sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-05 00:00:45 -04:00
Code Issues Projects Releases Wiki Activity
10,219 Commits 101 Branches 327 Tags
Commit Graph

10219 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Martin Willi
5a50bec9d2 Fix leak in pki --pkcs7 --decrypt 2012-12-19 10:32:08 +01:00
Martin Willi
b95b4730f5 Support multiple signerInfos while parsing PKCS#7 signed-data 2012-12-19 10:32:07 +01:00
Martin Willi
47120d4977 Add a pki command to sign, verify, encrypt and decrypt PKCS#7 containers 2012-12-19 10:32:07 +01:00
Martin Willi
5d932e4f01 Support encoding of PKCS#7 enveloped-data containers 2012-12-19 10:32:07 +01:00
Martin Willi
32745a28cf Support encoding of PKCS#7 signed-data containers 2012-12-19 10:32:07 +01:00
Martin Willi
3c2986bf0a Support encoding of PKCS#7 "data" containers 2012-12-19 10:32:07 +01:00
Martin Willi
637a8abb72 Add builder parts to generate PKCS#7 containers 2012-12-19 10:32:07 +01:00
Martin Willi
d7aa09104f Implement PKCS#7 enveloped-data parsing and decryption 2012-12-19 10:32:07 +01:00
Martin Willi
98bbe0760f Implement PKCS#7 signed-data parsing and verification 2012-12-19 10:32:07 +01:00
Martin Willi
83ed1464e3 Implement PKCS#7 "data" content type parsing 2012-12-19 10:32:07 +01:00
Martin Willi
ed1c430334 certificate_t.has_subject() matches for certificate serialNumber 2012-12-19 10:32:07 +01:00
Martin Willi
9de6a7a85c Implement generic PKCS#7 contentInfo parsing 2012-12-19 10:32:07 +01:00
Martin Willi
bd20f040fd Add a plugin stub for PKCS#7 containers 2012-12-19 10:32:07 +01:00
Martin Willi
692f560546 Add container plugin features 2012-12-19 10:32:07 +01:00
Martin Willi
fc67a932ba Add a generic interface for crypto containers and a more specific PKCS#7 interface 2012-12-19 10:32:07 +01:00
Martin Willi
67ca44ccbd Rebuild PKCS#9 encoding after adding new attributes 2012-12-19 10:32:07 +01:00
Martin Willi
60c9b5da8d Don't store additional encoding for each PKCS#9 attribute 2012-12-19 10:32:07 +01:00
Martin Willi
7f9fedc9bd Unify PKCS#9 set_attribute* methods to a single add_attribute 
This way the PKCS#9 implementation does not have to know
the encoding types for values
 2012-12-19 10:32:07 +01:00
Martin Willi
c1005c120c PKCS#9 coding style cleanups 2012-12-19 10:32:07 +01:00
Martin Willi
f0c02e27c4 Remove external build_encoding method in PKCS#9 2012-12-19 10:32:07 +01:00
Tobias Brunner
0080daa787 Fix deadlock in IMC/IMV managers 
Since reserve_id() might be called from e.g. notify_connection_change()
using a write lock will not work as this can't be acquired while holding
the read lock.

Also, with the previous code it was possible that two IMCs/IMVs added by
two threads at the same time would get the same ID assigned.
 2012-12-18 15:59:29 +01:00
Tobias Brunner
6a8eeba540 Properly select IMC/IMV according to given primary ID in reserve_id() 2012-12-18 15:59:29 +01:00
Martin Willi
4185c64464 Use a ./configure check to detect pthread spinlock availability 
_POSIX_SPIN_LOCKS does not seem to be defined correctly on all
systems (Debian libc 2.3.6). Fixes #262.
 2012-12-18 09:51:33 +01:00
Martin Willi
544c2e3d7b kernel-netlinks get_interface() considers virtual IPs, too 
When using load-tester, we can install tunnel outer addresses on
demand. As these are installed as "virtual", we have to consider
virtual IPs in the get_interface() lookup to install "real" virtual
IPs to these dynamic external addresses.
