes() method to pkcs7_t. 2012-06-11 17:09:19 +02:00
Tobias Brunner
dd93aefc09 scepclient: Local generation of file names. 2012-06-11 17:09:19 +02:00
Tobias Brunner
50e51bee54 scepclient: Replaced usages of datatot(). 2012-06-11 17:09:19 +02:00
Tobias Brunner
a2ddcc3695 scepclient: Migrated logging to libstrongswan. 2012-06-11 17:09:19 +02:00