sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity
15,943 Commits 101 Branches 327 Tags
Commit Graph

15943 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andreas Steffen
49d56e1b39 imv-swima: Implemented SW event processing 2017-07-08 23:19:51 +02:00
Andreas Steffen
74aa1626d2 sw-collector: Query central collector database 2017-07-08 23:19:51 +02:00
Andreas Steffen
8ba6bf511e libimcv: Moved REST API from imv_swid and imv_swima to libimcv 2017-07-08 23:19:51 +02:00
Andreas Steffen
7e796bba67 swidtag: strongSwan swidtag file with double underscores 2017-07-08 23:19:51 +02:00
Andreas Steffen
032a5767ad sw-collector: Collects endpoint software events 2017-07-08 23:19:51 +02:00
Andreas Steffen
3a7c594c14 imv-swima: Created SWIMA IMV plugin 2017-07-08 23:19:51 +02:00
Andreas Steffen
2821c0f740 imc-swima: Created SWIMA IMC plugin 2017-07-08 23:19:51 +02:00
Andreas Steffen
bf22470623 unit-tests: Added IETF SWIMA PA-TNC attribute tests 2017-07-08 23:19:51 +02:00
Andreas Steffen
84c0366bd3 libimcv: Implemented IETF SW PA-TNC attributes 2017-07-08 23:19:51 +02:00
Andreas Steffen
bb87af2a73 libimcv: Fixed memory leak 2017-07-08 23:19:51 +02:00
Andreas Steffen
37205b05e6 libimcv: Corrected order of subscription flags 2017-07-08 23:19:51 +02:00
Andreas Steffen
0cc0b53b2f libimcv: Added IETF Software PA-TNC attributes 2017-07-08 23:19:51 +02:00
Andreas Steffen
8c4c824706 libtncif: Added IETF Software PA-TNC message subtype 2017-07-08 23:19:51 +02:00
Andreas Steffen
6795de0408 libimcv: SWID tag generation and discovery 2017-07-08 23:19:51 +02:00
Andreas Steffen
60da0153ee libimcv: Update database to ISO 19770-2:2015 SWID standard 2017-07-08 23:19:51 +02:00
Andreas Steffen
88b941939f testing: Fixed typo in openssl-ikev2/rw-suite-b-192 scenario 2017-07-08 23:19:18 +02:00
Tobias Brunner
49917f0028 testing: Support running multiple tests with * as wildcard (e.g. ikev2/ocsp-*) 2017-07-07 09:23:14 +02:00
Tobias Brunner
d7dc677ee5 x509: Correctly encode nonce in OCSP request 
The nonce value is encoded as OCTET STRING, however, the extension
values themselves must also be encoded as OCTET STRING.
 2017-07-07 08:57:14 +02:00
Tobias Brunner
93e0898f60 swanctl: Document eap_id in remote sections 2017-07-05 18:08:04 +02:00
Tobias Brunner
fd0a7b4795 kernel-pfroute: Make sure there is a netmask when enumerating subnets 2017-07-05 10:21:25 +02:00
Tobias Brunner
ef6b710f19 pki: Load pubkey plugin to print public keys 
Since 3317d0e77b1a the public keys are printed via certificate printer,
but that only works if the public key is actually wrapped, which
requires the pubkey plugin.

Fixes: 3317d0e77b1a ("Standardized printing of certificate information")
 2017-07-05 10:15:45 +02:00
Tobias Brunner
609457e4c8 pki: Fix typo in --print man page 2017-07-05 10:15:45 +02:00
Tobias Brunner
7aa30575d5 sql: Use qualified names in SQL query statements 
VIRTUAL is a new reserved keyword in MySQL 5.7.6 that caused some of these
queries to fail.

Fixes #2359.
 2017-07-05 10:13:39 +02:00
Tobias Brunner
a3bcbb4c64 stroke: Don't load configs with invalid proposals 
References #2347.
 2017-07-05 10:08:36 +02:00
Tobias Brunner
5d580ae063 ikev1: Determine transform ID before mapping integrity algorithm ID 
Due to the lookup based on the mapped algorithm ID the resulting AH
proposals were invalid.

Fixes #2347.