 2012-12-17 14:23:44 +01:00
Martin Willi
d9d0f12222 If load-tester requests a virtual IP, use a dynamic local traffic selector 2012-12-17 14:22:25 +01:00
Martin Willi
fe3060f5d0 Add missing CHILD_SA specific proposal keyword in conftest README 2012-12-17 10:58:47 +01:00
Tobias Brunner
283898d6e0 Fix traffic selectors also as initiator in case of transport mode over NAT 2012-12-13 15:27:29 +01:00
Tobias Brunner
2990671748 Fix debug output if responder selected invalid traffic selectors during QM 2012-12-13 15:27:28 +01:00
Andreas Steffen
45b5203f5d fixed memory leak in TPM Version Info 2012-12-13 11:10:38 +01:00
Tobias Brunner
5cb00b3afb Fixed reading of configs in conftest utility 2012-12-13 11:08:32 +01:00
Martin Willi
df75cc5c5f Migrate RADIUS accounting state while IKE_SA unique id changes during rekey 2012-12-11 10:40:59 +01:00
Martin Willi
251b740712 Migrate cache and fire lookip events for unique_id change during IKE_SA rekey 2012-12-10 17:04:26 +01:00
Martin Willi
43b4c2ea75 Inherit virtual IP and attributes from old to new, not from new to old 2012-12-10 17:01:00 +01:00
Tobias Brunner
caccc0e8cc Avoid that ruby 1.9 redefines snprintf(3) etc. 
Otherwise our custom printf specifiers won't work.
 2012-12-10 11:41:37 +01:00
Tobias Brunner
12e70a7efc Properly initialize linked list when enumerating interface addresses 2012-12-10 09:47:46 +01:00
Tobias Brunner
6a25122bfc rb_cvar_set() takes three arguments in Ruby 1.9 2012-12-10 09:47:46 +01:00
Tobias Brunner
d972975d87 Use rb_errinfo() instead of ruby_errinfo for Ruby 1.9 2012-12-10 09:47:46 +01:00
Tobias Brunner
afabe7b0ef Use proper Ruby library depending on the available version 2012-12-10 09:47:46 +01:00
Tobias Brunner
5057df5b73 Fixed search for ruby.h in ./configure for newer Ruby releases 2012-12-10 09:47:46 +01:00
Andreas Steffen
133fb74841 add dlcose strongswan.conf option to tnc-imc/tnc-imv plugins 2012-12-09 19:40:13 +01:00
Andreas Steffen
92e75e4535 optionally skip dlclose() of IMCs/IMVs in order to track memory leaks 2012-12-09 19:35:23 +01:00
Andreas Steffen
7d17eeb7ef fixed memory leak in error case 2012-12-09 17:07:51 +01:00
Andreas Steffen
965fce31c3 newer releases of dpkg-query does not have PackageSpec 2012-12-09 13:55:22 +01:00
Andreas Steffen
4037bb5288 ignore ports of the 127.0.1.1 internal system address 2012-12-09 13:26:34 +01:00
Martin Willi
137ea41f45 Properly trigger ike_updown() event if IKEv1 DPD times out 
Fixes missing RADIUS Accounting Stop, #257.
 2012-12-04 11:11:50 +01:00
Martin Willi
b091d80aff Replace optionsfrom LGPLv2 header by a GPLv2 2012-11-30 18:00:39 +01:00
Martin Willi
01bc9bf428 Fix GPL license header to properly "sed" it 2012-11-30 18:00:33 +01:00
Martin Willi
c543616315 Add locking to IMC/IMV managers to add/remove IMC/IMVs on the fly 2012-11-30 15:49:23 +01:00
Martin Willi
7e45257f7d Reuse generic constructor in IMV/IMC message 2012-11-30 15:49:12 +01:00
Martin Willi
a6722e5653 Add getters for the raw encoding in IMV/IMC messages 2012-11-30 15:49:07 +01:00