sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity
9,135 Commits 101 Branches 327 Tags
Commit Graph

9135 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tobias Brunner
bc6d944705 Added an option to rename the ipsec script during installation 
Also rename the man page and adjust all references in the script, the
man page and other files.

Closes #194.
 2012-06-25 16:53:38 +02:00
Tobias Brunner
d86cf32b4b Removed -o argument when creating .../ipsec.d with install 
This should have been removed with 2b52d5cb41.
 2012-06-25 16:37:34 +02:00
Tobias Brunner
34a80708e2 Updated ipsec script man page after removing pluto 2012-06-25 16:37:34 +02:00
Tobias Brunner
738b9121cb Use mac_t and PRF and signer wrappers in cmac plugin 2012-06-25 16:35:06 +02:00
Tobias Brunner
83cb52b044 Use mac_t and PRF and signer wrappers in xcbc plugin 2012-06-25 16:35:06 +02:00
Tobias Brunner
c4a3c9672a Make the hmac_t interface a generic interface for message authentication codes 2012-06-25 16:35:06 +02:00
Tobias Brunner
228d096e42 Simplified creation of PRFs and signers in openssl and hmac plugins 2012-06-25 16:35:06 +02:00
Tobias Brunner
01850f5d55 Function to convert PRFs to hash algorithms added 2012-06-25 16:35:06 +02:00
Tobias Brunner
903093d439 hasher_algorithm_from_integrity() optionally returns truncation length 2012-06-25 16:35:06 +02:00
Tobias Brunner
73d032e412 Use simple wrappers for HMAC based PRF and signer in openssl plugin 2012-06-25 16:35:06 +02:00
Tobias Brunner
63420c6e13 Use simple wrappers for HMAC based PRF and signer in hmac plugin 2012-06-25 16:35:06 +02:00
Tobias Brunner
57ff4be874 Simple wrappers for HMAC based prf_t and signer_t implementations added 2012-06-25 16:35:06 +02:00
Tobias Brunner
8391c1d0b1 Refactored OpenSSL based HMAC implementation 2012-06-25 16:35:06 +02:00
Aleksandr Grinberg
54081897cf Adding OpenSSL HMAC signer functions to openssl plugin 2012-06-25 16:35:05 +02:00
Aleksandr Grinberg
0504b0a09f Adding OpenSSL HMAC pseudo random functions to openssl plugin 2012-06-25 16:35:05 +02:00
Aleksandr Grinberg
4faece7b1e Adding OpenSSL random number functions to openssl plugin 2012-06-25 16:35:05 +02:00
Tobias Brunner
7beb31aae4 Fixed IPv6 source address lookup 
Because Linux kernels prior to 3.0 do not support RTA_PREFSRC for
IPv6 routes we didn't use NLM_F_DUMP to get all routes.
Still routes installed with policies are installed also for IPv6.
So since only one route is returned without DUMP, and we ignore
all routes from our own routing table, no source address was found
during roaming if DST of the installed route included the IKE peer.

With newer kernels we can now use DUMP as we did for IPv4 already,
for older kernels we do so if our own routes are installed in a
separate routing table, otherwise we still use GET.
 2012-06-25 16:29:59 +02:00
Andreas Steffen
5d476b4266 updated default configuration of UML hosts to 5.0.0 2012-06-25 13:04:55 +02:00
Andreas Steffen
c38d6905a2 added charon.cisco_unity to strongswan.conf.5 man page 2012-06-25 11:47:40 +02:00
Andreas Steffen
554a697a84 support Cisco Unity VID 2012-06-25 11:09:06 +02:00
Tobias Brunner
720ba902c5 Enable xauth-generic by default but don't build it if IKEv1 is disabled 2012-06-25 11:07:49 +02:00
Tobias Brunner
2e4c807bf3 Remove CREDITS from distribution 2012-06-25 11:07:35 +02:00
Tobias Brunner
20bda203f9 The AUTHORS file is required by automake 2012-06-25 10:59:27 +02:00
Tobias Brunner
d50b9be571 LICENSE file updated 2012-06-25 10:52:16 +02:00
Tobias Brunner
c236f19e50 ldaphost and ldapbase ca section keywords are deprecated 2012-06-25 10:52:16 +02:00
Tobias Brunner
693805cc98 Removed pluto-specifics from ipsec script 2012-06-25 10:52:16 +02:00
Tobias Brunner
f5a3b95a39 README file cleaned up and updated 2012-06-25 10:52:16 +02:00
Martin Willi
0ba1ddaa24 Enforce uniqueids=keep based on XAuth identity 2012-06-25 10:18:35 +02:00
Martin Willi
f145ea29e0 Don't send XAUTH_OK if a hook prevents SA to establish 2012-06-25 10:18:35 +02:00
Martin Willi
0c32b9c62f Enforce uniqueids=keep only for non-XAuth Main/Agressive Modes 2012-06-25 10:18:35 +02:00
Martin Willi
dd1381e7d3 Show EAP/XAuth identity in "ipsec status", if available 2012-06-25 10:18:35 +02:00
Martin Willi
0fbfcf2a3a Use XAuth/EAP remote identity for uniqueness check 2012-06-25 10:18:34 +02:00
Martin Willi
de5e8fb4e0 Add missing XAuth name variable when complaining about missing XAuth backend 2012-06-25 10:09:27 +02:00
Andreas Steffen
f84180bb89 removed AUTHORS and CREDITS 2012-06-25 08:45:10 +02:00
Andreas Steffen
a7b8e380dc some copyright additions 2012-06-23 12:09:29 +02:00
Andreas Steffen
e398dfb4c3 update copyright 2012-06-23 11:57:42 +02:00
Andreas Steffen
83c75fd10f version bump to 5.0.0 2012-06-23 11:32:54 +02:00
Tobias Brunner
e91157a4b6 Fix SIGSEGV if kernel install fails during Quick Mode as responder. 2012-06-22 11:34:38 +02:00
Andreas Steffen
fc16296391 adapted description to IKEv2 2012-06-22 09:53:37 +02:00
Tobias Brunner
aa8898bc45 Fixed compile error because of charon->name in certexpire plugin. 2012-06-21 13:59:18 +02:00
Andreas Steffen
bf577b6714 fixed typo 2012-06-20 11:15:09 +02:00
Andreas Steffen
0802b8359e added ipv6/rw-ip6-in-ip4-ikev1 scenario 2012-06-20 11:13:20 +02:00
Andreas Steffen
36988a0a37 added ipv6/rw-ip6-in-ip4-ikev2 scenario 2012-06-20 11:03:51 +02:00
Martin Willi
e2dd114f37 Select requested virtual IP family based on remote TS, if no local TS available 2012-06-20 10:02:01 +02:00
Andreas Steffen
f2fc138e8e upgraded UML options to 5.0.0 2012-06-19 19:34:26 +02:00
Tobias Brunner
5d227c79a9 Doxygen fix in PKCS#7 wrapper 2012-06-19 13:32:59 +02:00
Andreas Steffen
87f8ff168b sleep one second more 2012-06-19 06:18:05 +02:00
Andreas Steffen
e4012ae386 use socket-default in scenario 2012-06-19 06:17:37 +02:00
Andreas Steffen
bc60bb8bf4 added ikev1/xauth-id-rsa-hybrid scenario 2012-06-18 22:51:50 +02:00
Andreas Steffen
771a66c6a0 added ikev1/xauth-id-rsa-aggressive scenario 2012-06-18 22:30:26 +02:00