Fixes: 8456d6f5a8e9 ("ikev1: Don't require AH mapping for integrity algorithm when generating proposal")
 2017-07-05 10:08:20 +02:00
Tobias Brunner
1aba82bfd7 eap-aka-3gpp: Add plugin that implements 3GPP MILENAGE algorithm in software 
This is similar to the eap-aka-3gpp2 plugin. K (optionally concatenated
with OPc) may be configured as binary EAP secret in ipsec.secrets or
swanctl.conf.

Based on a patch by Thomas Strangert.

Fixes #2326.
 2017-07-05 10:03:38 +02:00
Tobias Brunner
7004a59a4c utils: Make second argument to memxor() const 2017-07-05 10:02:05 +02:00
Tobias Brunner
909d7dca17 android: New release after fixing issues with older Android versions and DB upgrade 2017-07-04 11:55:04 +02:00
Tobias Brunner
ccb6e9f1b0 android: Fix database update from older versions 2017-07-04 11:55:04 +02:00
Tobias Brunner
a63b0f9982 android: Fix version string on older Android releases 
SECURITY_PATCH is apparently only available since Android 6.
 2017-07-04 11:54:57 +02:00
Tobias Brunner
480d56da5f android: New release after fixing crash with existing profiles 2017-07-03 13:44:49 +02:00
Tobias Brunner
ebf369c483 android: Fix null pointer dereference with existing profiles 2017-07-03 13:43:53 +02:00
Tobias Brunner
64c2d3ca3e android: Only show disconnect button if actually connected 2017-07-03 12:11:30 +02:00
Tobias Brunner
1b1060821e android: New release after adding lots of new stuff 2017-07-03 10:47:43 +02:00
Tobias Brunner
c0990c187b Merge branch '2309-android-disconnect-button' 
Adds a disconnect button to the permanent notification.

Fixes #2309.
 2017-07-03 10:40:37 +02:00
Tobias Brunner
6333a756ee android: Close activity when dialog is canceled if it was not visible before 
onPause/onResume() won't work because onPause() is called right before
onNewIntent().
 2017-07-03 10:39:26 +02:00
Tobias Brunner
1265b353d4 android: Allow disconnecting via MainActivity but display a confirmation dialog 2017-07-03 10:39:26 +02:00
Tobias Brunner
d0ed8ee89e android: Add disconnect button to notification 2017-07-03 10:39:23 +02:00
Tobias Brunner
aea901bbbe Merge branch 'android-certreq' 
This adds an option that allows disabling certificate requests during
IKE_AUTH.
 2017-07-03 10:37:21 +02:00
Tobias Brunner
8ae7f8b7a2 android: Make sending certificate requests configurable in the GUI 2017-07-03 10:37:09 +02:00
Tobias Brunner
11eb7e0898 android: Import the flag to suppress certificate requests 2017-07-03 10:37:09 +02:00
Tobias Brunner
3f0592d0fd android: Add flag to suppress sending certificate requests 2017-07-03 10:37:09 +02:00
Tobias Brunner
0204374e21 android: Add property for simple flags 2017-07-03 10:37:09 +02:00
Tobias Brunner
6f0888c872 Merge branch '2365-android-nat-keepalive' 
This makes the NAT-T keepalive interval configurable per connection.

Fixes #2365.
 2017-07-03 10:33:52 +02:00
Tobias Brunner
aa4b6eda59 android: Import NAT-T keepalive interval 2017-07-03 10:33:29 +02:00
Tobias Brunner
a2aa0ca0e4 android: Make NAT-T keepalive interval configurable in the GUI 2017-07-03 10:33:29 +02:00
Tobias Brunner
db599d6b28 android: Use configured NAT-T keepalive interval 2017-07-03 10:33:29 +02:00
Tobias Brunner
a28302317f android: Add property for NAT-T keepalive interval 2017-07-03 10:33:29 +02:00
Tobias Brunner
209a611530 Merge branch 'android-updates' 
This adds support for configuring split-tunneling and per-app VPN, adds
a simple HTTP/S fetcher and enables the revocation plugin, makes the log
view more efficient, imports profiles via SAF and changes multiple other
things.
 2017-07-03 10:32:35 +02:00
Tobias Brunner
0b075420df android: Use arrays as primary config option for subnets in profile files 2017-07-03 10:27:55 +02:00