sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-06 00:00:47 -04:00
Code Issues Projects Releases Wiki Activity
15,954 Commits 101 Branches 327 Tags
Commit Graph

15954 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andreas Steffen
964bf73237 sw-collector: Moved to its own directory and added man page 2017-07-18 07:25:45 +02:00
Andreas Steffen
34cade8b84 pt-tls-client: Added man page 2017-07-16 15:37:03 +02:00
Andreas Steffen
693705c74e Version bump to 5.6.0dr2 5.6.0dr2 2017-07-13 14:24:32 +02:00
Andreas Steffen
cab4cc3a10 sw-collector: strip arch suffix from package names 2017-07-13 12:03:27 +02:00
Andreas Steffen
5b1dbc3a8d sw-collector: Check for epoch-less Debian package versions 2017-07-12 19:12:22 +02:00
Andreas Steffen
eab650d62f libtpmtss: Support of Intel TABRMD interface 2017-07-12 17:07:34 +02:00
Andreas Steffen
991703007a Version bump to 5.6.0dr1 
This major version includes the new SWIMA IMC/IMV pair which
implements the "draft-ietf-sacm-nea-swima-patnc" Internet Draft.
Full compliance to the ISO 19770-2:2015 SWID tag standard has
been achieved.
5.6.0dr1 		2017-07-08 23:21:56 +02:00
Andreas Steffen
803ac56626 Merge branch 'swima' 2017-07-08 23:20:32 +02:00
Andreas Steffen
23e0d6dca3 testing: Added tnc/tnccs-20-nea-pt-tls scenario 2017-07-08 23:19:51 +02:00
Andreas Steffen
facf1c76ea testing: Adaptation to ISO 19770-2:2015 SWID standard 2017-07-08 23:19:51 +02:00
Andreas Steffen
3bf8392d36 pt-tls-client: Support for TPM keyids 2017-07-08 23:19:51 +02:00
Andreas Steffen
49d56e1b39 imv-swima: Implemented SW event processing 2017-07-08 23:19:51 +02:00
Andreas Steffen
74aa1626d2 sw-collector: Query central collector database 2017-07-08 23:19:51 +02:00
Andreas Steffen
8ba6bf511e libimcv: Moved REST API from imv_swid and imv_swima to libimcv 2017-07-08 23:19:51 +02:00
Andreas Steffen
7e796bba67 swidtag: strongSwan swidtag file with double underscores 2017-07-08 23:19:51 +02:00
Andreas Steffen
032a5767ad sw-collector: Collects endpoint software events 2017-07-08 23:19:51 +02:00
Andreas Steffen
3a7c594c14 imv-swima: Created SWIMA IMV plugin 2017-07-08 23:19:51 +02:00
Andreas Steffen
2821c0f740 imc-swima: Created SWIMA IMC plugin 2017-07-08 23:19:51 +02:00
Andreas Steffen
bf22470623 unit-tests: Added IETF SWIMA PA-TNC attribute tests 2017-07-08 23:19:51 +02:00
Andreas Steffen
84c0366bd3 libimcv: Implemented IETF SW PA-TNC attributes 2017-07-08 23:19:51 +02:00
Andreas Steffen
bb87af2a73 libimcv: Fixed memory leak 2017-07-08 23:19:51 +02:00
Andreas Steffen
37205b05e6 libimcv: Corrected order of subscription flags 2017-07-08 23:19:51 +02:00
Andreas Steffen
0cc0b53b2f libimcv: Added IETF Software PA-TNC attributes 2017-07-08 23:19:51 +02:00
Andreas Steffen
8c4c824706 libtncif: Added IETF Software PA-TNC message subtype 2017-07-08 23:19:51 +02:00
Andreas Steffen
6795de0408 libimcv: SWID tag generation and discovery 2017-07-08 23:19:51 +02:00
Andreas Steffen
60da0153ee libimcv: Update database to ISO 19770-2:2015 SWID standard 2017-07-08 23:19:51 +02:00
Andreas Steffen
88b941939f testing: Fixed typo in openssl-ikev2/rw-suite-b-192 scenario 2017-07-08 23:19:18 +02:00
Tobias Brunner
49917f0028 testing: Support running multiple tests with * as wildcard (e.g. ikev2/ocsp-*) 2017-07-07 09:23:14 +02:00
Tobias Brunner
d7dc677ee5 x509: Correctly encode nonce in OCSP request 
The nonce value is encoded as OCTET STRING, however, the extension
values themselves must also be encoded as OCTET STRING.
 2017-07-07 08:57:14 +02:00
Tobias Brunner
93e0898f60 swanctl: Document eap_id in remote sections 2017-07-05 18:08:04 +02:00
Tobias Brunner
fd0a7b4795 kernel-pfroute: Make sure there is a netmask when enumerating subnets 2017-07-05 10:21:25 +02:00
Tobias Brunner
ef6b710f19 pki: Load pubkey plugin to print public keys 
Since 3317d0e77b1a the public keys are printed via certificate printer,
but that only works if the public key is actually wrapped, which
requires the pubkey plugin.

Fixes: 3317d0e77b1a ("Standardized printing of certificate information")
 2017-07-05 10:15:45 +02:00
Tobias Brunner
609457e4c8 pki: Fix typo in --print man page 2017-07-05 10:15:45 +02:00
Tobias Brunner
7aa30575d5 sql: Use qualified names in SQL query statements 
VIRTUAL is a new reserved keyword in MySQL 5.7.6 that caused some of these
queries to fail.

Fixes #2359.
 2017-07-05 10:13:39 +02:00
Tobias Brunner
a3bcbb4c64 stroke: Don't load configs with invalid proposals 
References #2347.
 2017-07-05 10:08:36 +02:00
Tobias Brunner
5d580ae063 ikev1: Determine transform ID before mapping integrity algorithm ID 
Due to the lookup based on the mapped algorithm ID the resulting AH
proposals were invalid.

Fixes #2347.

Fixes: 8456d6f5a8e9 ("ikev1: Don't require AH mapping for integrity algorithm when generating proposal")
 2017-07-05 10:08:20 +02:00
Tobias Brunner
1aba82bfd7 eap-aka-3gpp: Add plugin that implements 3GPP MILENAGE algorithm in software 
This is similar to the eap-aka-3gpp2 plugin. K (optionally concatenated
with OPc) may be configured as binary EAP secret in ipsec.secrets or
swanctl.conf.

Based on a patch by Thomas Strangert.

Fixes #2326.
 2017-07-05 10:03:38 +02:00
Tobias Brunner
7004a59a4c utils: Make second argument to memxor() const 2017-07-05 10:02:05 +02:00
Tobias Brunner
909d7dca17 android: New release after fixing issues with older Android versions and DB upgrade 2017-07-04 11:55:04 +02:00
Tobias Brunner
ccb6e9f1b0 android: Fix database update from older versions 2017-07-04 11:55:04 +02:00
Tobias Brunner
a63b0f9982 android: Fix version string on older Android releases 
SECURITY_PATCH is apparently only available since Android 6.
 2017-07-04 11:54:57 +02:00
Tobias Brunner
480d56da5f android: New release after fixing crash with existing profiles 2017-07-03 13:44:49 +02:00
Tobias Brunner
ebf369c483 android: Fix null pointer dereference with existing profiles 2017-07-03 13:43:53 +02:00
Tobias Brunner
64c2d3ca3e android: Only show disconnect button if actually connected 2017-07-03 12:11:30 +02:00
Tobias Brunner
1b1060821e android: New release after adding lots of new stuff 2017-07-03 10:47:43 +02:00
Tobias Brunner
c0990c187b Merge branch '2309-android-disconnect-button' 
Adds a disconnect button to the permanent notification.

Fixes #2309.
 2017-07-03 10:40:37 +02:00
Tobias Brunner
6333a756ee android: Close activity when dialog is canceled if it was not visible before 
onPause/onResume() won't work because onPause() is called right before
onNewIntent().
 2017-07-03 10:39:26 +02:00
Tobias Brunner
1265b353d4 android: Allow disconnecting via MainActivity but display a confirmation dialog 2017-07-03 10:39:26 +02:00
Tobias Brunner
d0ed8ee89e android: Add disconnect button to notification 2017-07-03 10:39:23 +02:00
Tobias Brunner
aea901bbbe Merge branch 'android-certreq' 
This adds an option that allows disabling certificate requests during
IKE_AUTH.
 2017-07-03 10:37:21 +02:00